[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Fri Jan 29 12:00:43 UTC 2016 

The branch master has been updated
       via  f5a12207eccfd814bde68b880a96910dfa25f164 (commit)
       via  cb389fe80462e20daba30835a9e86354451bd14f (commit)
      from  ec4479249d9c0b0a9e2ba6a8c59a0ed62530e954 (commit)


- Log -----------------------------------------------------------------
commit f5a12207eccfd814bde68b880a96910dfa25f164
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jan 29 09:40:03 2016 +0000

    Add missing return value checks
    
    The function DH_check_pub_key() was missing some return value checks in
    some calls to BN functions.
    
    RT#4278
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>

commit cb389fe80462e20daba30835a9e86354451bd14f
Author: Matt Caswell <matt at openssl.org>
Date:   Fri Jan 29 09:38:06 2016 +0000

    Correct value of DH_CHECK_PUBKEY_INVALID
    
    A new return value for DH_check_pub_key was recently added:
    DH_CHECK_PUBKEY_INVALID. As this is a flag which can be ORed with other
    return values it should have been set to the value 4 not 3.
    
    RT#4278
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/dh/dh_check.c | 7 +++----
 include/openssl/dh.h | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index 3f9e90e..2cc218d 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -151,13 +151,12 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
         goto err;
     BN_CTX_start(ctx);
     tmp = BN_CTX_get(ctx);
-    if (tmp == NULL)
+    if (tmp == NULL || !BN_set_word(tmp, 1))
         goto err;
-    BN_set_word(tmp, 1);
     if (BN_cmp(pub_key, tmp) <= 0)
         *ret |= DH_CHECK_PUBKEY_TOO_SMALL;
-    BN_copy(tmp, dh->p);
-    BN_sub_word(tmp, 1);
+    if (BN_copy(tmp, dh->p) == NULL || !BN_sub_word(tmp, 1))
+        goto err;
     if (BN_cmp(pub_key, tmp) >= 0)
         *ret |= DH_CHECK_PUBKEY_TOO_LARGE;
 
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 90cfb82..74bc989 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -174,7 +174,7 @@ struct dh_st {
 /* DH_check_pub_key error codes */
 # define DH_CHECK_PUBKEY_TOO_SMALL       0x01
 # define DH_CHECK_PUBKEY_TOO_LARGE       0x02
-# define DH_CHECK_PUBKEY_INVALID         0x03
+# define DH_CHECK_PUBKEY_INVALID         0x04
 
 /*
  * primes p where (p-1)/2 is prime too are called "safe"; we define this for

More information about the openssl-commits mailing list