This memset() in the ubsec ENGINE is a bug. Zeroing out the result array

should not be necessary in any case, but more importantly the result and
input BIGNUMs could be the same, in which case this is clearly a problem.

Submitted by: Jonathan Hersch
Reviewed by: Joe Orton
Approved by: Geoff Thorpe

diff --git a/crypto/engine/hw_ubsec.c b/crypto/engine/hw_ubsec.c
index 6286dd851c61a2347b8e90c80592e9f804938b7a..5234a08a07bd7b78e6ee03b7f6690d3daef5c0da 100644 (file)
--- a/crypto/engine/hw_ubsec.c
+++ b/crypto/engine/hw_ubsec.c
@@ -561,7 +561,6 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL);
                return 0;
        }
-       memset(r->d, 0, BN_num_bytes(m));
 
        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
                fd = 0;