Submitted by: Nils Larsch <nla@trustcenter.de>
PR: 459
Changes between 0.9.7 and 0.9.7a [XX xxx 2003]
+ *) DSA routines: under certain error conditions uninitialized BN objects
+ could be freed. Solution: make sure initialization is performed early
+ enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
+ Nils Larsch <nla@trustcenter.de> via PR#459)
+ [Lutz Jaenicke]
+
*) Another fix for SSLv2 session ID handling: the session ID was incorrectly
checked on reconnect on the client side, therefore session resumption
could still fail with a "ssl session id is different" error. This
int i,reason=ERR_R_BN_LIB;
DSA_SIG *ret=NULL;
+ BN_init(&m);
+ BN_init(&xr);
+
if (!dsa->p || !dsa->q || !dsa->g)
{
reason=DSA_R_MISSING_PARAMETERS;
goto err;
}
- BN_init(&m);
- BN_init(&xr);
+
s=BN_new();
if (s == NULL) goto err;
DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
return 0;
}
+
+ BN_init(&k);
+
if (ctx_in == NULL)
{
if ((ctx=BN_CTX_new()) == NULL) goto err;
else
ctx=ctx_in;
- BN_init(&k);
if ((r=BN_new()) == NULL) goto err;
kinv=NULL;
return -1;
}
- if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&u1);
BN_init(&u2);
BN_init(&t1);
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+
if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
{
ret = 0;
projects / oweals / openssl.git / commitdiff