mirror of
https://github.com/openssl/openssl.git
synced 2025-02-11 14:22:43 +08:00
1fa2bf9b18
The problem is, that it almost works to pass sig=NULL to the ECDSA_sign, ECDSA_sign_ex and DSA_sign, to compute the necessary space for the resulting signature. But since the ECDSA signature is non-deterministic (except when ECDSA_sign_setup/ECDSA_sign_ex are used) the resulting length may be different when the API is called again. This can easily cause random memory corruption. Several internal APIs had the same issue, but since they are never called with sig=NULL, it is better to make them return an error in that case, instead of making the code more complex. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23529) |
||
|---|---|---|
| .. | ||
| build.info | ||
| dsa_ameth.c | ||
| dsa_asn1.c | ||
| dsa_backend.c | ||
| dsa_check.c | ||
| dsa_depr.c | ||
| dsa_err.c | ||
| dsa_gen.c | ||
| dsa_key.c | ||
| dsa_lib.c | ||
| dsa_local.h | ||
| dsa_meth.c | ||
| dsa_ossl.c | ||
| dsa_pmeth.c | ||
| dsa_prn.c | ||
| dsa_sign.c | ||
| dsa_vrf.c | ||