summaryrefslogtreecommitdiffstats
path: root/lib/libcrypto/dsa/dsa_ossl.c
diff options
context:
space:
mode:
authorjsing <jsing@openbsd.org>2018-06-14 17:14:12 +0000
committerjsing <jsing@openbsd.org>2018-06-14 17:14:12 +0000
commit011d7b9edaa43a1f2f03a611f194f512e0607d0c (patch)
treec74ce55a834541456ceeb4511fcc7548eab4bc90 /lib/libcrypto/dsa/dsa_ossl.c
parentCall DSA_SIG_new() instead of hand rolling the same. (diff)
downloadwireguard-openbsd-011d7b9edaa43a1f2f03a611f194f512e0607d0c.tar.xz
wireguard-openbsd-011d7b9edaa43a1f2f03a611f194f512e0607d0c.zip
Fix a potential leak/incorrect return value in DSA signature generation.
In the very unlikely case where we have to repeat the signature generation, the DSA_SIG return value has already been allocated. This will either result in a leak when we allocate again on the next iteration, or it will give a false success (with missing signature values) if any error occurs on the next iteration. ok tb@
Diffstat (limited to 'lib/libcrypto/dsa/dsa_ossl.c')
-rw-r--r--lib/libcrypto/dsa/dsa_ossl.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c
index 7c23bb4909e..d864875266e 100644
--- a/lib/libcrypto/dsa/dsa_ossl.c
+++ b/lib/libcrypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ossl.c,v 1.33 2018/06/13 18:01:04 jsing Exp $ */
+/* $OpenBSD: dsa_ossl.c,v 1.34 2018/06/14 17:14:12 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -146,9 +146,6 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
goto err;
- ret = DSA_SIG_new();
- if (ret == NULL)
- goto err;
/*
* Redo if r or s is zero as required by FIPS 186-3: this is very
* unlikely.
@@ -160,6 +157,11 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
}
goto redo;
}
+
+ if ((ret = DSA_SIG_new()) == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
ret->r = r;
ret->s = s;