diff options
| author | doug <> | 2015-02-15 22:29:02 +0000 |
|---|---|---|
| committer | doug <> | 2015-02-15 22:29:02 +0000 |
| commit | 45f33e931e554ae97413395258efc61c185a8508 (patch) | |
| tree | 70aa935eec563fe6b630c12eaa78c7156236e6d5 | |
| parent | d3acd3e984368bb3c8dddff6923bdf1e7f4610f2 (diff) | |
| download | openbsd-45f33e931e554ae97413395258efc61c185a8508.tar.gz openbsd-45f33e931e554ae97413395258efc61c185a8508.tar.bz2 openbsd-45f33e931e554ae97413395258efc61c185a8508.zip | |
Avoid calling BN_CTX_end() on a context that wasn't started.
In dsa_builtin_paramgen(), if BN_MONT_CTX_new() fails, the BN_CTX_new()
call above it will have allocated a ctx without calling BN_CTX_start() on
it. The error handling calls BN_CTX_end() when ctx is allocated.
Move the BN_MONT_CTX_new() call up so it will fail first without splitting
up the BN_CTX_new() and BN_CTX_start().
tweak + ok miod@, ok bcook@
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_gen.c | 8 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/dsa/dsa_gen.c | 8 |
2 files changed, 8 insertions, 8 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index c1664d5f8a..73ae485349 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dsa_gen.c,v 1.19 2015/02/15 08:48:24 miod Exp $ */ | 1 | /* $OpenBSD: dsa_gen.c,v 1.20 2015/02/15 22:29:02 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -139,13 +139,13 @@ dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd, | |||
| 139 | if (seed_in != NULL) | 139 | if (seed_in != NULL) |
| 140 | memcpy(seed, seed_in, seed_len); | 140 | memcpy(seed, seed_in, seed_len); |
| 141 | 141 | ||
| 142 | if ((ctx=BN_CTX_new()) == NULL) | ||
| 143 | goto err; | ||
| 144 | |||
| 145 | if ((mont=BN_MONT_CTX_new()) == NULL) | 142 | if ((mont=BN_MONT_CTX_new()) == NULL) |
| 146 | goto err; | 143 | goto err; |
| 147 | 144 | ||
| 145 | if ((ctx=BN_CTX_new()) == NULL) | ||
| 146 | goto err; | ||
| 148 | BN_CTX_start(ctx); | 147 | BN_CTX_start(ctx); |
| 148 | |||
| 149 | if ((r0 = BN_CTX_get(ctx)) == NULL) | 149 | if ((r0 = BN_CTX_get(ctx)) == NULL) |
| 150 | goto err; | 150 | goto err; |
| 151 | if ((g = BN_CTX_get(ctx)) == NULL) | 151 | if ((g = BN_CTX_get(ctx)) == NULL) |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_gen.c b/src/lib/libssl/src/crypto/dsa/dsa_gen.c index c1664d5f8a..73ae485349 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_gen.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_gen.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dsa_gen.c,v 1.19 2015/02/15 08:48:24 miod Exp $ */ | 1 | /* $OpenBSD: dsa_gen.c,v 1.20 2015/02/15 22:29:02 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -139,13 +139,13 @@ dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd, | |||
| 139 | if (seed_in != NULL) | 139 | if (seed_in != NULL) |
| 140 | memcpy(seed, seed_in, seed_len); | 140 | memcpy(seed, seed_in, seed_len); |
| 141 | 141 | ||
| 142 | if ((ctx=BN_CTX_new()) == NULL) | ||
| 143 | goto err; | ||
| 144 | |||
| 145 | if ((mont=BN_MONT_CTX_new()) == NULL) | 142 | if ((mont=BN_MONT_CTX_new()) == NULL) |
| 146 | goto err; | 143 | goto err; |
| 147 | 144 | ||
| 145 | if ((ctx=BN_CTX_new()) == NULL) | ||
| 146 | goto err; | ||
| 148 | BN_CTX_start(ctx); | 147 | BN_CTX_start(ctx); |
| 148 | |||
| 149 | if ((r0 = BN_CTX_get(ctx)) == NULL) | 149 | if ((r0 = BN_CTX_get(ctx)) == NULL) |
| 150 | goto err; | 150 | goto err; |
| 151 | if ((g = BN_CTX_get(ctx)) == NULL) | 151 | if ((g = BN_CTX_get(ctx)) == NULL) |