MbedTLS functions usually return zero for success and negative error codes to indicate failure, but its error codes lie way outside the range of -MAX_ERRNO, so using them with ERR_PTR creates values that do not pass the IS_ERR check and lead to crashes. Substitute them with a fixed error code to avoid problems.
Signed-off-by: Vsevolod Kozlov <[email protected]> --- lib/mbedtls/pkcs7_parser.c | 5 +++++ lib/mbedtls/x509_cert_parser.c | 6 +++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/mbedtls/pkcs7_parser.c b/lib/mbedtls/pkcs7_parser.c index bf8ee17b5b8..2c85dcc9699 100644 --- a/lib/mbedtls/pkcs7_parser.c +++ b/lib/mbedtls/pkcs7_parser.c @@ -495,6 +495,11 @@ struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen) parse_fail: mbedtls_pkcs7_free(&pkcs7_ctx); pkcs7_free_message(msg); + + /* MbedTLS error codes lie beyond MAX_ERRNO and are not suitable + * for ERR_PTR, but can be useful for debugging. */ + debug("mbedtls returned error: %x\n", ret); + ret = -EINVAL; out_no_msg: msg = ERR_PTR(ret); return msg; diff --git a/lib/mbedtls/x509_cert_parser.c b/lib/mbedtls/x509_cert_parser.c index e163e16b9bc..1c70a8fcdcb 100644 --- a/lib/mbedtls/x509_cert_parser.c +++ b/lib/mbedtls/x509_cert_parser.c @@ -425,7 +425,7 @@ struct x509_certificate *x509_cert_parse(const void *data, size_t datalen) { mbedtls_x509_crt mbedtls_cert; struct x509_certificate *cert = NULL; - long ret; + int ret; /* Parse DER encoded certificate */ mbedtls_x509_crt_init(&mbedtls_cert); @@ -443,5 +443,9 @@ clean_up_ctx: if (!ret) return cert; + /* MbedTLS error codes lie beyond MAX_ERRNO and are not suitable + * for ERR_PTR, but can be useful for debugging. */ + debug("mbedtls returned error: %x\n", ret); + ret = -EINVAL; return ERR_PTR(ret); } -- 2.47.3

