generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data.

Browse Source 
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.

This does have the impact of masking any *real* unitialised data reads in bn though.

Patch based on approach suggested by Rich Salz.

PR#3415

(cherry picked from commit 77747e2d9a5573b1dbc15e247ce18c03374c760c)
This commit is contained in:
Matt Caswell
2014-07-10 23:47:31 +01:00
parent 704422ce1e
commit 72370164c3
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/bn/bn_lib.c
View File

@@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE);
return(NULL);
}
#ifdef PURIFY
/* Valgrind complains in BN_consttime_swap because we process the whole
* array even if it's not initialised yet. This doesn't matter in that
* function - what's important is constant time operation (we're not
* actually going to use the data)
*/
memset(a, 0, sizeof(BN_ULONG)*words);
#endif
#if 1
B=b->d;
/* Check if the previous number needs to be copied */