[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

[Douglas E Engert]

Yes, there was an error in my example, the first line should have read:
RSA_get0_key(rsa, &n, &e, NULL);
The rsa was created in a different routine, so n and e were already set.



I am not the one freeing it is your RSA_set0_key that is doing the free.

Adding the test "if (n != rsa->n)" before the BN_free in the RSA_set0_key
would catch this.

If the intent of all these new routines it to make sure the data is consistent,
please consider adding the above test.

Without some change, it is going to catch many others too as they try and convert existing code.


On 4/26/2016 10:43 AM, Tomas Mraz wrote:
> On Út, 2016-04-26 at 10:16 -0500, Douglas E Engert wrote:
>> Let me update my response.
>> If I am reading GH#995 correctly it still has an issue if a user
>> does:
>>
>> RSA_get0_key(rsa, n, e, NULL); /* note this is a GET0 */
>> /* other stuff done, such as calculating d */
>> RSA_set0_key(rsa, n, e, d);
>>
>> rsa is left with n and e pointing to unallocated storage.
>
> This is programmer error in your code because the RSA_get0_key is
> documented to just return internal data and must not be freed. Thus
> you're not allowed to pass the returned values to RSA_set0_key().
>
> --
> Tomas Mraz
> No matter how far down the wrong road you've gone, turn back.
>                                                Turkish proverb
> (You'll never know whether the road is wrong though.)
>
>
>

-- 

  Douglas E. Engert  <DEEngert at gmail.com>