[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_17-2-gff19b
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_17-2-gff19ba8 |
Date: |
Thu, 08 Mar 2012 22:21:30 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=ff19ba8b9c5540e46ec876f264ffdbb92cfcf8c9
The branch, gnutls_2_12_x has been updated
via ff19ba8b9c5540e46ec876f264ffdbb92cfcf8c9 (commit)
from 2e5b226f2eaee6591aae3b35ad8fb0c4cc41a5b4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ff19ba8b9c5540e46ec876f264ffdbb92cfcf8c9
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Mar 8 23:26:50 2012 +0100
Fixed leaks in key generation and other cleanups. Patch by Tomas Mraz.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +++
lib/gcrypt/pk.c | 9 ---------
lib/gnutls_pk.c | 1 +
lib/x509/privkey.c | 19 +++++++++++--------
4 files changed, 15 insertions(+), 17 deletions(-)
diff --git a/NEWS b/NEWS
index 5935f79..68912a4 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,9 @@ Version 2.12.18 (unreleased)
** Corrected SRP-RSA ciphersuites when used under TLS 1.2.
+** Fixed leaks in key generation. Reported by Sam Varshavchik,
+patch by Tomas Mraz.
+
** API and ABI modifications:
No changes since last version.
diff --git a/lib/gcrypt/pk.c b/lib/gcrypt/pk.c
index 2ed7295..e3bedaf 100644
--- a/lib/gcrypt/pk.c
+++ b/lib/gcrypt/pk.c
@@ -627,7 +627,6 @@ _rsa_generate_params (bigint_t * resarr, int *resarr_len,
int bits)
int ret, i;
gcry_sexp_t parms, key, list;
- bigint_t tmp;
if (*resarr_len < RSA_PRIVATE_PARAMS)
{
@@ -733,14 +732,6 @@ _rsa_generate_params (bigint_t * resarr, int *resarr_len,
int bits)
*resarr_len = 6;
- tmp = _gnutls_mpi_alloc_like (resarr[0]);
- if (tmp == NULL)
- {
- gnutls_assert ();
- ret = GNUTLS_E_MEMORY_ERROR;
- goto cleanup;
- }
-
ret = _gnutls_calc_rsa_exp (resarr, 2 + *resarr_len);
if (ret < 0)
{
diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c
index 43d1893..0a58091 100644
--- a/lib/gnutls_pk.c
+++ b/lib/gnutls_pk.c
@@ -547,6 +547,7 @@ _generate_params (int algo, bigint_t * resarr, unsigned int
*resarr_len,
}
else
{
+ gnutls_pk_params_release(¶ms);
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index 593c9bc..41e6587 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -1462,16 +1462,17 @@ gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
{
case GNUTLS_PK_DSA:
ret = _gnutls_dsa_generate_params (key->params, ¶ms_len, bits);
- if (params_len != DSA_PRIVATE_PARAMS)
+ if (ret < 0)
{
gnutls_assert ();
- ret = GNUTLS_E_INTERNAL_ERROR;
+ return ret;
}
- if (ret < 0)
+ if (params_len != DSA_PRIVATE_PARAMS)
{
gnutls_assert ();
- return ret;
+ ret = GNUTLS_E_INTERNAL_ERROR;
+ goto cleanup;
}
ret = _gnutls_asn1_encode_dsa (&key->key, key->params);
@@ -1486,15 +1487,17 @@ gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
break;
case GNUTLS_PK_RSA:
ret = _gnutls_rsa_generate_params (key->params, ¶ms_len, bits);
- if (params_len != RSA_PRIVATE_PARAMS)
+ if (ret < 0)
{
gnutls_assert ();
- ret = GNUTLS_E_INTERNAL_ERROR;
+ return ret;
}
- if (ret < 0)
+
+ if (params_len != RSA_PRIVATE_PARAMS)
{
gnutls_assert ();
- return ret;
+ ret = GNUTLS_E_INTERNAL_ERROR;
+ goto cleanup;
}
ret = _gnutls_asn1_encode_rsa (&key->key, key->params);
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_17-2-gff19ba8,
Nikos Mavrogiannopoulos <=