[openssl] OpenSSL_1_0_2-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Mon Mar 18 21:50:15 UTC 2019
The branch OpenSSL_1_0_2-stable has been updated
via 94eb7d07c0c14bf18bd3a4e4d6c1ef1e6633d447 (commit)
from dbf71ae457dfa5632518612b58efccd40f528f26 (commit)
- Log -----------------------------------------------------------------
commit 94eb7d07c0c14bf18bd3a4e4d6c1ef1e6633d447
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Sun Mar 17 17:28:24 2019 +0100
Clear the point S before freeing in ec_mul_consttime
The secret point R can be recovered from S using the equation R = S - P.
The X and Z coordinates should be sufficient for that.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8505)
(cherry picked from commit 502b871ad4eacc96a31f89d9a9470ca2858da998)
-----------------------------------------------------------------------
Summary of changes:
crypto/ec/ec_mult.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index da71526..fce8882 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -519,7 +519,7 @@ static int ec_mul_consttime(const EC_GROUP *group, EC_POINT *r,
ret = 1;
err:
- EC_POINT_free(s);
+ EC_POINT_clear_free(s);
BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
More information about the openssl-commits
mailing list