1 files changed, 64 insertions, 24 deletions
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
index 8060115202..2d46914cb1 100644
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ b/src/lib/libcrypto/asn1/t_pkey.c
@@ -96,10 +96,34 @@ int RSA_print(BIO *bp, const RSA *x, int off)
        char str[128];
        const char *s;
        unsigned char *m=NULL;
-        int i,ret=0;
+        int ret=0;
+        size_t buf_len=0, i;
-        i=RSA_size(x);
+        if (x->n)
-        m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
+                buf_len = (size_t)BN_num_bytes(x->n);
+        if (x->e)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->e)))
+                        buf_len = i;
+        if (x->d)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->d)))
+                        buf_len = i;
+        if (x->p)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->p)))
+                        buf_len = i;
+        if (x->q)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
+                        buf_len = i;
+        if (x->dmp1)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1)))
+                        buf_len = i;
+        if (x->dmq1)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1)))
+                        buf_len = i;
+        if (x->iqmp)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp)))
+                        buf_len = i;
+        m=(unsigned char *)OPENSSL_malloc(buf_len+10);
        if (m == NULL)
                {
                RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -161,22 +185,25 @@ int DSA_print(BIO *bp, const DSA *x, int off)
        {
        char str[128];
        unsigned char *m=NULL;
-        int i,ret=0;
+        int ret=0;
-        BIGNUM *bn=NULL;
+        size_t buf_len=0,i;
-        if (x->p != NULL)
+        if (x->p)
-                bn=x->p;
+                buf_len = (size_t)BN_num_bytes(x->p);
-        else if (x->priv_key != NULL)
+        if (x->q)
-                bn=x->priv_key;
+                if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
-        else if (x->pub_key != NULL)
+                        buf_len = i;
-                bn=x->pub_key;
+        if (x->g)
-                
+                if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-        /* larger than needed but what the hell :-) */
+                        buf_len = i;
-        if (bn != NULL)
+        if (x->priv_key)
-                i=BN_num_bytes(bn)*2;
+                if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key)))
-        else
+                        buf_len = i;
-                i=256;
+        if (x->pub_key)
-        m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
+                if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key)))
+                        buf_len = i;
+        m=(unsigned char *)OPENSSL_malloc(buf_len+10);
        if (m == NULL)
                {
                DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -281,10 +308,15 @@ int DHparams_print_fp(FILE *fp, const DH *x)
 int DHparams_print(BIO *bp, const DH *x)
        {
        unsigned char *m=NULL;
-        int reason=ERR_R_BUF_LIB,i,ret=0;
+        int reason=ERR_R_BUF_LIB,ret=0;
+        size_t buf_len=0, i;
-        i=BN_num_bytes(x->p);
+        if (x->p)
-        m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
+                buf_len = (size_t)BN_num_bytes(x->p);
+        if (x->g)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
+                        buf_len = i;
+        m=(unsigned char *)OPENSSL_malloc(buf_len+10);
        if (m == NULL)
                {
                reason=ERR_R_MALLOC_FAILURE;
@@ -334,10 +366,18 @@ int DSAparams_print_fp(FILE *fp, const DSA *x)
 int DSAparams_print(BIO *bp, const DSA *x)
        {
        unsigned char *m=NULL;
-        int reason=ERR_R_BUF_LIB,i,ret=0;
+        int reason=ERR_R_BUF_LIB,ret=0;
+        size_t buf_len=0,i;
-        i=BN_num_bytes(x->p);
+        if (x->p)
-        m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
+                buf_len = (size_t)BN_num_bytes(x->p);
+        if (x->q)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
+                        buf_len = i;
+        if (x->g)
+                if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
+                        buf_len = i;
+        m=(unsigned char *)OPENSSL_malloc(buf_len+10);
