mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Don't free the BIGNUM passed to BN_mpi2bn

Browse Source 
Commit 91fb42dd fixed a leak but introduced a problem where a parameter
is erroneously freed instead.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2016-04-28 19:53:08 +01:00
parent 098c1e3d14
commit b8f1c116a3
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
crypto/bn/bn_mpi.c
View File

@ -87,10 +87,11 @@ int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
return (num + 4 + ext);
}
BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain)
{
long len;
int neg = 0;
BIGNUM *a = NULL;
if (n < 4) {
BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
@ -103,8 +104,11 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
return NULL;
}
if (a == NULL)
if (ain == NULL)
a = BN_new();
else
a = ain;
if (a == NULL)
return NULL;
@ -117,7 +121,8 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
if ((*d) & 0x80)
neg = 1;
if (BN_bin2bn(d, (int)len, a) == NULL) {
BN_free(a);
if (ain == NULL)
BN_free(a);
return NULL;
}
a->neg = neg;