diff options
author | Matt Caswell <matt@openssl.org> | 2016-04-28 19:53:08 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-04-29 09:05:23 +0100 |
commit | b8f1c116a357285ccb4905cd88c83f5076bafb52 (patch) | |
tree | d50465dd92dcb198123ed27d6c6c4a6e9d51820c /crypto/bn | |
parent | 098c1e3d1425ffdad15e6001b4fc9f2a606f3d83 (diff) |
Don't free the BIGNUM passed to BN_mpi2bn
Commit 91fb42dd fixed a leak but introduced a problem where a parameter
is erroneously freed instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/bn')
-rw-r--r-- | crypto/bn/bn_mpi.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c index 86d96750b9..cb8f0b8dca 100644 --- a/crypto/bn/bn_mpi.c +++ b/crypto/bn/bn_mpi.c @@ -87,10 +87,11 @@ int BN_bn2mpi(const BIGNUM *a, unsigned char *d) return (num + 4 + ext); } -BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) +BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain) { long len; int neg = 0; + BIGNUM *a = NULL; if (n < 4) { BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH); @@ -103,8 +104,11 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) return NULL; } - if (a == NULL) + if (ain == NULL) a = BN_new(); + else + a = ain; + if (a == NULL) return NULL; @@ -117,7 +121,8 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a) if ((*d) & 0x80) neg = 1; if (BN_bin2bn(d, (int)len, a) == NULL) { - BN_free(a); + if (ain == NULL) + BN_free(a); return NULL; } a->neg = neg; |