From 6087f200bffe5f518f2df0883a7fe4b259f994d5 Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Fri, 4 May 2018 08:34:22 +0200 Subject: [PATCH 1/3] Fix memory leak in mbedtls_x509_csr_parse --- library/x509_csr.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/x509_csr.c b/library/x509_csr.c index 26a06db4f..8bb7f3363 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -294,11 +294,9 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz /* * Was PEM encoded, parse the result */ - if( ( ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 ) - return( ret ); - + ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); mbedtls_pem_free( &pem ); - return( 0 ); + return( ret ); } else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) { From c03059db42e7e1bc2c1c86615fd802b3a7a4de8b Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Thu, 14 Jun 2018 07:35:11 +0200 Subject: [PATCH 2/3] Simplify code in mbedtls_x509_csr_parse --- library/x509_csr.c | 28 ++++++++++------------------ 1 file changed, 10 insertions(+), 18 deletions(-) diff --git a/library/x509_csr.c b/library/x509_csr.c index 8bb7f3363..40a0f2061 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -278,32 +278,24 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_init( &pem ); - /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buf[buflen - 1] != '\0' ) - ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else + if( buf[buflen - 1] == '\0' ) { + mbedtls_pem_init( &pem ); ret = mbedtls_pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", buf, NULL, 0, &use_len ); - if( ret == 0 ) - { - /* - * Was PEM encoded, parse the result - */ - ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); + if( ret == 0 ) + /* + * Was PEM encoded, parse the result + */ + ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); + mbedtls_pem_free( &pem ); - return( ret ); + if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + return( ret ); } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); - return( ret ); - } - else #endif /* MBEDTLS_PEM_PARSE_C */ return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) ); } From 21f73b57edf366392643fb53b545c2e566fe3ac7 Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Wed, 20 Jun 2018 08:13:24 +0200 Subject: [PATCH 3/3] Coding style Commit to be squashed --- library/x509_csr.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/x509_csr.c b/library/x509_csr.c index 40a0f2061..779098d4e 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -279,7 +279,8 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz #if defined(MBEDTLS_PEM_PARSE_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buf[buflen - 1] == '\0' ) { + if( buf[buflen - 1] == '\0' ) + { mbedtls_pem_init( &pem ); ret = mbedtls_pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----",