diff options
| author |   djm <djm@openbsd.org> | 2018-08-04 00:55:06 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2018-08-04 00:55:06 +0000 |
| commit | 5d67f2c4e9ba52e0cb9a514ed61019b919c72212 (patch) | |
| tree | f91816b0ff7080ee3c6d1cc17fa4cb1436117008 | |
| parent | Uncomment no-longer-dead Xr. (diff) | |
| download | wireguard-openbsd-5d67f2c4e9ba52e0cb9a514ed61019b919c72212.tar.xz wireguard-openbsd-5d67f2c4e9ba52e0cb9a514ed61019b919c72212.zip | |
invalidate dh->priv_key after freeing it in error path; avoids
unlikely double-free later. Reported by Viktor Dukhovni via
https://github.com/openssh/openssh-portable/pull/96
feedback jsing@ tb@
| -rw-r--r-- | usr.bin/ssh/dh.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c index 9ebde8f7a0f..4b55d18b011 100644 --- a/usr.bin/ssh/dh.c +++ b/usr.bin/ssh/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.65 2018/06/26 11:23:59 millert Exp $ */ +/* $OpenBSD: dh.c,v 1.66 2018/08/04 00:55:06 djm Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -275,6 +275,7 @@ dh_gen_key(DH *dh, int need) if (DH_generate_key(dh) == 0 || !dh_pub_is_valid(dh, dh->pub_key)) { BN_clear_free(dh->priv_key); + dh->priv_key = NULL; return SSH_ERR_LIBCRYPTO_ERROR; } return 0; |