Fix memory leak in CSR test suite on failure
This commit is contained in:
parent
2fcdd7446e
commit
bf2dacb8fe
1 changed files with 14 additions and 4 deletions
|
@ -39,26 +39,36 @@ static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
|
||||||
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
|
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
|
||||||
const mbedtls_md_info_t *md_info;
|
const mbedtls_md_info_t *md_info;
|
||||||
mbedtls_x509_csr csr;
|
mbedtls_x509_csr csr;
|
||||||
|
int ret = 0;
|
||||||
|
|
||||||
|
mbedtls_x509_csr_init( &csr );
|
||||||
|
|
||||||
if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 )
|
if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 )
|
||||||
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
|
{
|
||||||
|
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
md_info = mbedtls_md_info_from_type( csr.sig_md );
|
md_info = mbedtls_md_info_from_type( csr.sig_md );
|
||||||
if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
|
if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
|
||||||
{
|
{
|
||||||
/* Note: this can't happen except after an internal error */
|
/* Note: this can't happen except after an internal error */
|
||||||
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
|
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
||||||
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
|
if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
|
||||||
csr.sig_md, hash, mbedtls_md_get_size( md_info ),
|
csr.sig_md, hash, mbedtls_md_get_size( md_info ),
|
||||||
csr.sig.p, csr.sig.len ) != 0 )
|
csr.sig.p, csr.sig.len ) != 0 )
|
||||||
{
|
{
|
||||||
return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );
|
ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
|
||||||
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
|
||||||
mbedtls_x509_csr_free( &csr );
|
mbedtls_x509_csr_free( &csr );
|
||||||
return( 0 );
|
return( ret );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue