diff options
author | Paul Bakker <p.j.bakker@polarssl.org> | 2013-01-03 10:50:31 +0100 |
---|---|---|
committer | Paul Bakker <p.j.bakker@polarssl.org> | 2013-01-03 10:50:31 +0100 |
commit | 40628bad98973fb7270b6822924086c4d27b3b79 (patch) | |
tree | 89a8faf5c5006bf7fc87249e9bea4cd91dd59151 | |
parent | 34558735d237335a162525a6d4ea474da06cad56 (diff) | |
download | mbedtls-40628bad98973fb7270b6822924086c4d27b3b79.zip mbedtls-40628bad98973fb7270b6822924086c4d27b3b79.tar.gz mbedtls-40628bad98973fb7270b6822924086c4d27b3b79.tar.bz2 |
Memory leak when using RSA_PKCS_V21 operations fixed
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | library/rsa.c | 11 |
2 files changed, 11 insertions, 4 deletions
@@ -1,5 +1,9 @@ PolarSSL ChangeLog += Version Master +Bugfix + * Memory leak when using RSA_PKCS_V21 operations fixed + = Version 1.2.3 released 2012-11-26 Bugfix * Server not always sending correct CertificateRequest message diff --git a/library/rsa.c b/library/rsa.c index 637c23a..5d7129a 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -440,7 +440,6 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); memset( output, 0, olen ); - memset( &md_ctx, 0, sizeof( md_context_t ) ); md_init_ctx( &md_ctx, md_info ); @@ -470,6 +469,8 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, // mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1, &md_ctx ); + + md_free_ctx( &md_ctx ); break; #endif @@ -566,7 +567,6 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); hlen = md_get_size( md_info ); - memset( &md_ctx, 0, sizeof( md_context_t ) ); md_init_ctx( &md_ctx, md_info ); @@ -585,6 +585,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, &md_ctx ); p += hlen; + md_free_ctx( &md_ctx ); // Check validity // @@ -798,7 +799,6 @@ int rsa_pkcs1_sign( rsa_context *ctx, return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); memset( sig, 0, olen ); - memset( &md_ctx, 0, sizeof( md_context_t ) ); md_init_ctx( &md_ctx, md_info ); @@ -834,6 +834,8 @@ int rsa_pkcs1_sign( rsa_context *ctx, // mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx ); + md_free_ctx( &md_ctx ); + msb = mpi_msb( &ctx->N ) - 1; sig[0] &= 0xFF >> ( olen * 8 - msb ); @@ -1012,7 +1014,6 @@ int rsa_pkcs1_verify( rsa_context *ctx, hlen = md_get_size( md_info ); slen = siglen - hlen - 1; - memset( &md_ctx, 0, sizeof( md_context_t ) ); memset( zeros, 0, 8 ); md_init_ctx( &md_ctx, md_info ); @@ -1054,6 +1055,8 @@ int rsa_pkcs1_verify( rsa_context *ctx, md_update( &md_ctx, p, slen ); md_finish( &md_ctx, result ); + md_free_ctx( &md_ctx ); + if( memcmp( p + slen, result, hlen ) == 0 ) return( 0 ); else |