Merge branch for fix for #502 - Unchecked calls
Conflicts:
ChangeLog
diff --git a/ChangeLog b/ChangeLog
index ac0e32a..03c8568 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,6 +32,10 @@
* Fix documentation and implementation missmatch for function arguments of
mbedtls_gcm_finish(). Found by cmiatpaar. #602
* Guarantee that P>Q at RSA key generation. Found by inestlerode. #558
+ * Fix missing return code check after call to mbedtls_md_setup() that could
+ result in usage of invalid md_ctx in mbedtls_rsa_rsaes_oaep_encrypt(),
+ mbedtls_rsa_rsaes_oaep_decrypt(), mbedtls_rsa_rsassa_pss_sign() and
+ mbedtls_rsa_rsassa_pss_verify_ext(). Fixed by Brian J. Murray.
= mbed TLS 2.1.5 branch released 2016-06-28
diff --git a/library/rsa.c b/library/rsa.c
index 76e35de..e831875 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -551,7 +551,11 @@
memcpy( p, input, ilen );
mbedtls_md_init( &md_ctx );
- mbedtls_md_setup( &md_ctx, md_info, 0 );
+ if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+ {
+ mbedtls_md_free( &md_ctx );
+ return( ret );
+ }
// maskedDB: Apply dbMask to DB
//
@@ -726,7 +730,12 @@
* Unmask data and generate lHash
*/
mbedtls_md_init( &md_ctx );
- mbedtls_md_setup( &md_ctx, md_info, 0 );
+ if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+ {
+ mbedtls_md_free( &md_ctx );
+ return( ret );
+ }
+
/* Generate lHash */
mbedtls_md( md_info, label, label_len, lhash );
@@ -972,7 +981,11 @@
p += slen;
mbedtls_md_init( &md_ctx );
- mbedtls_md_setup( &md_ctx, md_info, 0 );
+ if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+ {
+ mbedtls_md_free( &md_ctx );
+ return( ret );
+ }
// Generate H = Hash( M' )
//
@@ -1245,7 +1258,11 @@
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
mbedtls_md_init( &md_ctx );
- mbedtls_md_setup( &md_ctx, md_info, 0 );
+ if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+ {
+ mbedtls_md_free( &md_ctx );
+ return( ret );
+ }
mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx );