X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fbn%2Fbn_rand.c;h=66a175c32a2155e3ddd29d2863ddda3907c26d6e;hb=d911097d7c93e4cfeab624b34d73fe51da158b69;hp=10964646f27ff9b1b830bffa071204d23bc3dc34;hpb=b196e7d936fb377d9c5b305748ac25ff0e53ef6d;p=oweals%2Fopenssl.git diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 10964646f2..66a175c32a 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -111,7 +111,7 @@ #include #include -#include "cryptlib.h" +#include "internal/cryptlib.h" #include "bn_lcl.h" #include #include @@ -122,6 +122,11 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) int ret = 0, bit, bytes, mask; time_t tim; + if (bits < 0 || (bits == 1 && top > 0)) { + BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL); + return 0; + } + if (bits == 0) { BN_zero(rnd); return 1; @@ -168,7 +173,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) } } - if (top != -1) { + if (top >= 0) { if (top) { if (bit == 0) { buf[0] = 1; @@ -187,10 +192,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) goto err; ret = 1; err: - if (buf != NULL) { - OPENSSL_cleanse(buf, bytes); - OPENSSL_free(buf); - } + OPENSSL_clear_free(buf, bytes); bn_check_top(rnd); return (ret); } @@ -313,7 +315,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, int ret = 0; k_bytes = OPENSSL_malloc(num_k_bytes); - if (!k_bytes) + if (k_bytes == NULL) goto err; /* We copy |priv| into a local buffer to avoid exposing its length. */ @@ -354,7 +356,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, ret = 1; err: - if (k_bytes) - OPENSSL_free(k_bytes); + OPENSSL_free(k_bytes); return ret; }