[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Wed Jul 22 18:43:15 UTC 2015
The branch master has been updated
via 9f040d6decca7930e978784c917f731e5c45e8f0 (commit)
from 4445704f912495227e9e99835e94219d7e79684c (commit)
- Log -----------------------------------------------------------------
commit 9f040d6decca7930e978784c917f731e5c45e8f0
Author: Rich Salz <rsalz at akamai.com>
Date: Wed Jul 22 06:44:50 2015 -0400
Some cleanups for crypto/bn
Create bn_free_d utility routine and use it.
Fix RT3950
Also a missing cleanse, from Loganaden Velvindron (loganaden at gmail.com),
who noticed it in a Cloudflare patch.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_add.c | 3 ++-
crypto/bn/bn_lib.c | 32 +++++++++++++++-----------------
crypto/bn/bn_mont.c | 4 +++-
3 files changed, 20 insertions(+), 19 deletions(-)
diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c
index a446686..0bfc3cc 100644
--- a/crypto/bn/bn_add.c
+++ b/crypto/bn/bn_add.c
@@ -222,7 +222,8 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
break;
}
}
- memcpy(rp, ap, sizeof(*rp) * dif);
+ if (dif)
+ memcpy(rp, ap, sizeof(*rp) * dif);
r->top = max;
r->neg = 0;
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index b5f827a..f10f44a 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -223,6 +223,15 @@ int BN_num_bits(const BIGNUM *a)
return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
}
+static void bn_free_d(BIGNUM *a)
+{
+ if (BN_get_flags(a,BN_FLG_SECURE))
+ OPENSSL_secure_free(a->d);
+ else
+ OPENSSL_free(a->d);
+}
+
+
void BN_clear_free(BIGNUM *a)
{
int i;
@@ -232,15 +241,11 @@ void BN_clear_free(BIGNUM *a)
bn_check_top(a);
if (a->d != NULL) {
OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
- if (!(BN_get_flags(a, BN_FLG_STATIC_DATA))) {
- if (BN_get_flags(a,BN_FLG_SECURE))
- OPENSSL_secure_free(a->d);
- else
- OPENSSL_free(a->d);
- }
+ if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
+ bn_free_d(a);
}
i = BN_get_flags(a, BN_FLG_MALLOCED);
- OPENSSL_cleanse(a, sizeof(BIGNUM));
+ OPENSSL_cleanse(a, sizeof(*a));
if (i)
OPENSSL_free(a);
}
@@ -251,12 +256,7 @@ void BN_free(BIGNUM *a)
return;
bn_check_top(a);
if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
- if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) {
- if (BN_get_flags(a, BN_FLG_SECURE))
- OPENSSL_secure_free(a->d);
- else
- OPENSSL_free(a->d);
- }
+ bn_free_d(a);
if (a->flags & BN_FLG_MALLOCED)
OPENSSL_free(a);
else {
@@ -399,10 +399,8 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
if (!a)
return NULL;
if (b->d) {
- if (BN_get_flags(b,BN_FLG_SECURE))
- OPENSSL_secure_free(b->d);
- else
- OPENSSL_free(b->d);
+ OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0]));
+ bn_free_d(b);
}
b->d = a;
b->dmax = words;
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index c869101..e3955fe 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -196,7 +196,9 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
rp = r->d;
/* clear the top words of T */
- memset(&rp[r->top], 0, sizeof(*rp) * (max - r->top));
+ i = max - r->top;
+ if (i)
+ memset(&rp[r->top], 0, sizeof(*rp) * i);
r->top = max;
n0 = mont->n0[0];
More information about the openssl-commits
mailing list