Fix for memory leak in RSA-SSA signing
Fix in mbedtls_rsa_rsassa_pkcs1_v15_sign() in rsa.c. Resolves github issue #372
diff --git a/ChangeLog b/ChangeLog
index b4cf598..cd7d5c9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,8 +7,10 @@
* Fix bug in certificate validation that caused valid chains to be rejected
when the first intermediate certificate has pathLenConstraint=0. Found by
Nicholas Wilson. Introduced in mbed TLS 2.1.4. #280
+ * Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign(), found by
+ JayaraghavendranK. #372
-Changes
+Change
* To avoid dropping an entire DTLS datagram if a single record in a datagram
is invalid, we now only drop the record and look at subsequent records (if
any are present) in the same datagram to avoid interoperability issues.
diff --git a/library/rsa.c b/library/rsa.c
index 1f907b7..efdd055 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1086,10 +1086,16 @@
* temporary buffer and check it before returning it.
*/
sig_try = mbedtls_calloc( 1, ctx->len );
- verif = mbedtls_calloc( 1, ctx->len );
- if( sig_try == NULL || verif == NULL )
+ if( sig_try == NULL )
return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+ verif = mbedtls_calloc( 1, ctx->len );
+ if( verif == NULL )
+ {
+ mbedtls_free( sig_try );
+ return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+ }
+
MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) );
MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) );