From bb60c588003e8ea9a1a8f85fdad23fdc9d3bce82 Mon Sep 17 00:00:00 2001 From: Marco Oliverio Date: Tue, 23 Jul 2024 15:37:41 +0000 Subject: [PATCH] ocsp: don't free ocsp request if saved in ssl->ctx->certOcspRequest --- src/internal.c | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/src/internal.c b/src/internal.c index 324ec932c..ece556c8f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -23310,8 +23310,10 @@ int SendFinished(WOLFSSL* ssl) * Returns 0 on success */ static int CreateOcspRequest(WOLFSSL* ssl, OcspRequest* request, - DecodedCert* cert, byte* certData, word32 length) + DecodedCert* cert, byte* certData, word32 length, + byte *takeOwnership) { + byte ctxOwnsRequest = 0; int ret; if (request != NULL) @@ -23330,14 +23332,18 @@ static int CreateOcspRequest(WOLFSSL* ssl, OcspRequest* request, if (!ssl->buffers.weOwnCert) { wolfSSL_Mutex* ocspLock = &SSL_CM(ssl)->ocsp_stapling->ocspLock; if (wc_LockMutex(ocspLock) == 0) { - if (ssl->ctx->certOcspRequest == NULL) + if (ssl->ctx->certOcspRequest == NULL) { ssl->ctx->certOcspRequest = request; + ctxOwnsRequest = 1; + } wc_UnLockMutex(ocspLock); } } } FreeDecodedCert(cert); + if (takeOwnership != NULL) + *takeOwnership = ctxOwnsRequest; return ret; } @@ -23360,6 +23366,7 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest, int ret = 0; OcspRequest* request = NULL; byte createdRequest = 0; + byte ctxOwnsRequest = 0; if (ssl == NULL || ocspRequest == NULL || response == NULL) return BAD_FUNC_ARG; @@ -23397,7 +23404,7 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest, createdRequest = 1; if (ret == 0) { ret = CreateOcspRequest(ssl, request, cert, der->buffer, - der->length); + der->length, &ctxOwnsRequest); } if (ret != 0) { @@ -23424,7 +23431,7 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest, } /* free request up if error case found otherwise return it */ - if (ret != 0 && createdRequest) { + if (ret != 0 && createdRequest && !ctxOwnsRequest) { FreeOcspRequest(request); XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); } @@ -24119,6 +24126,7 @@ int SendCertificateStatus(WOLFSSL* ssl) { OcspRequest* request = ssl->ctx->certOcspRequest; buffer responses[1 + MAX_CHAIN_DEPTH]; + byte ctxOwnsRequest = 0; int i = 0; XMEMSET(responses, 0, sizeof(responses)); @@ -24177,7 +24185,7 @@ int SendCertificateStatus(WOLFSSL* ssl) break; ret = CreateOcspRequest(ssl, request, cert, der.buffer, - der.length); + der.length, &ctxOwnsRequest); if (ret == 0) { request->ssl = ssl; ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling, @@ -24192,12 +24200,13 @@ int SendCertificateStatus(WOLFSSL* ssl) i++; - FreeOcspRequest(request); + if (!ctxOwnsRequest) + FreeOcspRequest(request); } } } - - XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); + if (!ctxOwnsRequest) + XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); #ifdef WOLFSSL_SMALL_STACK XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); #endif