diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2003-01-15 14:54:59 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2003-01-15 14:54:59 +0000 |
commit | a74333f90509a3bb48c1d604ed20237e7746aff2 (patch) | |
tree | bab2cf353a7c6e1a76116d3625eb25a5f57fbfc6 /crypto/dsa/dsa_ossl.c | |
parent | 365e14622a810d619f78f1f683580a7d2a353f60 (diff) |
Fix initialization sequence to prevent freeing of unitialized objects.
Submitted by: Nils Larsch <nla@trustcenter.de>
PR: 459
Diffstat (limited to 'crypto/dsa/dsa_ossl.c')
-rw-r--r-- | crypto/dsa/dsa_ossl.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 313c06fa3f..70d60d9e29 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -108,13 +108,15 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) int i,reason=ERR_R_BN_LIB; DSA_SIG *ret=NULL; + BN_init(&m); + BN_init(&xr); + if (!dsa->p || !dsa->q || !dsa->g) { reason=DSA_R_MISSING_PARAMETERS; goto err; } - BN_init(&m); - BN_init(&xr); + s=BN_new(); if (s == NULL) goto err; @@ -180,6 +182,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); return 0; } + + BN_init(&k); + if (ctx_in == NULL) { if ((ctx=BN_CTX_new()) == NULL) goto err; @@ -187,7 +192,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) else ctx=ctx_in; - BN_init(&k); if ((r=BN_new()) == NULL) goto err; kinv=NULL; @@ -243,11 +247,12 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, return -1; } - if ((ctx=BN_CTX_new()) == NULL) goto err; BN_init(&u1); BN_init(&u2); BN_init(&t1); + if ((ctx=BN_CTX_new()) == NULL) goto err; + if (BN_is_zero(sig->r) || BN_get_sign(sig->r) || BN_ucmp(sig->r, dsa->q) >= 0) { |