mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-19 11:24:05 -05:00
OpenSSL: Fix memory leak in crypto_dh_derive_secret()
BN_clear() does not free the BIGNUM; it only clears its value. Fix this
memory leak by using the appropriate BN_clear_free() function instead.
Fixes: b11fa98bcb
("Add explicit checks for peer's DH public key")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
57ec74ea9b
commit
8925d2010d
@ -570,8 +570,8 @@ int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
|
|||||||
failed = !q || !ctx || !tmp ||
|
failed = !q || !ctx || !tmp ||
|
||||||
!BN_mod_exp(tmp, pub, q, p, ctx) ||
|
!BN_mod_exp(tmp, pub, q, p, ctx) ||
|
||||||
!BN_is_one(tmp);
|
!BN_is_one(tmp);
|
||||||
BN_clear(q);
|
BN_clear_free(q);
|
||||||
BN_clear(tmp);
|
BN_clear_free(tmp);
|
||||||
BN_CTX_free(ctx);
|
BN_CTX_free(ctx);
|
||||||
if (failed)
|
if (failed)
|
||||||
goto fail;
|
goto fail;
|
||||||
@ -580,8 +580,8 @@ int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
|
|||||||
res = crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len,
|
res = crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len,
|
||||||
prime, prime_len, secret, len);
|
prime, prime_len, secret, len);
|
||||||
fail:
|
fail:
|
||||||
BN_clear(pub);
|
BN_clear_free(pub);
|
||||||
BN_clear(p);
|
BN_clear_free(p);
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user