commit c234ecf6956399405fe66d3c392c402b2cadcb0b
author Xiaofei Bai <xiaofei.bai@arm.com> Tue Feb 08 09:59:23 2022 +0000
committer Xiaofei Bai <xiaofei.bai@arm.com> Tue Feb 08 10:26:42 2022 +0000
tree 1e9c2db120beb58e0798948af085b4907a85ca34
parent 51f515a5035a3abc8493e98b42f12bbd6e6e061e

Update mbedtls_ssl_handshake_free() and address review comments.

Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>

library/ssl_tls13_client.c

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 62ed098..a103c9d 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1468,6 +1468,7 @@
 
     if( certificate_request_context_len > 0 )
     {
+        MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_request_context_len );
         MBEDTLS_SSL_DEBUG_BUF( 3, "Certificate Request Context",
                                p, certificate_request_context_len );
 
@@ -1479,7 +1480,6 @@
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
             return ( MBEDTLS_ERR_SSL_ALLOC_FAILED );
         }
-        MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_request_context_len );
         memcpy( handshake->certificate_request_context, p,
                 certificate_request_context_len );
         p += certificate_request_context_len;
@@ -1523,7 +1523,7 @@
                 {
                     MBEDTLS_SSL_DEBUG_MSG( 3,
                         ( "Duplicate signature algorithms extensions found" ) );
-                    goto error;
+                    goto decode_error;
                 }
                 break;
 
@@ -1540,23 +1540,21 @@
     if( p != end )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "CertificateRequset misaligned" ) );
-        goto error;
+            ( "CertificateRequest misaligned" ) );
+        goto decode_error;
     }
     /* Check that we found signature algorithms extension */
     if( ! sig_alg_ext_found )
     {
         MBEDTLS_SSL_DEBUG_MSG( 3,
             ( "no signature algorithms extension found" ) );
-        MBEDTLS_SSL_DEBUG_MSG( 1,
-            ( "ssl_tls13_parse_certificate_request" ) );
-        goto error;
+        goto decode_error;
     }
 
     ssl->client_auth = 1;
     return( 0 );
 
-error:
+decode_error:
     MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
                                   MBEDTLS_ERR_SSL_DECODE_ERROR );
     return( MBEDTLS_ERR_SSL_DECODE_ERROR );