From e7fc9cc1f0419a92fceb3552b639daed3e909e2c Mon Sep 17 00:00:00 2001 From: Junyeon LEE Date: Tue, 20 Jun 2017 04:47:32 +0900 Subject: [PATCH] net/tls: check function's return value Several functions did not check the input / return value in pk_wrap.c and easy_tls.c files. Change-Id: I3cb198c4b7db4947f9e253959e143446595f2311 Signed-off-by: Junyeon LEE --- os/net/tls/easy_tls.c | 17 +++++++++++------ os/net/tls/pk_wrap.c | 10 +++++++--- 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/os/net/tls/easy_tls.c b/os/net/tls/easy_tls.c index bc2f145..7349b63 100644 --- a/os/net/tls/easy_tls.c +++ b/os/net/tls/easy_tls.c @@ -153,7 +153,10 @@ static int tls_set_cred(tls_ctx *ctx, tls_cred *cred) if (ret) { return TLS_INVALID_DEVKEY; } - mbedtls_ssl_conf_own_cert(ctx->conf, ctx->crt->next, ctx->pkey); + ret = mbedtls_ssl_conf_own_cert(ctx->conf, ctx->crt->next, ctx->pkey); + if (ret) { + return TLS_INVALID_DEVCERT; + } } return ret; @@ -224,7 +227,11 @@ static int tls_set_default(tls_session *session, tls_ctx *ctx, tls_opt *opt) if (opt->force_ciphersuites[0] > 0) { mbedtls_ssl_conf_ciphersuites(ctx->conf, opt->force_ciphersuites); } - mbedtls_ssl_setup(session->ssl, ctx->conf); + + if ((ret = mbedtls_ssl_setup(session->ssl, ctx->conf) != 0)) { + ret = TLS_SET_DEFAULT_FAIL; + goto errout; + } return TLS_SUCCESS; @@ -286,8 +293,6 @@ int TLSCtx_free(tls_ctx *ctx) tls_context_release(ctx); tls_context_free(ctx); - TLS_FREE(ctx); - EASY_TLS_DEBUG("TLSCtx free\n"); return TLS_SUCCESS; } @@ -300,7 +305,7 @@ tls_session *TLSSession(int fd, tls_ctx *ctx, tls_opt *opt) mbedtls_net_context listen_ctx; tls_session *session = NULL; - if (ctx == NULL || opt == NULL) { + if (fd < 0 || ctx == NULL || opt == NULL) { EASY_TLS_DEBUG("TLSSession input error\n"); return NULL; } @@ -374,6 +379,7 @@ reset: return session; errout: TLSSession_free(session); + TLS_FREE(session); return NULL; } @@ -386,7 +392,6 @@ int TLSSession_free(tls_session *session) mbedtls_ssl_free(session->ssl); mbedtls_net_free(&session->net); TLS_FREE(session->ssl); - TLS_FREE(session); EASY_TLS_DEBUG("TLSSession free\n"); return 0; diff --git a/os/net/tls/pk_wrap.c b/os/net/tls/pk_wrap.c index 1d5e48b..d0efae0 100644 --- a/os/net/tls/pk_wrap.c +++ b/os/net/tls/pk_wrap.c @@ -560,8 +560,12 @@ int hw_ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, const unsigned char goto cleanup; } - mbedtls_mpi_read_binary(&r, ecc_sign.r, ecc_sign.r_byte_len); - mbedtls_mpi_read_binary(&s, ecc_sign.s, ecc_sign.s_byte_len); + if ((ret = mbedtls_mpi_read_binary(&r, ecc_sign.r, ecc_sign.r_byte_len)) != 0) { + goto cleanup; + } + if ((ret = mbedtls_mpi_read_binary(&s, ecc_sign.s, ecc_sign.s_byte_len)) != 0) { + goto cleanup; + } MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, sig_len)); @@ -617,7 +621,7 @@ int hw_ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, const unsigned cha goto cleanup; } - if ((ret = see_setup_key_internal(der_buf + der_buflen - len, len, SECURE_STORAGE_TYPE_KEY_ECC, key_buf)) != 0) { + if (see_setup_key_internal(der_buf + der_buflen - len, len, SECURE_STORAGE_TYPE_KEY_ECC, key_buf) != 0) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } -- 2.7.4