Fix NULL argument handling in mbedtls_xxx_free() functions
Signed-off-by: Troy-Butler <squintik@outlook.com>
diff --git a/library/block_cipher.c b/library/block_cipher.c
index 04cd7fb..51cdcdf 100644
--- a/library/block_cipher.c
+++ b/library/block_cipher.c
@@ -51,6 +51,10 @@
void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
psa_destroy_key(ctx->psa_key_id);
diff --git a/library/entropy.c b/library/entropy.c
index e3bc851..7dcf067 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -61,6 +61,10 @@
void mbedtls_entropy_free(mbedtls_entropy_context *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
/* If the context was already free, don't call free() again.
* This is important for mutexes which don't allow double-free. */
if (ctx->accumulator_started == -1) {
diff --git a/library/lmots.c b/library/lmots.c
index c7091b4..c51cb41 100644
--- a/library/lmots.c
+++ b/library/lmots.c
@@ -387,6 +387,10 @@
void mbedtls_lmots_public_free(mbedtls_lmots_public_t *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
mbedtls_platform_zeroize(ctx, sizeof(*ctx));
}
@@ -556,6 +560,10 @@
void mbedtls_lmots_private_free(mbedtls_lmots_private_t *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
mbedtls_platform_zeroize(ctx,
sizeof(*ctx));
}
diff --git a/library/lms.c b/library/lms.c
index 8d3cae0..7f7bec0 100644
--- a/library/lms.c
+++ b/library/lms.c
@@ -229,6 +229,10 @@
void mbedtls_lms_public_free(mbedtls_lms_public_t *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
mbedtls_platform_zeroize(ctx, sizeof(*ctx));
}
@@ -528,6 +532,10 @@
void mbedtls_lms_private_free(mbedtls_lms_private_t *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
unsigned int idx;
if (ctx->have_private_key) {
diff --git a/library/net_sockets.c b/library/net_sockets.c
index edec587..ef89a88 100644
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@@ -683,7 +683,7 @@
*/
void mbedtls_net_free(mbedtls_net_context *ctx)
{
- if (ctx->fd == -1) {
+ if (ctx == NULL || ctx->fd == -1) {
return;
}
diff --git a/library/nist_kw.c b/library/nist_kw.c
index f15425b..8faafe4 100644
--- a/library/nist_kw.c
+++ b/library/nist_kw.c
@@ -102,6 +102,10 @@
*/
void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
mbedtls_cipher_free(&ctx->cipher_ctx);
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_nist_kw_context));
}
diff --git a/library/pem.c b/library/pem.c
index 0fee5df..0207601 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -481,6 +481,10 @@
void mbedtls_pem_free(mbedtls_pem_context *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
if (ctx->buf != NULL) {
mbedtls_zeroize_and_free(ctx->buf, ctx->buflen);
}
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 2772cac..acc9e8c 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -84,6 +84,10 @@
void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key(ctx->psa_hmac_key);
#else
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 6a31b0b..bfb656c 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -534,6 +534,10 @@
*/
void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key(ctx->keys[0].key);
psa_destroy_key(ctx->keys[1].key);
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 72f5a10..56f23c9 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -46,6 +46,10 @@
void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
mbedtls_asn1_free_named_data_list(&ctx->subject);
mbedtls_asn1_free_named_data_list(&ctx->issuer);
mbedtls_asn1_free_named_data_list(&ctx->extensions);
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index d3ddbcc..0d6f6bb 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -43,6 +43,10 @@
void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx)
{
+ if (ctx == NULL) {
+ return;
+ }
+
mbedtls_asn1_free_named_data_list(&ctx->subject);
mbedtls_asn1_free_named_data_list(&ctx->extensions);