alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

wpa_supplicant: Fix invalid pointer deference and memleak

Browse Source 
Add following changes as part of this:

1. EAP client will crash during validation of key size when CA
certs and keys not present. Add changes to validate it first.
2. Free memory allocated in TLS context
This commit is contained in:
kapil.gupta 2020-07-19 14:07:00 +05:30 committed by bot
parent 0263a182fc
commit c384d61e53
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
components/wpa_supplicant/src/crypto/tls_mbedtls.c
View File

@ -384,7 +384,7 @@ static void tls_set_ciphersuite(tls_context_t *tls)
if (tls->ciphersuite[0]) {
mbedtls_ssl_conf_ciphersuites(&tls->conf, tls->ciphersuite);
} else if (mbedtls_pk_get_bitlen(&tls->clientkey) > 2048 ||
mbedtls_pk_get_bitlen(&tls->cacert_ptr->pk) > 2048) {
(tls->cacert_ptr && mbedtls_pk_get_bitlen(&tls->cacert_ptr->pk) > 2048)) {
mbedtls_ssl_conf_ciphersuites(&tls->conf, eap_ciphersuite_preference);
}
}
@ -504,6 +504,7 @@ void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn)
{
/* Free ssl ctx and data */
tls_mbedtls_conn_delete((tls_context_t *) conn->tls);
os_free(conn->tls);
conn->tls = NULL;
/* Data in in ssl ctx, free connection */
os_free(conn);