generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.

Browse Source 
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
                 rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.
This commit is contained in:
Richard Levitte 2003-04-16 06:25:21 +00:00
parent cd1226bc6a
commit 040c687ce4
2 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
crypto/rsa/rsa.h
View File

@ -162,11 +162,6 @@ struct rsa_st
#define RSA_FLAG_CACHE_PUBLIC 0x02 #define RSA_FLAG_CACHE_PUBLIC 0x02
#define RSA_FLAG_CACHE_PRIVATE 0x04 #define RSA_FLAG_CACHE_PRIVATE 0x04
#define RSA_FLAG_BLINDING 0x08 #define RSA_FLAG_BLINDING 0x08
#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in
* RSA implementation now uses blinding by
* default (ignoring RSA_FLAG_BLINDING),
* but other engines might not need it
*/
#define RSA_FLAG_THREAD_SAFE 0x10 #define RSA_FLAG_THREAD_SAFE 0x10
/* This flag means the private key operations will be handled by rsa_mod_exp /* This flag means the private key operations will be handled by rsa_mod_exp
* and that they do not depend on the private key components being present: * and that they do not depend on the private key components being present:
@ -179,7 +174,11 @@ struct rsa_st
*/ */
#define RSA_FLAG_SIGN_VER 0x40 #define RSA_FLAG_SIGN_VER 0x40
#define RSA_FLAG_NO_BLINDING 0x80 #define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in
* RSA implementation now uses blinding by
* default (ignoring RSA_FLAG_BLINDING),
* but other engines might not need it
*/
#define RSA_PKCS1_PADDING 1 #define RSA_PKCS1_PADDING 1
#define RSA_SSLV23_PADDING 2 #define RSA_SSLV23_PADDING 2

8
crypto/rsa/rsa_lib.c
View File

@ -316,7 +316,7 @@ void RSA_blinding_off(RSA *rsa)
int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
{ {
BIGNUM *A,*Ai; BIGNUM *A,*Ai = NULL;
BN_CTX *ctx; BN_CTX *ctx;
int ret=0; int ret=0;
@ -327,8 +327,12 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
else else
ctx=p_ctx; ctx=p_ctx;
/* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */
if (rsa->blinding != NULL) if (rsa->blinding != NULL)
{
BN_BLINDING_free(rsa->blinding); BN_BLINDING_free(rsa->blinding);
rsa->blinding = NULL;
}
/* NB: similar code appears in setup_blinding (rsa_eay.c); /* NB: similar code appears in setup_blinding (rsa_eay.c);
* this should be placed in a new function of its own, but for reasons * this should be placed in a new function of its own, but for reasons
@ -356,9 +360,9 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
rsa->blinding->thread_id = CRYPTO_thread_id(); rsa->blinding->thread_id = CRYPTO_thread_id();
rsa->flags |= RSA_FLAG_BLINDING; rsa->flags |= RSA_FLAG_BLINDING;
rsa->flags &= ~RSA_FLAG_NO_BLINDING; rsa->flags &= ~RSA_FLAG_NO_BLINDING;
BN_free(Ai);
ret=1; ret=1;
err: err:
if (Ai != NULL) BN_free(Ai);
BN_CTX_end(ctx); BN_CTX_end(ctx);
if (ctx != p_ctx) BN_CTX_free(ctx); if (ctx != p_ctx) BN_CTX_free(ctx);
return(ret); return(ret);