        if (m == NULL)
                {
                reason=ERR_R_MALLOC_FAILURE;

diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c index 8060115202..2d46914cb1 100644 --- a/src/lib/libcrypto/asn1/t_pkey.c +++ b/src/lib/libcrypto/asn1/t_pkey.c
@@ -96,10 +96,34 @@ int RSA_print(BIO bp, const RSA x, int off)
96	char str[128];	96	char str[128];
97	const char *s;	97	const char *s;
98	unsigned char *m=NULL;	98	unsigned char *m=NULL;
99	int i,ret=0;	99	int ret=0;
		100	size_t buf_len=0, i;
100		101
101	i=RSA_size(x);	102	if (x->n)
102	m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);	103	buf_len = (size_t)BN_num_bytes(x->n);
		104	if (x->e)
		105	if (buf_len < (i = (size_t)BN_num_bytes(x->e)))
		106	buf_len = i;
		107	if (x->d)
		108	if (buf_len < (i = (size_t)BN_num_bytes(x->d)))
		109	buf_len = i;
		110	if (x->p)
		111	if (buf_len < (i = (size_t)BN_num_bytes(x->p)))
		112	buf_len = i;
		113	if (x->q)
		114	if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
		115	buf_len = i;
		116	if (x->dmp1)
		117	if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1)))
		118	buf_len = i;
		119	if (x->dmq1)
		120	if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1)))
		121	buf_len = i;
		122	if (x->iqmp)
		123	if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp)))
		124	buf_len = i;
		125
		126	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
103	if (m == NULL)	127	if (m == NULL)
104	{	128	{
105	RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);	129	RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -161,22 +185,25 @@ int DSA_print(BIO bp, const DSA x, int off)
161	{	185	{
162	char str[128];	186	char str[128];
163	unsigned char *m=NULL;	187	unsigned char *m=NULL;
164	int i,ret=0;	188	int ret=0;
165	BIGNUM *bn=NULL;	189	size_t buf_len=0,i;
166		190
167	if (x->p != NULL)	191	if (x->p)
168	bn=x->p;	192	buf_len = (size_t)BN_num_bytes(x->p);
169	else if (x->priv_key != NULL)	193	if (x->q)
170	bn=x->priv_key;	194	if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
171	else if (x->pub_key != NULL)	195	buf_len = i;
172	bn=x->pub_key;	196	if (x->g)
173		197	if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
174	/* larger than needed but what the hell :-) */	198	buf_len = i;
175	if (bn != NULL)	199	if (x->priv_key)
176	i=BN_num_bytes(bn)*2;	200	if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key)))
177	else	201	buf_len = i;
178	i=256;	202	if (x->pub_key)
179	m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);	203	if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key)))
		204	buf_len = i;
		205
		206	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
180	if (m == NULL)	207	if (m == NULL)
181	{	208	{
182	DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);	209	DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -281,10 +308,15 @@ int DHparams_print_fp(FILE fp, const DH x)
281	int DHparams_print(BIO bp, const DH x)	308	int DHparams_print(BIO bp, const DH x)
282	{	309	{
283	unsigned char *m=NULL;	310	unsigned char *m=NULL;
284	int reason=ERR_R_BUF_LIB,i,ret=0;	311	int reason=ERR_R_BUF_LIB,ret=0;
		312	size_t buf_len=0, i;
285		313
286	i=BN_num_bytes(x->p);	314	if (x->p)
287	m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);	315	buf_len = (size_t)BN_num_bytes(x->p);
		316	if (x->g)
		317	if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
		318	buf_len = i;
		319	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
288	if (m == NULL)	320	if (m == NULL)
289	{	321	{
290	reason=ERR_R_MALLOC_FAILURE;	322	reason=ERR_R_MALLOC_FAILURE;
@@ -334,10 +366,18 @@ int DSAparams_print_fp(FILE fp, const DSA x)
334	int DSAparams_print(BIO bp, const DSA x)	366	int DSAparams_print(BIO bp, const DSA x)
335	{	367	{
336	unsigned char *m=NULL;	368	unsigned char *m=NULL;
337	int reason=ERR_R_BUF_LIB,i,ret=0;	369	int reason=ERR_R_BUF_LIB,ret=0;
		370	size_t buf_len=0,i;
338		371
339	i=BN_num_bytes(x->p);	372	if (x->p)
340	m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);	373	buf_len = (size_t)BN_num_bytes(x->p);
		374	if (x->q)
		375	if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
		376	buf_len = i;
		377	if (x->g)
		378	if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
		379	buf_len = i;
		380	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
341	if (m == NULL)	381	if (m == NULL)
342	{	382	{
343	reason=ERR_R_MALLOC_FAILURE;	383	reason=ERR_R_MALLOC_FAILURE;