Detect symmetric crypto errors in PKCS7_decrypt.

[oweals/openssl.git] / crypto / dsa / dsa_lib.c

diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index b9825791bab46e8ea0358026c91e3a3631e14289..c9b25a05612bd331d6296e19ddf9aeccac66684e 100644 (file)
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -70,7 +70,7 @@
 #include <openssl/dh.h>
 #endif
 
-const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
+const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
 
 static const DSA_METHOD *default_DSA_method = NULL;
 
@@ -163,7 +163,7 @@ DSA *DSA_new_method(ENGINE *engine)
        ret->method_mont_p=NULL;
 
        ret->references=1;
-       ret->flags=ret->meth->flags;
+       ret->flags=ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
        if ((ret->meth->init != NULL) && !ret->meth->init(ret))
                {
@@ -276,7 +276,8 @@ void *DSA_get_ex_data(DSA *d, int idx)
 DH *DSA_dup_DH(const DSA *r)
        {
        /* DSA has p, q, g, optional pub_key, optional priv_key.
-        * DH has p, optional length, g, optional pub_key, optional priv_key.
+        * DH has p, optional length, g, optional pub_key, optional priv_key,
+        * optional q.
         */ 
 
        DH *ret = NULL;
@@ -290,7 +291,11 @@ DH *DSA_dup_DH(const DSA *r)
                if ((ret->p = BN_dup(r->p)) == NULL)
                        goto err;
        if (r->q != NULL)
+               {
                ret->length = BN_num_bits(r->q);
+               if ((ret->q = BN_dup(r->q)) == NULL)
+                       goto err;
+               }
        if (r->g != NULL)
                if ((ret->g = BN_dup(r->g)) == NULL)
                        goto err;