mirror of https://github.com/wolfSSL/wolfssl
Fix for dynamic type of ED25519 key and PK_CALLBACK buffer not being free’d. Fix for portNumber stack var being used out of scope.
This commit is contained in:
parent
f9dee9adcc
commit
c03487d463
|
@ -4646,6 +4646,13 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
||||||
#ifdef HAVE_ED25519
|
#ifdef HAVE_ED25519
|
||||||
FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key);
|
FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key);
|
||||||
ssl->peerEd25519KeyPresent = 0;
|
ssl->peerEd25519KeyPresent = 0;
|
||||||
|
#ifdef HAVE_PK_CALLBACKS
|
||||||
|
if (ssl->buffers.peerEd25519Key.buffer != NULL) {
|
||||||
|
XFREE(ssl->buffers.peerEd25519Key.buffer, ssl->heap,
|
||||||
|
DYNAMIC_TYPE_ED25519);
|
||||||
|
ssl->buffers.peerEd25519Key.buffer = NULL;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_PK_CALLBACKS
|
#ifdef HAVE_PK_CALLBACKS
|
||||||
#ifdef HAVE_ECC
|
#ifdef HAVE_ECC
|
||||||
|
@ -4838,6 +4845,11 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||||
XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA);
|
XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA);
|
||||||
ssl->buffers.peerRsaKey.buffer = NULL;
|
ssl->buffers.peerRsaKey.buffer = NULL;
|
||||||
#endif /* NO_RSA */
|
#endif /* NO_RSA */
|
||||||
|
#ifdef HAVE_ED25519
|
||||||
|
XFREE(ssl->buffers.peerEd25519Key.buffer, ssl->heap,
|
||||||
|
DYNAMIC_TYPE_ED25519);
|
||||||
|
ssl->buffers.peerEd25519Key.buffer = NULL;
|
||||||
|
#endif
|
||||||
#endif /* HAVE_PK_CALLBACKS */
|
#endif /* HAVE_PK_CALLBACKS */
|
||||||
|
|
||||||
#ifdef HAVE_QSH
|
#ifdef HAVE_QSH
|
||||||
|
@ -8489,10 +8501,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||||
int keyRet = 0;
|
int keyRet = 0;
|
||||||
if (ssl->peerEd25519Key == NULL) {
|
if (ssl->peerEd25519Key == NULL) {
|
||||||
/* alloc/init on demand */
|
/* alloc/init on demand */
|
||||||
keyRet = AllocKey(ssl, DYNAMIC_TYPE_ECC,
|
keyRet = AllocKey(ssl, DYNAMIC_TYPE_ED25519,
|
||||||
(void**)&ssl->peerEd25519Key);
|
(void**)&ssl->peerEd25519Key);
|
||||||
} else if (ssl->peerEd25519KeyPresent) {
|
} else if (ssl->peerEd25519KeyPresent) {
|
||||||
keyRet = ReuseKey(ssl, DYNAMIC_TYPE_ECC,
|
keyRet = ReuseKey(ssl, DYNAMIC_TYPE_ED25519,
|
||||||
ssl->peerEd25519Key);
|
ssl->peerEd25519Key);
|
||||||
ssl->peerEd25519KeyPresent = 0;
|
ssl->peerEd25519KeyPresent = 0;
|
||||||
}
|
}
|
||||||
|
@ -8509,7 +8521,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||||
#ifdef HAVE_PK_CALLBACKS
|
#ifdef HAVE_PK_CALLBACKS
|
||||||
ssl->buffers.peerEd25519Key.buffer =
|
ssl->buffers.peerEd25519Key.buffer =
|
||||||
(byte*)XMALLOC(args->dCert->pubKeySize,
|
(byte*)XMALLOC(args->dCert->pubKeySize,
|
||||||
ssl->heap, DYNAMIC_TYPE_ECC);
|
ssl->heap, DYNAMIC_TYPE_ED25519);
|
||||||
if (ssl->buffers.peerEd25519Key.buffer == NULL) {
|
if (ssl->buffers.peerEd25519Key.buffer == NULL) {
|
||||||
ERROR_OUT(MEMORY_ERROR, exit_ppc);
|
ERROR_OUT(MEMORY_ERROR, exit_ppc);
|
||||||
}
|
}
|
||||||
|
|
|
@ -182,6 +182,9 @@ static int execute_test_case(int svr_argc, char** svr_argv,
|
||||||
int i;
|
int i;
|
||||||
size_t added;
|
size_t added;
|
||||||
static int tests = 1;
|
static int tests = 1;
|
||||||
|
#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
|
||||||
|
char portNumber[8];
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Is Valid Cipher and Version Checks */
|
/* Is Valid Cipher and Version Checks */
|
||||||
/* build command list for the Is checks below */
|
/* build command list for the Is checks below */
|
||||||
|
@ -298,7 +301,6 @@ static int execute_test_case(int svr_argc, char** svr_argv,
|
||||||
if (cliArgs.argc + 2 > MAX_ARGS)
|
if (cliArgs.argc + 2 > MAX_ARGS)
|
||||||
printf("cannot add the magic port number flag to client\n");
|
printf("cannot add the magic port number flag to client\n");
|
||||||
else {
|
else {
|
||||||
char portNumber[8];
|
|
||||||
snprintf(portNumber, sizeof(portNumber), "%d", ready.port);
|
snprintf(portNumber, sizeof(portNumber), "%d", ready.port);
|
||||||
cli_argv[cliArgs.argc++] = portFlag;
|
cli_argv[cliArgs.argc++] = portFlag;
|
||||||
cli_argv[cliArgs.argc++] = portNumber;
|
cli_argv[cliArgs.argc++] = portNumber;
|
||||||
|
|
Loading…
Reference in New Issue