commit cd03bb2048884fb8015d758c081ac69198456e4e
author Hanno Becker <hanno.becker@arm.com> Fri Feb 15 17:15:53 2019 +0000
committer Hanno Becker <hanno.becker@arm.com> Tue Jun 25 09:00:25 2019 +0100
tree 855a6d6bf2f8380883fe2a2372ed4d49baca2cd1
parent 393338ca78abc4c0b8781bc45c79ceeef8c1dcf0

Introduce helper functions to free X.509 names and sequences

`mbedtls_x509_name` and `mbedtls_x509_sequence` are dynamically allocated
linked lists that need a loop to free properly. Introduce a static helper
function to do that and use it in `mbedtls_x509_crt_free()`, where the
CRT's issuer and subject names (of type `mbedtls_x509_name`) and the
SubjectAlternativeName and ExtendedKeyUsage extensions (of type
`mbedtls_x509_sequence`) need freeing. Increases code-clarity and saves
a few bytes of flash.

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index e4a35f6..9372998 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2641,14 +2641,33 @@
 /*
  * Unallocate all certificate data
  */
+
+static void x509_free_sequence( mbedtls_x509_sequence *seq )
+{
+    while( seq != NULL )
+    {
+        mbedtls_x509_sequence *next = seq->next;
+        mbedtls_platform_zeroize( seq, sizeof( *seq ) );
+        mbedtls_free( seq );
+        seq = next;
+    }
+}
+
+static void x509_free_name( mbedtls_x509_name *name )
+{
+    while( name != NULL )
+    {
+        mbedtls_x509_name *next = name->next;
+        mbedtls_platform_zeroize( name, sizeof( *name ) );
+        mbedtls_free( name );
+        name = next;
+    }
+}
+
 void mbedtls_x509_crt_free( mbedtls_x509_crt *crt )
 {
     mbedtls_x509_crt *cert_cur = crt;
     mbedtls_x509_crt *cert_prv;
-    mbedtls_x509_name *name_cur;
-    mbedtls_x509_name *name_prv;
-    mbedtls_x509_sequence *seq_cur;
-    mbedtls_x509_sequence *seq_prv;
 
     if( crt == NULL )
         return;
@@ -2661,43 +2680,10 @@
         mbedtls_free( cert_cur->sig_opts );
 #endif
 
-        name_cur = cert_cur->issuer.next;
-        while( name_cur != NULL )
-        {
-            name_prv = name_cur;
-            name_cur = name_cur->next;
-            mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
-            mbedtls_free( name_prv );
-        }
-
-        name_cur = cert_cur->subject.next;
-        while( name_cur != NULL )
-        {
-            name_prv = name_cur;
-            name_cur = name_cur->next;
-            mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
-            mbedtls_free( name_prv );
-        }
-
-        seq_cur = cert_cur->ext_key_usage.next;
-        while( seq_cur != NULL )
-        {
-            seq_prv = seq_cur;
-            seq_cur = seq_cur->next;
-            mbedtls_platform_zeroize( seq_prv,
-                                      sizeof( mbedtls_x509_sequence ) );
-            mbedtls_free( seq_prv );
-        }
-
-        seq_cur = cert_cur->subject_alt_names.next;
-        while( seq_cur != NULL )
-        {
-            seq_prv = seq_cur;
-            seq_cur = seq_cur->next;
-            mbedtls_platform_zeroize( seq_prv,
-                                      sizeof( mbedtls_x509_sequence ) );
-            mbedtls_free( seq_prv );
-        }
+        x509_free_name( cert_cur->issuer.next );
+        x509_free_name( cert_cur->subject.next );
+        x509_free_sequence( cert_cur->ext_key_usage.next );
+        x509_free_sequence( cert_cur->subject_alt_names.next );
 
         if( cert_cur->raw.p != NULL && cert_cur->own_buffer )
         {