[openssl-commits] [openssl] master update
kaduk at mit.edu
kaduk at mit.edu
Fri Oct 13 00:18:50 UTC 2017
The branch master has been updated
via 8abeefeccc4cfbfba9b5ebfc7604fe257a97317a (commit)
from 141e470947327e0c4e8ef3c299b42d01064c484c (commit)
- Log -----------------------------------------------------------------
commit 8abeefeccc4cfbfba9b5ebfc7604fe257a97317a
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date: Thu Oct 12 12:12:10 2017 -0500
Fix memory leak in DH_get_nid()
If q is non-NULL but p is indeed a safe prime, a modified copy
of p could be leaked.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4525)
-----------------------------------------------------------------------
Summary of changes:
crypto/dh/dh_rfc7919.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/crypto/dh/dh_rfc7919.c b/crypto/dh/dh_rfc7919.c
index d01ba6f..a54b468 100644
--- a/crypto/dh/dh_rfc7919.c
+++ b/crypto/dh/dh_rfc7919.c
@@ -66,10 +66,9 @@ int DH_get_nid(const DH *dh)
BIGNUM *q = BN_dup(dh->p);
/* Check q = p * 2 + 1 we already know q is odd, so just shift right */
- if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q)) {
- BN_free(q);
- return NID_undef;
- }
+ if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q))
+ nid = NID_undef;
+ BN_free(q);
}
return nid;
}
More information about the openssl-commits
mailing list