Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / 77f4f39ea6f07914d7814d88a214134f10efe8fd^! / .
commit77f4f39ea6f07914d7814d88a214134f10efe8fd[log] [tgz]
authorPaul Bakker <p.j.bakker@polarssl.org>Wed Mar 26 15:28:55 2014 +0100
committerPaul Bakker <p.j.bakker@polarssl.org>Wed Mar 26 15:30:20 2014 +0100
tree30926b5c6ad2784c6887af497bc7be82404b915e
parentdb1f05985e035a3d1eb5eec805aa5ee9b94521e2 [diff]
Make sure no random pointer occur during failed malloc()'s

diff --git a/ChangeLog b/ChangeLog
index cf5897b..38f14dd 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -56,6 +56,8 @@
      containing a client certificate
    * ssl_init() was leaving a dirty pointer in ssl_context if malloc of
      out_ctr failed
+   * ssl_handshake_init() was leaving dirty pointers in subcontexts if malloc
+     of one of them failed
    * Fix typo in rsa_copy() that impacted PKCS#1 v2 contexts
 
 = PolarSSL 1.3.4 released on 2014-01-27

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f38802d..681b7c3 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -3318,6 +3318,9 @@
     {
         ssl->transform_negotiate =
             (ssl_transform *) polarssl_malloc( sizeof(ssl_transform) );
+
+        if( ssl->transform_negotiate != NULL )
+            memset( ssl->transform_negotiate, 0, sizeof(ssl_transform) );
     }
 
     if( ssl->session_negotiate )
@@ -3326,6 +3329,9 @@
     {
         ssl->session_negotiate =
             (ssl_session *) polarssl_malloc( sizeof(ssl_session) );
+
+        if( ssl->session_negotiate != NULL )
+            memset( ssl->session_negotiate, 0, sizeof(ssl_session) );
     }
 
     if( ssl->handshake )
@@ -3334,6 +3340,9 @@
     {
         ssl->handshake = (ssl_handshake_params *)
             polarssl_malloc( sizeof(ssl_handshake_params) );
+
+        if( ssl->handshake != NULL )
+            memset( ssl->handshake, 0, sizeof(ssl_handshake_params) );
     }
 
     if( ssl->handshake == NULL ||
@@ -3344,10 +3353,6 @@
         return( POLARSSL_ERR_SSL_MALLOC_FAILED );
     }
 
-    memset( ssl->handshake, 0, sizeof(ssl_handshake_params) );
-    memset( ssl->transform_negotiate, 0, sizeof(ssl_transform) );
-    memset( ssl->session_negotiate, 0, sizeof(ssl_session) );
-
 #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
     defined(POLARSSL_SSL_PROTO_TLS1_1)
      md5_starts( &ssl->handshake->fin_md5 );