[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems
Richard Levitte via RT
rt at openssl.org
Mon Apr 25 13:53:00 UTC 2016
I believe this PR fixes the issue for RSA, DSA and DH (they all share
the same concept).
https://github.com/openssl/openssl/pull/994
Cheers,
Richard
In message <rt-4.0.19-29510-1461591549-145.4518-6-0 at openssl.org> on Mon, 25 Apr 2016 13:39:09 +0000, Richard Levitte via RT <rt at openssl.org> said:
rt> In message <rt-4.0.19-29510-1461590378-1354.4518-6-0 at openssl.org> on Mon, 25 Apr 2016 13:19:38 +0000, "Salz, Rich via RT" <rt at openssl.org> said:
rt>
rt> rt> No, he means setting the same value twice. For example, making this change:
rt> rt> If (r=->n != n) BN_free(r->n);
rt> rt> If(r->e != e) BN_free(r->e);
rt> rt> If (r->d != d) BN_free(r->d);
rt> rt>
rt> rt> I agree it shouldn't happen, but do we want to protect against that? I could be convinced either way.
rt>
rt> Ah ok... sorry, I misread the intention.
rt>
rt> Agreed that we could make sure not to free the pointers in that case.
rt>
rt> Cheers,
rt> Richard
rt>
rt> --
rt> Richard Levitte levitte at openssl.org
rt> OpenSSL Project http://www.openssl.org/~levitte/
rt>
rt>
rt> --
rt> Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4518
rt> Please log in as guest with password guest if prompted
rt>
rt> --
rt> openssl-dev mailing list
rt> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
rt>
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4518
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list