• Manuel Pégourié-Gonnard's avatar
    Fix potential double free in cert writing code · 97b5209b
    Manuel Pégourié-Gonnard authored
    In case an entry with the given OID already exists in the list passed to
    mbedtls_asn1_store_named_data() and there is not enough memory to allocate
    room for the new value, the existing entry will be freed but the preceding
    entry in the list will sill hold a pointer to it. (And the following entries
    in the list are no longer reachable.) This results in memory leak or a double
    The issue is we want to leave the list in a consistent state on allocation
    failure. (We could add a warning that the list is left in inconsistent state
    when the function returns NULL, but behaviour changes that require more care
    from the user are undesirable, especially in a stable branch.)
    The chosen solution is a bit inefficient in that there is a time where both
    blocks are allocated, but at least it's safe and this should trump efficiency
    here: this code is only used for generating certificates, which is unlikely to
    be done on very constrained devices, or to be in the critical loop of
    anything. Also, the sizes involved should be fairly small anyway.
    fixes #367
To find the state of this project's repository at the time of any of these versions, check out the tags.
ChangeLog 90.8 KB