[openssl] master update
Matt Caswell
matt at openssl.org
Tue Dec 7 12:23:57 UTC 2021
The branch master has been updated
via e819b5727312477f8c1f56bf928e611ad7e78315 (commit)
from 119f8145c3bde29aae5d5b18c44d1663df975ef5 (commit)
- Log -----------------------------------------------------------------
commit e819b5727312477f8c1f56bf928e611ad7e78315
Author: Matt Caswell <matt at openssl.org>
Date: Mon Dec 6 11:13:02 2021 +0000
Don't free the EVP_PKEY on error in set0_tmp_dh_pkey() functions
We should not be freeing the caller's key in the event of error.
Fixes #17196
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17209)
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_lib.c | 12 ++++++++++--
ssl/ssl_lib.c | 2 --
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 1a89bde851..874b36fad0 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3448,7 +3448,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
return 0;
}
- return SSL_set0_tmp_dh_pkey(s, pkdh);
+ if (!SSL_set0_tmp_dh_pkey(s, pkdh)) {
+ EVP_PKEY_free(pkdh);
+ return 0;
+ }
+ return 1;
}
break;
case SSL_CTRL_SET_TMP_DH_CB:
@@ -3774,7 +3778,11 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
return 0;
}
- return SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh);
+ if (!SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh)) {
+ EVP_PKEY_free(pkdh);
+ return 0;
+ }
+ return 1;
}
case SSL_CTRL_SET_TMP_DH_CB:
{
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index aaedb4ae94..dc5f7d2173 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -5975,7 +5975,6 @@ int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey)
if (!ssl_security(s, SSL_SECOP_TMP_DH,
EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL);
- EVP_PKEY_free(dhpkey);
return 0;
}
EVP_PKEY_free(s->cert->dh_tmp);
@@ -5988,7 +5987,6 @@ int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey)
if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL);
- EVP_PKEY_free(dhpkey);
return 0;
}
EVP_PKEY_free(ctx->cert->dh_tmp);
More information about the openssl-commits
mailing list