artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fc5fee5)
with the first bug it uncovered fixed, clear all bignums again.
authortedu <tedu@openbsd.org>
Wed, 7 May 2014 21:09:03 +0000 (21:09 +0000)
committertedu <tedu@openbsd.org>
Wed, 7 May 2014 21:09:03 +0000 (21:09 +0000)
i've never worked on codebase so resistant to efforts to improve it.

lib/libcrypto/bn/bn_lib.c patch | blob | history
lib/libssl/src/crypto/bn/bn_lib.c patch | blob | history

diff --git a/lib/libcrypto/bn/bn_lib.c b/lib/libcrypto/bn/bn_lib.c
index 6ec9282..7ae14ee 100644 (file)
--- a/lib/libcrypto/bn/bn_lib.c
+++ b/lib/libcrypto/bn/bn_lib.c
@@ -225,22 +225,11 @@ void BN_clear_free(BIGNUM *a)
                free(a);
        }
 
-void BN_free(BIGNUM *a)
-       {
-       if (a == NULL) return;
-       bn_check_top(a);
-       if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
-               free(a->d);
-       if (a->flags & BN_FLG_MALLOCED)
-               free(a);
-       else
-               {
-#ifndef OPENSSL_NO_DEPRECATED
-               a->flags|=BN_FLG_FREE;
-#endif
-               a->d = NULL;
-               }
-       }
+void
+BN_free(BIGNUM *a)
+{
+       BN_clear_free(a);
+}
 
 void BN_init(BIGNUM *a)
        {
@@ -399,7 +388,10 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
                {
                BN_ULONG *a = bn_expand_internal(b, words);
                if(!a) return NULL;
-               if(b->d) free(b->d);
+               if(b->d) {
+                       OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0]));
+                       free(b->d);
+               }
                b->d=a;
                b->dmax=words;
                }
diff --git a/lib/libssl/src/crypto/bn/bn_lib.c b/lib/libssl/src/crypto/bn/bn_lib.c
index 6ec9282..7ae14ee 100644 (file)
--- a/lib/libssl/src/crypto/bn/bn_lib.c
+++ b/lib/libssl/src/crypto/bn/bn_lib.c
@@ -225,22 +225,11 @@ void BN_clear_free(BIGNUM *a)
                free(a);
        }
 
-void BN_free(BIGNUM *a)
-       {
-       if (a == NULL) return;
-       bn_check_top(a);
-       if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA)))
-               free(a->d);
-       if (a->flags & BN_FLG_MALLOCED)
-               free(a);
-       else
-               {
-#ifndef OPENSSL_NO_DEPRECATED
-               a->flags|=BN_FLG_FREE;
-#endif
-               a->d = NULL;
-               }
-       }
+void
+BN_free(BIGNUM *a)
+{
+       BN_clear_free(a);
+}
 
 void BN_init(BIGNUM *a)
        {
@@ -399,7 +388,10 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
                {
                BN_ULONG *a = bn_expand_internal(b, words);
                if(!a) return NULL;
-               if(b->d) free(b->d);
+               if(b->d) {
+                       OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0]));
+                       free(b->d);
+               }
                b->d=a;
                b->dmax=words;
                }
OpenBSD src
by Ahmet Artu Yildirim