Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
authorRichard Levitte <levitte@openssl.org>
Wed, 16 Apr 2003 06:25:25 +0000 (06:25 +0000)
committerRichard Levitte <levitte@openssl.org>
Wed, 16 Apr 2003 06:25:25 +0000 (06:25 +0000)
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
                 rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.

crypto/rsa/rsa.h
crypto/rsa/rsa_lib.c

index ffe00aeadc03c6e69597dc2b8e9058bcbfc318dd..160e2b81c71086636112709324e35b14fbdeb6ab 100644 (file)
@@ -152,11 +152,6 @@ struct rsa_st
 #define RSA_FLAG_CACHE_PUBLIC          0x02
 #define RSA_FLAG_CACHE_PRIVATE         0x04
 #define RSA_FLAG_BLINDING              0x08
-#define RSA_FLAG_NO_BLINDING           0x80 /* new with 0.9.6j and 0.9.7b; the built-in
-                                              * RSA implementation now uses blinding by
-                                              * default (ignoring RSA_FLAG_BLINDING),
-                                              * but other engines might not need it
-                                              */
 #define RSA_FLAG_THREAD_SAFE           0x10
 /* This flag means the private key operations will be handled by rsa_mod_exp
  * and that they do not depend on the private key components being present:
@@ -169,7 +164,11 @@ struct rsa_st
  */
 #define RSA_FLAG_SIGN_VER              0x40
 
-#define RSA_FLAG_NO_BLINDING           0x80
+#define RSA_FLAG_NO_BLINDING           0x80 /* new with 0.9.6j and 0.9.7b; the built-in
+                                              * RSA implementation now uses blinding by
+                                              * default (ignoring RSA_FLAG_BLINDING),
+                                              * but other engines might not need it
+                                              */
 
 #define RSA_PKCS1_PADDING      1
 #define RSA_SSLV23_PADDING     2
index c7587ec609096de3d8114433886d55c06c4d4f55..9f88dcc18bc4c90d2bb0e922b134152dcc533b14 100644 (file)
@@ -260,7 +260,7 @@ void RSA_blinding_off(RSA *rsa)
 
 int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
        {
-       BIGNUM *A,*Ai;
+       BIGNUM *A,*Ai = NULL;
        BN_CTX *ctx;
        int ret=0;
 
@@ -271,8 +271,12 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
        else
                ctx=p_ctx;
 
+       /* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */
        if (rsa->blinding != NULL)
+               {
                BN_BLINDING_free(rsa->blinding);
+               rsa->blinding = NULL;
+               }
 
        /* NB: similar code appears in setup_blinding (rsa_eay.c);
         * this should be placed in a new function of its own, but for reasons
@@ -300,9 +304,9 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
        rsa->blinding->thread_id = CRYPTO_thread_id();
        rsa->flags |= RSA_FLAG_BLINDING;
        rsa->flags &= ~RSA_FLAG_NO_BLINDING;
-       BN_free(Ai);
        ret=1;
 err:
+       if (Ai != NULL) BN_free(Ai);
        BN_CTX_end(ctx);
        if (ctx != p_ctx) BN_CTX_free(ctx);
        return(ret);