Skip to content

SecureStore: Add missing check for rollback-protection pointer before allocating memory #15513

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 8, 2024
Merged

SecureStore: Add missing check for rollback-protection pointer before allocating memory #15513

merged 1 commit into from
Jun 8, 2024

Conversation

mattgbio
Copy link
Contributor

@mattgbio mattgbio commented May 7, 2024
edited
Loading

Summary of changes

Problem: If a key with write-once flag is being set in a SecureStore without rollback-protection store (i.e. _rbp_kv == NULL), additional memory will be allocated for the variable _ih->key. The memory will not be deleted, though, as the delete in line 434 only happens if a rollback-protection store exists (i.e. _rbp_kv != NULL)

Solution: Only allocate the memory if _rbp_kv != NULL

Contribution is provided on behalf of BIOTRONIK.

Impact of changes

Migration actions required

Documentation

None

Pull request type 

[X] Patch update (Bug fix / Target update / Docs update / Test update / Refactor)
[] Feature update (New feature / Functionality change / New API)
[] Major update (Breaking change E.g. Return code change / API behaviour change)

Test results 

[X] No Tests required for this change (E.g docs only update)
[] Covered by existing mbed-os tests (Greentea or Unittest)
[] Tests / results supplied as part of this PR

Reviewers

@mattgbio mattgbio changed the title Added missing check for rollback-protection pointer before allocating memory SecureStore: Added missing check for rollback-protection pointer before allocating memory May 7, 2024
@mattgbio mattgbio changed the title SecureStore: Added missing check for rollback-protection pointer before allocating memory SecureStore: Add missing check for rollback-protection pointer before allocating memory May 7, 2024
@0xc0170
Copy link
Contributor

0xc0170 commented May 15, 2024

Please add details to the commit message as well (from the description here).

@mattgbio
Added missing check for replay protection pointer before allocating n…
5fc4abe 
…ew variable

Problem: If a key with write-once flag is being set in a SecureStore without rollback-protection store (i.e. _rbp_kv == NULL), additional memory will be allocated for the variable _ih->key. The memory will not be deleted, though, as the delete in line 434 only happens if a rollback-protection store exists (i.e. _rbp_kv != NULL)

Solution: Only allocate the memory if _rbp_kv != NULL

Contribution is provided on behalf of BIOTRONIK.
@mattgbio mattgbio force-pushed the check-rbp-SecureStore branch from c26dede to 5fc4abe Compare May 16, 2024 08:52
@0xc0170 0xc0170 added needs: CI release-type: patch Indentifies a PR as containing just a patch labels May 21, 2024
@mbed-ci
Copy link

mbed-ci commented May 27, 2024

Jenkins CI Test : ❌ FAILED

Build Number: 1 | 🔒 Jenkins CI Job | 🌐 Logs & Artifacts

CLICK for Detailed Summary

jobs Status
jenkins-ci/mbed-os-ci_build-cloud-example-ARM ✔️
jenkins-ci/mbed-os-ci_build-cloud-example-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_unittests ✔️
jenkins-ci/mbed-os-ci_build-greentea-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_build-example-ARM ✔️
jenkins-ci/mbed-os-ci_build-greentea-ARM ✔️
jenkins-ci/mbed-os-ci_build-example-GCC_ARM ✔️
jenkins-ci/mbed-os-ci_greentea-test

@mergify mergify bot added needs: work and removed needs: CI labels May 27, 2024
@0xc0170 0xc0170 merged commit e3d2c56 into ARMmbed:master Jun 8, 2024
@mergify mergify bot removed the ready for merge label Jun 8, 2024
@multiplemonomials multiplemonomials mentioned this pull request Jul 20, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0xc0170 0xc0170 0xc0170 approved these changes

Assignees

No one assigned

Labels

release-type: patch Indentifies a PR as containing just a patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mattgbio @0xc0170 @mbed-ci