diff options
author | Agustin Gianni <agustingianni@gmail.com> | 2021-01-08 16:04:05 +0100 |
---|---|---|
committer | Tomas Mraz <tmraz@fedoraproject.org> | 2021-01-13 10:35:27 +0100 |
commit | 48116c2d0fbb1db875e2bc703c08089bf3c5c5c3 (patch) | |
tree | b9e4c9474bb26c9f32db06c3ffbf5ae6164b0f29 /crypto/ec | |
parent | 1dccccf33351a732dac3c700b2de05d34f708e33 (diff) |
Fix incorrect use of BN_CTX API
In some edge cases BN_CTX_end was being called without first calling
BN_CTX_start. This creates a situation where the state of the big
number allocator is corrupted and may lead to crashes.
Fixes #13812
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13813)
Diffstat (limited to 'crypto/ec')
-rw-r--r-- | crypto/ec/ec_mult.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 87b9eab604..98bcab2321 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -835,6 +835,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) EC_POINT **points = NULL; EC_PRE_COMP *pre_comp; int ret = 0; + int used_ctx = 0; #ifndef FIPS_MODULE BN_CTX *new_ctx = NULL; #endif @@ -858,6 +859,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) goto err; BN_CTX_start(ctx); + used_ctx = 1; order = EC_GROUP_get0_order(group); if (order == NULL) @@ -967,7 +969,8 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) ret = 1; err: - BN_CTX_end(ctx); + if (used_ctx) + BN_CTX_end(ctx); #ifndef FIPS_MODULE BN_CTX_free(new_ctx); #endif |