From 4d8436b90c74161bf575ac968b6018f445fb5d90 Mon Sep 17 00:00:00 2001
From: Aditya Patwardhan <aditya.patwardhan@espressif.com>
Date: Wed, 10 Jan 2024 11:04:23 +0530
Subject: [PATCH] fix(esp_tls): Fixed input argument checks for public APIs

---
 components/esp-tls/esp_tls.c | 30 +++++++++++++++++++++++-------
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/components/esp-tls/esp_tls.c b/components/esp-tls/esp_tls.c
index c56bb75c65..483ca29472 100644
--- a/components/esp-tls/esp_tls.c
+++ b/components/esp-tls/esp_tls.c
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2019-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -131,14 +131,18 @@ static ssize_t tcp_write(esp_tls_t *tls, const char *data, size_t datalen)
 
 ssize_t esp_tls_conn_read(esp_tls_t *tls, void  *data, size_t datalen)
 {
+    if (!tls || !data) {
+        return -1;
+    }
     return tls->read(tls, (char *)data, datalen);
-
 }
 
 ssize_t esp_tls_conn_write(esp_tls_t *tls, const void  *data, size_t datalen)
 {
+    if (!tls || !data) {
+        return -1;
+    }
     return tls->write(tls, (char *)data, datalen);
-
 }
 
 /**
@@ -154,6 +158,7 @@ int esp_tls_conn_destroy(esp_tls_t *tls)
         }
         esp_tls_internal_event_tracker_destroy(tls->error_handle);
         free(tls);
+        tls = NULL;
         return ret;
     }
     return -1; // invalid argument
@@ -436,10 +441,7 @@ err:
 
 static int esp_tls_low_level_conn(const char *hostname, int hostlen, int port, const esp_tls_cfg_t *cfg, esp_tls_t *tls)
 {
-    if (!tls) {
-        ESP_LOGE(TAG, "empty esp_tls parameter");
-        return -1;
-    }
+
     esp_err_t esp_ret;
     /* These states are used to keep a tab on connection progress in case of non-blocking connect,
     and in case of blocking connect these cases will get executed one after the other */
@@ -532,6 +534,9 @@ esp_err_t esp_tls_plain_tcp_connect(const char *host, int hostlen, int port, con
 
 int esp_tls_conn_new_sync(const char *hostname, int hostlen, int port, const esp_tls_cfg_t *cfg, esp_tls_t *tls)
 {
+    if (!cfg || !tls || !hostname || hostlen < 0) {
+        return -1;
+    }
     struct timeval time = {};
     gettimeofday(&time, NULL);
     uint32_t start_time_ms = (time.tv_sec * 1000) + (time.tv_usec / 1000);
@@ -561,6 +566,9 @@ int esp_tls_conn_new_sync(const char *hostname, int hostlen, int port, const esp
  */
 int esp_tls_conn_new_async(const char *hostname, int hostlen, int port, const esp_tls_cfg_t *cfg, esp_tls_t *tls)
 {
+    if (!cfg || !tls || !hostname || hostlen < 0) {
+        return -1;
+    }
     return esp_tls_low_level_conn(hostname, hostlen, port, cfg, tls);
 }
 
@@ -580,6 +588,10 @@ static int get_port(const char *url, struct http_parser_url *u)
 
 esp_tls_t *esp_tls_conn_http_new(const char *url, const esp_tls_cfg_t *cfg)
 {
+    if (!url || !cfg) {
+        return NULL;
+    }
+
     /* Parse URI */
     struct http_parser_url u;
     http_parser_url_init(&u);
@@ -602,6 +614,10 @@ esp_tls_t *esp_tls_conn_http_new(const char *url, const esp_tls_cfg_t *cfg)
  */
 int esp_tls_conn_http_new_sync(const char *url, const esp_tls_cfg_t *cfg, esp_tls_t *tls)
 {
+    if (!url || !cfg || !tls) {
+        return -1;
+    }
+
     /* Parse URI */
     struct http_parser_url u;
     http_parser_url_init(&u);