[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Fri Apr 29 08:06:47 UTC 2016


The branch master has been updated
       via  b8f1c116a357285ccb4905cd88c83f5076bafb52 (commit)
       via  098c1e3d1425ffdad15e6001b4fc9f2a606f3d83 (commit)
      from  1f644005ac5f84536c2a80480bf6fdbdf1239f39 (commit)


- Log -----------------------------------------------------------------
commit b8f1c116a357285ccb4905cd88c83f5076bafb52
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Apr 28 19:53:08 2016 +0100

    Don't free the BIGNUM passed to BN_mpi2bn
    
    Commit 91fb42dd fixed a leak but introduced a problem where a parameter
    is erroneously freed instead.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit 098c1e3d1425ffdad15e6001b4fc9f2a606f3d83
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Apr 28 19:49:17 2016 +0100

    Fix a leak in i2b_PVK
    
    Commit 8e588e28 fixed a leak but introduced a new one.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/bn/bn_mpi.c  | 11 ++++++++---
 crypto/pem/pvkfmt.c |  6 ++++--
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c
index 86d9675..cb8f0b8 100644
--- a/crypto/bn/bn_mpi.c
+++ b/crypto/bn/bn_mpi.c
@@ -87,10 +87,11 @@ int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
     return (num + 4 + ext);
 }
 
-BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
+BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain)
 {
     long len;
     int neg = 0;
+    BIGNUM *a = NULL;
 
     if (n < 4) {
         BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
@@ -103,8 +104,11 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
         return NULL;
     }
 
-    if (a == NULL)
+    if (ain == NULL)
         a = BN_new();
+    else
+        a = ain;
+
     if (a == NULL)
         return NULL;
 
@@ -117,7 +121,8 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
     if ((*d) & 0x80)
         neg = 1;
     if (BN_bin2bn(d, (int)len, a) == NULL) {
-        BN_free(a);
+        if (ain == NULL)
+            BN_free(a);
         return NULL;
     }
     a->neg = neg;
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index e7ee6dd..dc90088 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -806,7 +806,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
                    pem_password_cb *cb, void *u)
 {
     int outlen = 24, pklen;
-    unsigned char *p, *salt = NULL;
+    unsigned char *p = NULL, *salt = NULL;
     EVP_CIPHER_CTX *cctx = NULL;
     if (enclevel)
         outlen += PVK_SALTLEN;
@@ -828,7 +828,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
 
     cctx = EVP_CIPHER_CTX_new();
     if (cctx == NULL)
-        return -1;
+        goto error;
 
     write_ledword(&p, MS_PVKMAGIC);
     write_ledword(&p, 0);
@@ -882,6 +882,8 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
 
  error:
     EVP_CIPHER_CTX_free(cctx);
+    if (*out == NULL)
+        OPENSSL_free(p);
     return -1;
 }
 


More information about the openssl-commits mailing list