[openssl/openssl] 2ce79d: OSSL_PARAM_BLD_push_BN_pad(): Allow NULL BIGNUM

Bernd Edlinger noreply at github.com
Tue Sep 5 10:53:16 UTC 2023 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 2ce79d97e338c8eaacf67ce2e1a1b0fb1c639f11
      https://github.com/openssl/openssl/commit/2ce79d97e338c8eaacf67ce2e1a1b0fb1c639f11
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2023-09-05 (Tue, 05 Sep 2023)

  Changed paths:
    M crypto/param_build.c

  Log Message:
  -----------
  OSSL_PARAM_BLD_push_BN_pad(): Allow NULL BIGNUM

This was supported previously and regressed
with commit 17898ec6011cc583c5af69ca8f25f5d165ff3e6a

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21945)


  Commit: a535e5b73fc374dbbef54d2629728e9602ecf6be
      https://github.com/openssl/openssl/commit/a535e5b73fc374dbbef54d2629728e9602ecf6be
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2023-09-05 (Tue, 05 Sep 2023)

  Changed paths:
    M test/param_build_test.c

  Log Message:
  -----------
  Test that NULL BIGNUM is supported in OSSL_PARAM_BLD_push_BN()

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21945)


  Commit: e2cf38d5751d6b48c8625b622c3765d0a39958d7
      https://github.com/openssl/openssl/commit/e2cf38d5751d6b48c8625b622c3765d0a39958d7
  Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
  Date:   2023-09-05 (Tue, 05 Sep 2023)

  Changed paths:
    M crypto/mem.c

  Log Message:
  -----------
  Fix internal memory leaks from OPENSSL_MALLOC_FAILURES

There is a rarely used feature that can be enabled
with `./config enable-crypto-mdebug` when additionally
the environment variable OPENSSL_MALLOC_FAILURES is used.
It turns out to be possible that CRYPTO_zalloc may
create a leak when the memory is allocated and then
the shouldfail happens, then the memory is lost.
Likewise when OPENSSL_realloc is used with size=0,
then the memory is to be free'd but here the shouldfail
check is too early, and the failure may prevent the
memory to be freed thus creating a bogus memory leak.

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21944)


Compare: https://github.com/openssl/openssl/compare/374945a9aa54...e2cf38d5751d

More information about the openssl-commits mailing list