Merge of fix for IOTSSL-481 - Double free Potential double free in mbedtls_ssl_conf_psk()

commit: fec73a8eec71380debc0661de0c69ffebf4942d2 [log] [tgz]
author: Simon Butcher <simon.butcher@arm.com> Mon Oct 05 10:40:31 2015 +0100
committer: Simon Butcher <simon.butcher@arm.com> Mon Oct 05 10:40:31 2015 +0100
tree: fc5ed4639f0f27f3fbb54eb9d953b47c97d7ed69
parent: c48b66bfb6efd3bdd2deab7f1cb6523da55402de [diff] [blame]
parent: 24417f06feda5a0756c362146c932909c19b6673 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index ca2e717..67da281 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -25,6 +25,9 @@
    * Fix possible heap buffer overflow in base64_encoded() when the input
      buffer is 512MB or larger on 32-bit platforms. Found by Guido Vranken,
      Intelworks. Not trigerrable remotely in TLS.
+   * Fix potential double-free if mbedtls_conf_psk() is called repeatedly on
+     the same mbedtls_ssl_config object and memory allocation fails. Found by
+     Guido Vranken, Intelworks. Cannot be forced remotely.
 
 Changes
    * Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure
commit	fec73a8eec71380debc0661de0c69ffebf4942d2	[log] [tgz]
author	Simon Butcher <simon.butcher@arm.com>	Mon Oct 05 10:40:31 2015 +0100
committer	Simon Butcher <simon.butcher@arm.com>	Mon Oct 05 10:40:31 2015 +0100
tree	fc5ed4639f0f27f3fbb54eb9d953b47c97d7ed69
parent	c48b66bfb6efd3bdd2deab7f1cb6523da55402de [diff] [blame]
parent	24417f06feda5a0756c362146c932909c19b6673 [diff] [blame]