[openssl/openssl] b69786: Avoid setting gen_type to -1 in dh_gen_common_set_...

Neil Horman noreply at github.com
Thu Dec 14 10:20:29 UTC 2023 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: b697864cb85145ba39a1ef1192c0b8812947e8a3
      https://github.com/openssl/openssl/commit/b697864cb85145ba39a1ef1192c0b8812947e8a3
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-12-14 (Thu, 14 Dec 2023)

  Changed paths:
    M providers/implementations/keymgmt/dh_kmgmt.c

  Log Message:
  -----------
  Avoid setting gen_type to -1 in dh_gen_common_set_params

gh_gen_type_common_set_params looks up a dh contexts gen_type using
name2id, but if it returns error, we set gctx->gen_type to -1, which
is an invalid value, which may lead to undefined behavior in
future calls, in the event that said future calls preform an operation
of the form;
if (gen_type == <VALID VALUE>) {
        do_stuff
else {
        do_other_stuff
}

Technically it is not correct to continue with the operations on the
gen context after failed parameters setting but this makes it more
predictable.

Fix it by assigning the result of a lookup to a stack variable, and only
update gctx->gen_value if the lookup returns a non-failing value

In leiu of testing this specific case, also add an ossl_assert in dh_gen
to validate the gen_val input prior to continuing, should other code
points attempt to do the same thing

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22991)


  Commit: 5056133cc7d6c52033c25b2e1f7762bcafcce760
      https://github.com/openssl/openssl/commit/5056133cc7d6c52033c25b2e1f7762bcafcce760
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-12-14 (Thu, 14 Dec 2023)

  Changed paths:
    M include/crypto/dsa.h
    M include/openssl/dh.h
    M providers/implementations/keymgmt/dh_kmgmt.c
    M providers/implementations/keymgmt/dsa_kmgmt.c

  Log Message:
  -----------
  Avoid setting gen_type to -1 in dsa_gen_set_params

gh_gen_type_common_set_params looks up a dsa contexts gen_type using
name2id, but if it returns error, we inadvertently set gctx->gen_type to
-1, which is an invalid value, which may lead to improper behavior in
future calls, in the event that said future calls preform an operation
of the form;
if (gen_type == <VALID VALUE>) {
        do_stuff
else {
        do_other_stuff
}

Technically it is not correct to continue with the operations on the
gen context after failed parameters setting but this makes it more
predictable.

Fix it by assigning the result of a lookup to a stack variable, and only
update gctx->gen_value if the lookup returns a non-failing value

In leiu of testing this specific case, also add an ossl_assert in dsa_gen
to validate the gen_val input prior to continuing, should other code
points attempt to do the same thing

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22991)


Compare: https://github.com/openssl/openssl/compare/260d97229c46...5056133cc7d6

More information about the openssl-commits mailing list