Apply me-no-dev@5613e66

Replace small local mallocs with stack buffers

Author: Aircoookie

src/AsyncWebSocket.cpp

@@ -24,18 +24,7 @@
 #include <libb64/cencode.h>
 
 #ifndef ESP8266
-extern "C" {
-typedef struct {
-    uint32_t state[5];
-    uint32_t count[2];
-    unsigned char buffer[64];
-} SHA1_CTX;
-
-void SHA1Transform(uint32_t state[5], const unsigned char buffer[64]);
-void SHA1Init(SHA1_CTX* context);
-void SHA1Update(SHA1_CTX* context, const unsigned char* data, uint32_t len);
-void SHA1Final(unsigned char digest[20], SHA1_CTX* context);
-}
+#include "mbedtls/sha1.h"
 #else
 #include <Hash.h>
 #endif
@@ -1252,25 +1241,19 @@ AsyncWebSocketResponse::AsyncWebSocketResponse(const String& key, AsyncWebSocket
   _code = 101;
   _sendContentLength = false;
 
-  uint8_t * hash = (uint8_t*)malloc(20);
-  if(hash == NULL){
-    _state = RESPONSE_FAILED;
-    return;
-  }
-  char * buffer = (char *) malloc(33);
-  if(buffer == NULL){
-    free(hash);
-    _state = RESPONSE_FAILED;
-    return;
-  }
+  uint8_t * hash[20];
+  char * buffer[33];
+
 #ifdef ESP8266
   sha1(key + WS_STR_UUID, hash);
 #else
-  (String&)key += WS_STR_UUID;
-  SHA1_CTX ctx;
-  SHA1Init(&ctx);
-  SHA1Update(&ctx, (const unsigned char*)key.c_str(), key.length());
-  SHA1Final(hash, &ctx);
+	(String&)key += WS_STR_UUID;
+	mbedtls_sha1_context ctx;
+  mbedtls_sha1_init(&ctx);
+  mbedtls_sha1_starts_ret(&ctx);
+  mbedtls_sha1_update_ret(&ctx, (const unsigned char*)key.c_str(), key.length());
+  mbedtls_sha1_finish_ret(&ctx, hash);
+  mbedtls_sha1_free(&ctx);
 #endif
   base64_encodestate _state;
   base64_init_encodestate(&_state);
@@ -1279,8 +1262,6 @@ AsyncWebSocketResponse::AsyncWebSocketResponse(const String& key, AsyncWebSocket
   addHeader(WS_STR_CONNECTION, WS_STR_UPGRADE);
   addHeader(WS_STR_UPGRADE, "websocket");
   addHeader(WS_STR_ACCEPT,buffer);
-  free(buffer);
-  free(hash);
 }
 
 void AsyncWebSocketResponse::_respond(AsyncWebServerRequest *request){

src/WebAuthentication.cpp

@@ -65,15 +65,12 @@ static bool getMD5(uint8_t * data, uint16_t len, char * output){//33 bytes or mo
     md5_context_t _ctx;
 #endif
   uint8_t i;
-  uint8_t * _buf = (uint8_t*)malloc(16);
-  if(_buf == NULL)
-    return false;
-  memset(_buf, 0x00, 16);
+  uint8_t * _buf[16] = {0};
 #ifdef ESP32
   mbedtls_md5_init(&_ctx);
-  mbedtls_md5_starts(&_ctx);
-  mbedtls_md5_update(&_ctx, data, len);
-  mbedtls_md5_finish(&_ctx, _buf);
+  mbedtls_md5_starts_ret(&_ctx);
+  mbedtls_md5_update_ret(&_ctx, data, len);
+  mbedtls_md5_finish_ret(&_ctx, _buf);
 #else
   MD5Init(&_ctx);
   MD5Update(&_ctx, data, len);
@@ -82,7 +79,6 @@ static bool getMD5(uint8_t * data, uint16_t len, char * output){//33 bytes or mo
   for(i = 0; i < 16; i++) {
     sprintf(output + (i * 2), "%02x", _buf[i]);
   }
-  free(_buf);
   return true;
 }
 
@@ -92,38 +88,35 @@ static String genRandomMD5(){
 #else
   uint32_t r = rand();
 #endif
-  char * out = (char*)malloc(33);
+  char * out[33];
   if(out == NULL || !getMD5((uint8_t*)(&r), 4, out))
     return "";
   String res = String(out);
-  free(out);
   return res;
 }
 
 static String stringMD5(const String& in){
-  char * out = (char*)malloc(33);
-  if(out == NULL || !getMD5((uint8_t*)(in.c_str()), in.length(), out))
+  char * out[33];
+  if(!getMD5((uint8_t*)(in.c_str()), in.length(), out))
     return "";
   String res = String(out);
-  free(out);
   return res;
 }
 
 String generateDigestHash(const char * username, const char * password, const char * realm){
   if(username == NULL || password == NULL || realm == NULL){
     return "";
   }
-  char * out = (char*)malloc(33);
+  char * out[33];
   String res = String(username);
   res.concat(":");
   res.concat(realm);
   res.concat(":");
   String in = res;
   in.concat(password);
-  if(out == NULL || !getMD5((uint8_t*)(in.c_str()), in.length(), out))
+  if(!getMD5((uint8_t*)(in.c_str()), in.length(), out))
     return "";
   res.concat(out);
-  free(out);
   return res;
 }