[openssl/openssl] d1e1a8: Fix incorrect error branch in ossl_bn_rsa_fips186_...

Niels Dossche noreply at github.com
Mon Feb 20 15:26:24 UTC 2023


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: d1e1a8feeb749a9d80721c357cabe6faa0d61611
      https://github.com/openssl/openssl/commit/d1e1a8feeb749a9d80721c357cabe6faa0d61611
  Author: ndossche <niels.dossche at ugent.be>
  Date:   2023-02-20 (Mon, 20 Feb 2023)

  Changed paths:
    M crypto/bn/bn_rsa_fips186_4.c

  Log Message:
  -----------
  Fix incorrect error branch in ossl_bn_rsa_fips186_4_derive_prime()

BN_priv_rand_range_ex() and BN_add() both return a 0 on failure and a 1
on success. In case of failure, the algorithm should fail. However, the
branch that it goes through on failure is "goto end", not "goto err".
Therefore, the algorithm will return 1 which indicates success instead
of 0 for failure, leading to potential problems for the callers.
Fix it by changing the goto to "goto err" instead of "goto end".

CLA: trivial

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Todd Short <todd.short at me.com>
(Merged from https://github.com/openssl/openssl/pull/20279)

(cherry picked from commit 835b90a19cdb2901cdba8a26955ccaacf0d73062)




More information about the openssl-commits mailing list