Merge pull request #6066 from AndrzejKurek/fix-some-resource-leaks-2-28
Fix `mbedtls_pk_parse_public_key` resource leaks
diff --git a/ChangeLog.d/fix_some_resource_leaks.txt b/ChangeLog.d/fix_some_resource_leaks.txt
new file mode 100644
index 0000000..f8db3f2
--- /dev/null
+++ b/ChangeLog.d/fix_some_resource_leaks.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * Fix resource leaks in mbedtls_pk_parse_public_key() in low
+ memory conditions.
+
diff --git a/library/pkparse.c b/library/pkparse.c
index cfc1dca..ea5c6b6 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -1463,10 +1463,16 @@
{
p = pem.buf;
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
+ {
+ mbedtls_pem_free( &pem );
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
+ }
if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 )
+ {
+ mbedtls_pem_free( &pem );
return( ret );
+ }
if ( ( ret = pk_get_rsapubkey( &p, p + pem.buflen, mbedtls_pk_rsa( *ctx ) ) ) != 0 )
mbedtls_pk_free( ctx );