Merge pull request #5309 from gilles-peskine-arm/pkparse-pkcs8-unencrypted-no-alloc

mbedtls_pk_parse_key: don't allocate if not needed
2022-01-24 10:03:48 +00:00 · 2022-01-24 10:03:48 +00:00 · b032685543
commit b032685543
parent ff743a7f38 0ca219575a
2 changed files with 4 additions and 0 deletions
--- a/ChangeLog.d/pkparse-pkcs8-unencrypted-no-alloc.txt
+++ b/ChangeLog.d/pkparse-pkcs8-unencrypted-no-alloc.txt
@ -0,0 +1,3 @@
+Changes
+   * In mbedtls_pk_parse_key(), if no password is provided, don't allocate a
+     temporary variable on the heap. Suggested by Sergey Kanatov in #5304.
--- a/library/pkparse.c
+++ b/library/pkparse.c
@ -1343,6 +1343,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
     * error
     */
 #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+    if( pwdlen != 0 )
    {
        unsigned char *key_copy;