mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix for dynamic type of ED25519 key and PK_CALLBACK buffer not being free’d. Fix for portNumber stack var being used out of scope.

This commit is contained in:
David Garske 2017-07-25 15:07:58 -07:00
parent f9dee9adcc
commit c03487d463
2 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/internal.c
View File

@ -4646,6 +4646,13 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#ifdef HAVE_ED25519 #ifdef HAVE_ED25519
FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key); FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key);
ssl->peerEd25519KeyPresent = 0; ssl->peerEd25519KeyPresent = 0;
#ifdef HAVE_PK_CALLBACKS
if (ssl->buffers.peerEd25519Key.buffer != NULL) {
XFREE(ssl->buffers.peerEd25519Key.buffer, ssl->heap,
DYNAMIC_TYPE_ED25519);
ssl->buffers.peerEd25519Key.buffer = NULL;
}
#endif
#endif #endif
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC #ifdef HAVE_ECC
@ -4838,6 +4845,11 @@ void FreeHandshakeResources(WOLFSSL* ssl)
XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA); XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA);
ssl->buffers.peerRsaKey.buffer = NULL; ssl->buffers.peerRsaKey.buffer = NULL;
#endif /* NO_RSA */ #endif /* NO_RSA */
#ifdef HAVE_ED25519
XFREE(ssl->buffers.peerEd25519Key.buffer, ssl->heap,
DYNAMIC_TYPE_ED25519);
ssl->buffers.peerEd25519Key.buffer = NULL;
#endif
#endif /* HAVE_PK_CALLBACKS */ #endif /* HAVE_PK_CALLBACKS */
#ifdef HAVE_QSH #ifdef HAVE_QSH
@ -8489,10 +8501,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
int keyRet = 0; int keyRet = 0;
if (ssl->peerEd25519Key == NULL) { if (ssl->peerEd25519Key == NULL) {
/* alloc/init on demand */ /* alloc/init on demand */
keyRet = AllocKey(ssl, DYNAMIC_TYPE_ECC, keyRet = AllocKey(ssl, DYNAMIC_TYPE_ED25519,
(void**)&ssl->peerEd25519Key); (void**)&ssl->peerEd25519Key);
} else if (ssl->peerEd25519KeyPresent) { } else if (ssl->peerEd25519KeyPresent) {
keyRet = ReuseKey(ssl, DYNAMIC_TYPE_ECC, keyRet = ReuseKey(ssl, DYNAMIC_TYPE_ED25519,
ssl->peerEd25519Key); ssl->peerEd25519Key);
ssl->peerEd25519KeyPresent = 0; ssl->peerEd25519KeyPresent = 0;
} }
@ -8509,7 +8521,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
ssl->buffers.peerEd25519Key.buffer = ssl->buffers.peerEd25519Key.buffer =
(byte*)XMALLOC(args->dCert->pubKeySize, (byte*)XMALLOC(args->dCert->pubKeySize,
ssl->heap, DYNAMIC_TYPE_ECC); ssl->heap, DYNAMIC_TYPE_ED25519);
if (ssl->buffers.peerEd25519Key.buffer == NULL) { if (ssl->buffers.peerEd25519Key.buffer == NULL) {
ERROR_OUT(MEMORY_ERROR, exit_ppc); ERROR_OUT(MEMORY_ERROR, exit_ppc);
} }

4
tests/suites.c
View File

@ -182,6 +182,9 @@ static int execute_test_case(int svr_argc, char** svr_argv,
int i; int i;
size_t added; size_t added;
static int tests = 1; static int tests = 1;
#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
char portNumber[8];
#endif
/* Is Valid Cipher and Version Checks */ /* Is Valid Cipher and Version Checks */
/* build command list for the Is checks below */ /* build command list for the Is checks below */
@ -298,7 +301,6 @@ static int execute_test_case(int svr_argc, char** svr_argv,
if (cliArgs.argc + 2 > MAX_ARGS) if (cliArgs.argc + 2 > MAX_ARGS)
printf("cannot add the magic port number flag to client\n"); printf("cannot add the magic port number flag to client\n");
else { else {
char portNumber[8];
snprintf(portNumber, sizeof(portNumber), "%d", ready.port); snprintf(portNumber, sizeof(portNumber), "%d", ready.port);
cli_argv[cliArgs.argc++] = portFlag; cli_argv[cliArgs.argc++] = portFlag;
cli_argv[cliArgs.argc++] = portNumber; cli_argv[cliArgs.argc++] = portNumber;