[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Kurt Roeckx kurt at openssl.org
Tue Dec 22 10:54:11 UTC 2015


The branch OpenSSL_1_0_2-stable has been updated
       via  1c7de36f621e753fd9e6b7a2342b95d0e2f52781 (commit)
      from  6656ba7152dfe4bba865e327dd362ea08544aa80 (commit)


- Log -----------------------------------------------------------------
commit 1c7de36f621e753fd9e6b7a2342b95d0e2f52781
Author: David Benjamin <davidben at chromium.org>
Date:   Thu Dec 17 20:11:11 2015 +0100

    Fix memory leak in DSA redo case.
    
    Found by clang scan-build.
    
    Signed-off-by: Kurt Roeckx <kurt at roeckx.be>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    
    RT: #4184, MR: #1496
    (cherry picked from commit 679d87515d23ca31491effdc264edc81c695a72a)

-----------------------------------------------------------------------

Summary of changes:
 crypto/dsa/dsa_ossl.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index f0ec8fa..efc4f1b 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -187,9 +187,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
     if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
         goto err;
 
-    ret = DSA_SIG_new();
-    if (ret == NULL)
-        goto err;
     /*
      * Redo if r or s is zero as required by FIPS 186-3: this is very
      * unlikely.
@@ -201,11 +198,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
         }
         goto redo;
     }
+    ret = DSA_SIG_new();
+    if (ret == NULL)
+        goto err;
     ret->r = r;
     ret->s = s;
 
  err:
-    if (!ret) {
+    if (ret == NULL) {
         DSAerr(DSA_F_DSA_DO_SIGN, reason);
         BN_free(r);
         BN_free(s);


More information about the openssl-commits mailing list