diff options
| author |   miod <miod@openbsd.org> | 2014-07-13 12:45:01 +0000 |
|---|---|---|
| committer | miod <miod@openbsd.org> | 2014-07-13 12:45:01 +0000 |
| commit | eb569843305aef54534838ba5b2f87ff5f447eb8 (patch) | |
| tree | 8a3debc3c6257e7ed2c09ebc4484222e26fb3c86 | |
| parent | make source vs. formatted guessing a bit more robust (diff) | |
| download | wireguard-openbsd-eb569843305aef54534838ba5b2f87ff5f447eb8.tar.xz wireguard-openbsd-eb569843305aef54534838ba5b2f87ff5f447eb8.zip | |
dsa_priv_decode(): only destroy the object we've created, and with the
appropriate function. Checking for privkey != NULL is not enough since
privkey points to a member of ndsa if ndsa != NULL.
dsa_priv_encode(): possible double free in error path.
| -rw-r--r-- | lib/libcrypto/dsa/dsa_ameth.c | 8 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/dsa/dsa_ameth.c | 8 |
2 files changed, 10 insertions, 6 deletions
diff --git a/lib/libcrypto/dsa/dsa_ameth.c b/lib/libcrypto/dsa/dsa_ameth.c index 7da4ac5695a..20839b6207e 100644 --- a/lib/libcrypto/dsa/dsa_ameth.c +++ b/lib/libcrypto/dsa/dsa_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ameth.c,v 1.13 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: dsa_ameth.c,v 1.14 2014/07/13 12:45:01 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -275,9 +275,10 @@ decerr: DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR); dsaerr: BN_CTX_free(ctx); - if (privkey) + if (ndsa) + sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); + else ASN1_INTEGER_free(privkey); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); DSA_free(dsa); return 0; } @@ -313,6 +314,7 @@ dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_INTEGER_free(prkey); + prkey = NULL; if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, params, dp, dplen)) diff --git a/lib/libssl/src/crypto/dsa/dsa_ameth.c b/lib/libssl/src/crypto/dsa/dsa_ameth.c index 7da4ac5695a..20839b6207e 100644 --- a/lib/libssl/src/crypto/dsa/dsa_ameth.c +++ b/lib/libssl/src/crypto/dsa/dsa_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ameth.c,v 1.13 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: dsa_ameth.c,v 1.14 2014/07/13 12:45:01 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -275,9 +275,10 @@ decerr: DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR); dsaerr: BN_CTX_free(ctx); - if (privkey) + if (ndsa) + sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); + else ASN1_INTEGER_free(privkey); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); DSA_free(dsa); return 0; } @@ -313,6 +314,7 @@ dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_INTEGER_free(prkey); + prkey = NULL; if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, params, dp, dplen)) |