diff options
author | Bodo Möller <bodo@openssl.org> | 2000-02-05 19:29:00 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2000-02-05 19:29:00 +0000 |
commit | 37e48b88adda9334fedf83e18f1bff72b4b9c8cf (patch) | |
tree | c5365692bc3f939dc08fcbcc5c09c58b4290409f /crypto/bn | |
parent | 6535eb1728a7d30673d0a95da5fd18126b7d0b71 (diff) |
Generate just one error code if iterated SSL_CTX_get() fails.
Avoid enabled 'assert()' in production library.
Diffstat (limited to 'crypto/bn')
-rw-r--r-- | crypto/bn/Makefile.ssl | 6 | ||||
-rw-r--r-- | crypto/bn/bn_ctx.c | 28 | ||||
-rw-r--r-- | crypto/bn/bn_err.c | 2 |
3 files changed, 31 insertions, 5 deletions
diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl index 94da20bd5a..3b7b29827c 100644 --- a/crypto/bn/Makefile.ssl +++ b/crypto/bn/Makefile.ssl @@ -185,6 +185,12 @@ bn_blind.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h bn_blind.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h bn_blind.o: ../../include/openssl/stack.h ../cryptlib.h bn_lcl.h +bn_ctx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +bn_ctx.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +bn_ctx.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +bn_ctx.o: ../../include/openssl/stack.h ../cryptlib.h bn_div.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_div.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 8b079e237f..f72b075ccf 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -54,6 +54,11 @@ * */ +#ifndef BN_CTX_DEBUG +# undef NDEBUG /* avoid conflicting definitions */ +# define NDEBUG +#endif + #include <stdio.h> #include <assert.h> #include "cryptlib.h" @@ -101,14 +106,21 @@ void BN_CTX_free(BN_CTX *ctx) void BN_CTX_start(BN_CTX *ctx) { - ctx->pos[ctx->depth++] = ctx->tos; + if (ctx->depth < BN_CTX_NUM_POS) + ctx->pos[ctx->depth] = ctx->tos; + ctx->depth++; } BIGNUM *BN_CTX_get(BN_CTX *ctx) { - if (ctx->tos >= BN_CTX_NUM) + if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM) { - BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); + if (!ctx->too_many) + { + BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); + /* disable error code until SSL_CTX_end is called: */ + ctx->too_many = 1; + } return NULL; } return (&(ctx->bn[ctx->tos++])); @@ -118,6 +130,14 @@ void BN_CTX_end(BN_CTX *ctx) { if (ctx == NULL) return; assert(ctx->depth > 0); + if (ctx->depth == 0) + /* should never happen, but we can tolerate it if not in + * debug mode (could be a 'goto err' in the calling function + * before BN_CTX_start was reached) */ + BN_CTX_start(ctx); + + ctx->too_many = 0; ctx->depth--; - ctx->tos = ctx->pos[ctx->depth]; + if (ctx->depth < BN_CTX_NUM_POS) + ctx->tos = ctx->pos[ctx->depth]; } diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index de3aaeb034..f3b9497dca 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -71,7 +71,7 @@ static ERR_STRING_DATA BN_str_functs[]= {ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"}, {ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"}, {ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"}, -{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_GET"}, +{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"}, {ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"}, {ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, {ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, |