diff options
author | Matt Caswell <matt@openssl.org> | 2016-04-27 12:59:19 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-04-28 13:13:09 +0100 |
commit | d71eb667c403d9781ef919794e29a79eb930ab88 (patch) | |
tree | 803d2fe79ce6ab5879cc504fae9a697dbbea7d82 /crypto/bn/bn_prime.c | |
parent | 91fb42ddbef7a88640d1a0f853c941c20df07de7 (diff) | |
download | openssl-d71eb667c403d9781ef919794e29a79eb930ab88.tar.gz |
Don't leak memory on error in BN_generate_prime_ex
In BN_generate_prime_ex() we do some sanity checks first and return
with an error if they fail. We should do that *before* allocating any
resources to avoid a memory leak.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/bn/bn_prime.c')
-rw-r--r-- | crypto/bn/bn_prime.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index a5887d96a8..e8eafbc34d 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -208,9 +208,6 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, prime_t *mods = NULL; int checks = BN_prime_checks_for_size(bits); - mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES); - if (mods == NULL) - goto err; if (bits < 2) { /* There are no prime numbers this small. */ BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL); @@ -221,6 +218,10 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, return 0; } + mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES); + if (mods == NULL) + goto err; + ctx = BN_CTX_new(); if (ctx == NULL) goto err; |