From 52d22fd75a470a5df94fdb4fe83c70bb9580a74a Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 12 Aug 2023 07:50:47 +0000 Subject: [PATCH] Free {priv,pub}_key before assigning to it While it isn't the case for the default implementations, custom DH and DSA methods could conceivably populate private and public keys, which in turn would result in leaks in the pub/priv decode methods. ok jsing --- lib/libcrypto/dh/dh_ameth.c | 4 +++- lib/libcrypto/dsa/dsa_ameth.c | 5 ++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/libcrypto/dh/dh_ameth.c b/lib/libcrypto/dh/dh_ameth.c index 88fec6bf4ac..ec9fe43d2b2 100644 --- a/lib/libcrypto/dh/dh_ameth.c +++ b/lib/libcrypto/dh/dh_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_ameth.c,v 1.37 2023/08/12 07:43:48 tb Exp $ */ +/* $OpenBSD: dh_ameth.c,v 1.38 2023/08/12 07:50:47 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -111,6 +111,7 @@ dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) DHerror(DH_R_DECODE_ERROR); goto err; } + BN_free(dh->pub_key); if ((dh->pub_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { DHerror(DH_R_BN_DECODE_ERROR); goto err; @@ -223,6 +224,7 @@ dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) DHerror(DH_R_DECODE_ERROR); goto err; } + BN_free(dh->priv_key); if ((dh->priv_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { DHerror(DH_R_BN_DECODE_ERROR); goto err; diff --git a/lib/libcrypto/dsa/dsa_ameth.c b/lib/libcrypto/dsa/dsa_ameth.c index 83fdf2129f1..d6b0546c040 100644 --- a/lib/libcrypto/dsa/dsa_ameth.c +++ b/lib/libcrypto/dsa/dsa_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ameth.c,v 1.53 2023/08/12 07:46:14 tb Exp $ */ +/* $OpenBSD: dsa_ameth.c,v 1.54 2023/08/12 07:50:47 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -114,6 +114,7 @@ dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) DSAerror(DSA_R_DECODE_ERROR); goto err; } + BN_free(dsa->pub_key); if ((dsa->pub_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { DSAerror(DSA_R_BN_DECODE_ERROR); goto err; @@ -236,6 +237,7 @@ dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) DSAerror(DSA_R_DECODE_ERROR); goto err; } + BN_free(dsa->priv_key); if ((dsa->priv_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { DSAerror(DSA_R_BN_DECODE_ERROR); goto err; @@ -246,6 +248,7 @@ dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) goto err; /* Calculate public key */ + BN_free(dsa->pub_key); if ((dsa->pub_key = BN_new()) == NULL) { DSAerror(ERR_R_MALLOC_FAILURE); goto err; -- 2.20.1