[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Mon Aug 22 14:12:25 UTC 2016


The branch master has been updated
       via  0110a4703608430c2131237c6afcf932a28c27ff (commit)
       via  9ba6f347fedbe103a06c8fd303912b358eacb11c (commit)
      from  fb2141c773ab0c5dfc78cc97d2445362b8048389 (commit)


- Log -----------------------------------------------------------------
commit 0110a4703608430c2131237c6afcf932a28c27ff
Author: Kazuki Yamaguchi <k at rhe.jp>
Date:   Sat Aug 6 22:24:44 2016 +0900

    Fix a memory leak in EC_GROUP_get_ecparameters()
    
    The variable 'buffer', allocated by EC_POINT_point2buf(), isn't
    free'd on the success path.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>

commit 9ba6f347fedbe103a06c8fd303912b358eacb11c
Author: Kazuki Yamaguchi <k at rhe.jp>
Date:   Tue Aug 16 13:55:34 2016 +0900

    Expose alloc functions for EC{PK,}PARAMETERS
    
    Declare EC{PK,}PARAMETERS_{new,free} functions in public headers. The
    free functions are necessary because EC_GROUP_get_ec{pk,}parameters()
    was made public by commit 60b350a3ef96 ("RT3676: Expose ECgroup i2d
    functions").
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/ec/ec_asn1.c     |  7 ++-----
 doc/crypto/X509_dup.pod |  4 ++++
 include/openssl/ec.h    |  2 ++
 test/ectest.c           | 29 +++++++++++++++++++++++++++++
 util/libcrypto.num      |  4 ++++
 5 files changed, 41 insertions(+), 5 deletions(-)

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index e911b2b..4f4d1ed 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -512,13 +512,11 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
         goto err;
     }
     if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) {
+        OPENSSL_free(buffer);
         ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
         goto err;
     }
-    if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) {
-        ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
-        goto err;
-    }
+    ASN1_STRING_set0(ret->base, buffer, len);
 
     /* set the order */
     tmp = EC_GROUP_get0_order(group);
@@ -547,7 +545,6 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
  err:
     if (params == NULL)
         ECPARAMETERS_free(ret);
-    OPENSSL_free(buffer);
     return NULL;
 }
 
diff --git a/doc/crypto/X509_dup.pod b/doc/crypto/X509_dup.pod
index 03a81f0..574994d 100644
--- a/doc/crypto/X509_dup.pod
+++ b/doc/crypto/X509_dup.pod
@@ -39,6 +39,10 @@ DIST_POINT_NAME_new,
 DIST_POINT_free,
 DIST_POINT_new,
 DSAparams_dup,
+ECPARAMETERS_free,
+ECPARAMETERS_new,
+ECPKPARAMETERS_free,
+ECPKPARAMETERS_new,
 EDIPARTYNAME_free,
 EDIPARTYNAME_new,
 ESS_CERT_ID_dup,
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index b6db22d..656cb41 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -699,7 +699,9 @@ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
 /********************************************************************/
 
 DECLARE_ASN1_ITEM(ECPKPARAMETERS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(ECPKPARAMETERS)
 DECLARE_ASN1_ITEM(ECPARAMETERS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
 
 /*
  * EC_GROUP_get_basis_type() returns the NID of the basis type used to
diff --git a/test/ectest.c b/test/ectest.c
index f7e55c3..0dd0ab8 100644
--- a/test/ectest.c
+++ b/test/ectest.c
@@ -1712,6 +1712,33 @@ static void nistp_tests()
 }
 # endif
 
+static void parameter_test(void)
+{
+    EC_GROUP *group, *group2;
+    ECPARAMETERS *ecparameters;
+
+    fprintf(stderr, "\ntesting ecparameters conversion ...");
+
+    group = EC_GROUP_new_by_curve_name(NID_secp112r1);
+    if (!group)
+        ABORT;
+
+    ecparameters = EC_GROUP_get_ecparameters(group, NULL);
+    if (!ecparameters)
+        ABORT;
+    group2 = EC_GROUP_new_from_ecparameters(ecparameters);
+    if (!group2)
+        ABORT;
+    if (EC_GROUP_cmp(group, group2, NULL))
+        ABORT;
+
+    fprintf(stderr, " ok\n");
+
+    EC_GROUP_free(group);
+    EC_GROUP_free(group2);
+    ECPARAMETERS_free(ecparameters);
+}
+
 static const char rnd_seed[] =
     "string to make the random number generator think it has entropy";
 
@@ -1737,6 +1764,8 @@ int main(int argc, char *argv[])
     /* test the internal curves */
     internal_curve_test();
 
+    parameter_test();
+
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
     if (CRYPTO_mem_leaks_fp(stderr) <= 0)
         return 1;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 78b39c7..7a93915 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4203,3 +4203,7 @@ OPENSSL_utf82uni                        4149	1_1_0	EXIST::FUNCTION:
 PKCS12_add_friendlyname_utf8            4150	1_1_0	EXIST::FUNCTION:
 OPENSSL_uni2utf8                        4151	1_1_0	EXIST::FUNCTION:
 PKCS12_key_gen_utf8                     4152	1_1_0	EXIST::FUNCTION:
+ECPKPARAMETERS_free                     4153	1_1_0	EXIST::FUNCTION:EC
+ECPARAMETERS_free                       4154	1_1_0	EXIST::FUNCTION:EC
+ECPKPARAMETERS_new                      4155	1_1_0	EXIST::FUNCTION:EC
+ECPARAMETERS_new                        4156	1_1_0	EXIST::FUNCTION:EC


More information about the openssl-commits mailing list