Merge remote-tracking branch 'restricted/pr/491' into development-restricted
This commit is contained in:
Simon Butcher
commit
7f85563f9b
2 changed files with 37 additions and 5 deletions
|
|
@ -2,6 +2,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||
|
||||
= mbed TLS x.x.x branch released xxxx-xx-xx
|
||||
|
||||
Security
|
||||
* Fix a potential memory leak in mbedtls_ssl_setup( ) function. An allocation
|
||||
failure could leave an unreleased buffer. A handshake init failure would
|
||||
lead to leaving two unreleased buffers.
|
||||
|
||||
Features
|
||||
* Add support for fragmentation of outgoing DTLS handshake messages. This
|
||||
is controlled by the maximum fragment length as set locally or negotiated
|
||||
|
|
|
|||
|
|
@ -6293,28 +6293,55 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
|
|||
/*
|
||||
* Prepare base structures
|
||||
*/
|
||||
|
||||
/* Set to NULL in case of an error condition */
|
||||
ssl->out_buf = NULL;
|
||||
|
||||
ssl->in_buf = mbedtls_calloc( 1, MBEDTLS_SSL_IN_BUFFER_LEN );
|
||||
if( ssl->in_buf == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_IN_BUFFER_LEN) );
|
||||
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
|
||||
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
|
||||
goto error;
|
||||
}
|
||||
|
||||
ssl->out_buf = mbedtls_calloc( 1, MBEDTLS_SSL_OUT_BUFFER_LEN );
|
||||
if( ssl->out_buf == NULL )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_OUT_BUFFER_LEN) );
|
||||
mbedtls_free( ssl->in_buf );
|
||||
ssl->in_buf = NULL;
|
||||
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
|
||||
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
|
||||
goto error;
|
||||
}
|
||||
|
||||
ssl_reset_in_out_pointers( ssl );
|
||||
|
||||
if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
|
||||
return( ret );
|
||||
goto error;
|
||||
|
||||
return( 0 );
|
||||
|
||||
error:
|
||||
mbedtls_free( ssl->in_buf );
|
||||
mbedtls_free( ssl->out_buf );
|
||||
|
||||
ssl->conf = NULL;
|
||||
|
||||
ssl->in_buf = NULL;
|
||||
ssl->out_buf = NULL;
|
||||
|
||||
ssl->in_hdr = NULL;
|
||||
ssl->in_ctr = NULL;
|
||||
ssl->in_len = NULL;
|
||||
ssl->in_iv = NULL;
|
||||
ssl->in_msg = NULL;
|
||||
|
||||
ssl->out_hdr = NULL;
|
||||
ssl->out_ctr = NULL;
|
||||
ssl->out_len = NULL;
|
||||
ssl->out_iv = NULL;
|
||||
ssl->out_msg = NULL;
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
Loading…
Reference in a new issue