min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1152 from thomaswhiteway/ecdsa_sig_set0_leak 

Free r and s on ECDSA_SIG before overwriting them in ECDSA_SIG_set0
This commit is contained in:
Steven Fackler 2019-09-06 09:20:33 -04:00 committed by GitHub
parent 8b2c370b86 106d613805
commit 9780fd6ba2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openssl/src/ecdsa.rs
View File

@ -108,7 +108,7 @@ impl EcdsaSig {
/// Decodes a DER-encoded ECDSA signature. /// Decodes a DER-encoded ECDSA signature.
/// ///
/// This corresponds to [`d2i_ECDSA_SIG`]. /// This corresponds to [`d2i_ECDSA_SIG`].
/// ///
/// [`d2i_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_ECDSA_SIG.html /// [`d2i_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_ECDSA_SIG.html
from_der, from_der,
EcdsaSig, EcdsaSig,
@ -121,7 +121,7 @@ impl EcdsaSigRef {
/// Serializes the ECDSA signature into a DER-encoded ECDSASignature structure. /// Serializes the ECDSA signature into a DER-encoded ECDSASignature structure.
/// ///
/// This corresponds to [`i2d_ECDSA_SIG`]. /// This corresponds to [`i2d_ECDSA_SIG`].
/// ///
/// [`i2d_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_ECDSA_SIG.html /// [`i2d_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_ECDSA_SIG.html
to_der, to_der,
ffi::i2d_ECDSA_SIG ffi::i2d_ECDSA_SIG
@ -138,6 +138,11 @@ cfg_if! {
r: *mut ffi::BIGNUM, r: *mut ffi::BIGNUM,
s: *mut ffi::BIGNUM, s: *mut ffi::BIGNUM,
) -> c_int { ) -> c_int {
if r.is_null() || s.is_null() {
return 0;
}
ffi::BN_clear_free((*sig).r);
ffi::BN_clear_free((*sig).s);
(*sig).r = r; (*sig).r = r;
(*sig).s = s; (*sig).s = s;
1 1