[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Mon Aug 22 14:12:25 UTC 2016
The branch master has been updated
via 0110a4703608430c2131237c6afcf932a28c27ff (commit)
via 9ba6f347fedbe103a06c8fd303912b358eacb11c (commit)
from fb2141c773ab0c5dfc78cc97d2445362b8048389 (commit)
- Log -----------------------------------------------------------------
commit 0110a4703608430c2131237c6afcf932a28c27ff
Author: Kazuki Yamaguchi <k at rhe.jp>
Date: Sat Aug 6 22:24:44 2016 +0900
Fix a memory leak in EC_GROUP_get_ecparameters()
The variable 'buffer', allocated by EC_POINT_point2buf(), isn't
free'd on the success path.
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
commit 9ba6f347fedbe103a06c8fd303912b358eacb11c
Author: Kazuki Yamaguchi <k at rhe.jp>
Date: Tue Aug 16 13:55:34 2016 +0900
Expose alloc functions for EC{PK,}PARAMETERS
Declare EC{PK,}PARAMETERS_{new,free} functions in public headers. The
free functions are necessary because EC_GROUP_get_ec{pk,}parameters()
was made public by commit 60b350a3ef96 ("RT3676: Expose ECgroup i2d
functions").
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/ec/ec_asn1.c | 7 ++-----
doc/crypto/X509_dup.pod | 4 ++++
include/openssl/ec.h | 2 ++
test/ectest.c | 29 +++++++++++++++++++++++++++++
util/libcrypto.num | 4 ++++
5 files changed, 41 insertions(+), 5 deletions(-)
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index e911b2b..4f4d1ed 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -512,13 +512,11 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
goto err;
}
if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) {
+ OPENSSL_free(buffer);
ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) {
- ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
- goto err;
- }
+ ASN1_STRING_set0(ret->base, buffer, len);
/* set the order */
tmp = EC_GROUP_get0_order(group);
@@ -547,7 +545,6 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
err:
if (params == NULL)
ECPARAMETERS_free(ret);
- OPENSSL_free(buffer);
return NULL;
}
diff --git a/doc/crypto/X509_dup.pod b/doc/crypto/X509_dup.pod
index 03a81f0..574994d 100644
--- a/doc/crypto/X509_dup.pod
+++ b/doc/crypto/X509_dup.pod
@@ -39,6 +39,10 @@ DIST_POINT_NAME_new,
DIST_POINT_free,
DIST_POINT_new,
DSAparams_dup,
+ECPARAMETERS_free,
+ECPARAMETERS_new,
+ECPKPARAMETERS_free,
+ECPKPARAMETERS_new,
EDIPARTYNAME_free,
EDIPARTYNAME_new,
ESS_CERT_ID_dup,
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index b6db22d..656cb41 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -699,7 +699,9 @@ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
/********************************************************************/
DECLARE_ASN1_ITEM(ECPKPARAMETERS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(ECPKPARAMETERS)
DECLARE_ASN1_ITEM(ECPARAMETERS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
/*
* EC_GROUP_get_basis_type() returns the NID of the basis type used to
diff --git a/test/ectest.c b/test/ectest.c
index f7e55c3..0dd0ab8 100644
--- a/test/ectest.c
+++ b/test/ectest.c
@@ -1712,6 +1712,33 @@ static void nistp_tests()
}
# endif
+static void parameter_test(void)
+{
+ EC_GROUP *group, *group2;
+ ECPARAMETERS *ecparameters;
+
+ fprintf(stderr, "\ntesting ecparameters conversion ...");
+
+ group = EC_GROUP_new_by_curve_name(NID_secp112r1);
+ if (!group)
+ ABORT;
+
+ ecparameters = EC_GROUP_get_ecparameters(group, NULL);
+ if (!ecparameters)
+ ABORT;
+ group2 = EC_GROUP_new_from_ecparameters(ecparameters);
+ if (!group2)
+ ABORT;
+ if (EC_GROUP_cmp(group, group2, NULL))
+ ABORT;
+
+ fprintf(stderr, " ok\n");
+
+ EC_GROUP_free(group);
+ EC_GROUP_free(group2);
+ ECPARAMETERS_free(ecparameters);
+}
+
static const char rnd_seed[] =
"string to make the random number generator think it has entropy";
@@ -1737,6 +1764,8 @@ int main(int argc, char *argv[])
/* test the internal curves */
internal_curve_test();
+ parameter_test();
+
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
return 1;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 78b39c7..7a93915 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4203,3 +4203,7 @@ OPENSSL_utf82uni 4149 1_1_0 EXIST::FUNCTION:
PKCS12_add_friendlyname_utf8 4150 1_1_0 EXIST::FUNCTION:
OPENSSL_uni2utf8 4151 1_1_0 EXIST::FUNCTION:
PKCS12_key_gen_utf8 4152 1_1_0 EXIST::FUNCTION:
+ECPKPARAMETERS_free 4153 1_1_0 EXIST::FUNCTION:EC
+ECPARAMETERS_free 4154 1_1_0 EXIST::FUNCTION:EC
+ECPKPARAMETERS_new 4155 1_1_0 EXIST::FUNCTION:EC
+ECPARAMETERS_new 4156 1_1_0 EXIST::FUNCTION:EC
More information about the openssl-commits
mailing list