From c03487d463fe0f6eb30a89291100fd39c48e61b4 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 25 Jul 2017 15:07:58 -0700 Subject: [PATCH] =?UTF-8?q?Fix=20for=20dynamic=20type=20of=20ED25519=20key?= =?UTF-8?q?=20and=20PK=5FCALLBACK=20buffer=20not=20being=20free=E2=80=99d.?= =?UTF-8?q?=20Fix=20for=20portNumber=20stack=20var=20being=20used=20out=20?= =?UTF-8?q?of=20scope.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/internal.c | 18 +++++++++++++++--- tests/suites.c | 4 +++- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/src/internal.c b/src/internal.c index 82ca56f6d..a93aaf193 100755 --- a/src/internal.c +++ b/src/internal.c @@ -4646,6 +4646,13 @@ void SSL_ResourceFree(WOLFSSL* ssl) #ifdef HAVE_ED25519 FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key); ssl->peerEd25519KeyPresent = 0; + #ifdef HAVE_PK_CALLBACKS + if (ssl->buffers.peerEd25519Key.buffer != NULL) { + XFREE(ssl->buffers.peerEd25519Key.buffer, ssl->heap, + DYNAMIC_TYPE_ED25519); + ssl->buffers.peerEd25519Key.buffer = NULL; + } + #endif #endif #ifdef HAVE_PK_CALLBACKS #ifdef HAVE_ECC @@ -4838,6 +4845,11 @@ void FreeHandshakeResources(WOLFSSL* ssl) XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA); ssl->buffers.peerRsaKey.buffer = NULL; #endif /* NO_RSA */ + #ifdef HAVE_ED25519 + XFREE(ssl->buffers.peerEd25519Key.buffer, ssl->heap, + DYNAMIC_TYPE_ED25519); + ssl->buffers.peerEd25519Key.buffer = NULL; + #endif #endif /* HAVE_PK_CALLBACKS */ #ifdef HAVE_QSH @@ -8489,10 +8501,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, int keyRet = 0; if (ssl->peerEd25519Key == NULL) { /* alloc/init on demand */ - keyRet = AllocKey(ssl, DYNAMIC_TYPE_ECC, + keyRet = AllocKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key); } else if (ssl->peerEd25519KeyPresent) { - keyRet = ReuseKey(ssl, DYNAMIC_TYPE_ECC, + keyRet = ReuseKey(ssl, DYNAMIC_TYPE_ED25519, ssl->peerEd25519Key); ssl->peerEd25519KeyPresent = 0; } @@ -8509,7 +8521,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, #ifdef HAVE_PK_CALLBACKS ssl->buffers.peerEd25519Key.buffer = (byte*)XMALLOC(args->dCert->pubKeySize, - ssl->heap, DYNAMIC_TYPE_ECC); + ssl->heap, DYNAMIC_TYPE_ED25519); if (ssl->buffers.peerEd25519Key.buffer == NULL) { ERROR_OUT(MEMORY_ERROR, exit_ppc); } diff --git a/tests/suites.c b/tests/suites.c index 7f4a02be1..dbff4c999 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -182,6 +182,9 @@ static int execute_test_case(int svr_argc, char** svr_argv, int i; size_t added; static int tests = 1; +#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS) + char portNumber[8]; +#endif /* Is Valid Cipher and Version Checks */ /* build command list for the Is checks below */ @@ -298,7 +301,6 @@ static int execute_test_case(int svr_argc, char** svr_argv, if (cliArgs.argc + 2 > MAX_ARGS) printf("cannot add the magic port number flag to client\n"); else { - char portNumber[8]; snprintf(portNumber, sizeof(portNumber), "%d", ready.port); cli_argv[cliArgs.argc++] = portFlag; cli_argv[cliArgs.argc++] = portNumber;