b15832160b
Although the library documentation does not guarantee that calling mbedtls_entropy_free() twice works, it's a plausible assumption and it's natural to write code that frees an object twice. While this is uncommon for an entropy context, which is usually a global variable, it came up in our own unit tests (random_twice tests in test_suite_random). Announce this in the same changelog entry as for RSA because it's the same bug in the two modules. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
14 lines
671 B
Plaintext
14 lines
671 B
Plaintext
Bugfix
|
|
* Ensure that calling mbedtls_rsa_free() or mbedtls_entropy_free()
|
|
twice is safe. This happens for RSA when some Mbed TLS library functions
|
|
fail. Such a double-free was not safe when MBEDTLS_THREADING_C was
|
|
enabled on platforms where freeing a mutex twice is not safe.
|
|
* Fix a resource leak in a bad-arguments case of mbedtls_rsa_gen_key()
|
|
when MBEDTLS_THREADING_C is enabled on platforms where initializing
|
|
a mutex allocates resources.
|
|
|
|
Default behavior changes
|
|
* In mbedtls_rsa_context objects, the ver field was formerly documented
|
|
as always 0. It is now reserved for internal purposes and may take
|
|
different values.
|