diff options
author | 2018-06-14 17:14:12 +0000 | |
---|---|---|
committer | 2018-06-14 17:14:12 +0000 | |
commit | 011d7b9edaa43a1f2f03a611f194f512e0607d0c (patch) | |
tree | c74ce55a834541456ceeb4511fcc7548eab4bc90 /lib/libcrypto/dsa/dsa_ossl.c | |
parent | Call DSA_SIG_new() instead of hand rolling the same. (diff) | |
download | wireguard-openbsd-011d7b9edaa43a1f2f03a611f194f512e0607d0c.tar.xz wireguard-openbsd-011d7b9edaa43a1f2f03a611f194f512e0607d0c.zip |
Fix a potential leak/incorrect return value in DSA signature generation.
In the very unlikely case where we have to repeat the signature generation,
the DSA_SIG return value has already been allocated. This will either
result in a leak when we allocate again on the next iteration, or it
will give a false success (with missing signature values) if any error
occurs on the next iteration.
ok tb@
Diffstat (limited to 'lib/libcrypto/dsa/dsa_ossl.c')
-rw-r--r-- | lib/libcrypto/dsa/dsa_ossl.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c index 7c23bb4909e..d864875266e 100644 --- a/lib/libcrypto/dsa/dsa_ossl.c +++ b/lib/libcrypto/dsa/dsa_ossl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ossl.c,v 1.33 2018/06/13 18:01:04 jsing Exp $ */ +/* $OpenBSD: dsa_ossl.c,v 1.34 2018/06/14 17:14:12 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -146,9 +146,6 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) goto err; - ret = DSA_SIG_new(); - if (ret == NULL) - goto err; /* * Redo if r or s is zero as required by FIPS 186-3: this is very * unlikely. @@ -160,6 +157,11 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) } goto redo; } + + if ((ret = DSA_SIG_new()) == NULL) { + reason = ERR_R_MALLOC_FAILURE; + goto err; + } ret->r = r; ret->s = s; |