diff options
author | Bodo Möller <bodo@openssl.org> | 2010-02-23 10:36:41 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2010-02-23 10:36:41 +0000 |
commit | 3e4da3f7cbb728cf6574c164954c45070c1776a6 (patch) | |
tree | adeb2cc0b208a0966b130a253a3b820cc90f540e /engines/e_ubsec.c | |
parent | 53b5d04715b6718bb4e609b7bd887495a480d8e5 (diff) |
Always check bn_wexpend() return values for failure (CVE-2009-3245).
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)
Submitted by: Neel Mehta
Diffstat (limited to 'engines/e_ubsec.c')
-rw-r--r-- | engines/e_ubsec.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c index e8389de6a1..a0f320caf5 100644 --- a/engines/e_ubsec.c +++ b/engines/e_ubsec.c @@ -934,7 +934,7 @@ static int ubsec_dh_generate_key(DH *dh) priv_key = BN_new(); if (priv_key == NULL) goto err; priv_key_len = BN_num_bits(dh->p); - bn_wexpand(priv_key, dh->p->top); + if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err; do if (!BN_rand_range(priv_key, dh->p)) goto err; while (BN_is_zero(priv_key)); @@ -949,7 +949,7 @@ static int ubsec_dh_generate_key(DH *dh) { pub_key = BN_new(); pub_key_len = BN_num_bits(dh->p); - bn_wexpand(pub_key, dh->p->top); + if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err; if(pub_key == NULL) goto err; } else |