diff --git a/src/internal.c b/src/internal.c index 5a386b586..8a5cc24e0 100644 --- a/src/internal.c +++ b/src/internal.c @@ -21151,21 +21151,24 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, int group = 0; #endif - ssl->buffers.weOwnDH = 1; + if (ssl->buffers.weOwnDH) { + if (ssl->buffers.serverDH_P.buffer) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; + } - if (ssl->buffers.serverDH_P.buffer) { - XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - ssl->buffers.serverDH_P.buffer = NULL; - } + if (ssl->buffers.serverDH_G.buffer) { + XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_G.buffer = NULL; + } - if (ssl->buffers.serverDH_G.buffer) { - XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - ssl->buffers.serverDH_G.buffer = NULL; - } - - if (ssl->buffers.serverDH_Pub.buffer) { - XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - ssl->buffers.serverDH_Pub.buffer = NULL; + if (ssl->buffers.serverDH_Pub.buffer) { + XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_Pub.buffer = NULL; + } } /* p */ @@ -21208,6 +21211,9 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, /* g */ if ((args->idx - args->begin) + OPAQUE16_LEN > size) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; ERROR_OUT(BUFFER_ERROR, exit_gdpk); } @@ -21215,6 +21221,9 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, args->idx += OPAQUE16_LEN; if ((args->idx - args->begin) + length > size) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; ERROR_OUT(BUFFER_ERROR, exit_gdpk); } @@ -21224,6 +21233,9 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, ssl->buffers.serverDH_G.length = length; } else { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; ERROR_OUT(MEMORY_ERROR, exit_gdpk); } @@ -21233,6 +21245,12 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, /* pub */ if ((args->idx - args->begin) + OPAQUE16_LEN > size) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; + XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_G.buffer = NULL; ERROR_OUT(BUFFER_ERROR, exit_gdpk); } @@ -21240,6 +21258,12 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, args->idx += OPAQUE16_LEN; if ((args->idx - args->begin) + length > size) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; + XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_G.buffer = NULL; ERROR_OUT(BUFFER_ERROR, exit_gdpk); } @@ -21249,11 +21273,18 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, ssl->buffers.serverDH_Pub.length = length; } else { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; + XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_G.buffer = NULL; ERROR_OUT(MEMORY_ERROR, exit_gdpk); } XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + args->idx, length); + ssl->buffers.weOwnDH = 1; args->idx += length; #ifdef HAVE_FFDHE