diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-07-31 20:52:43 +0200 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-07-31 21:47:52 +0200 |
commit | e670db0183079b5f6325ce2abd9d785e0f966890 (patch) | |
tree | 4b4807e32949a6a49ae984e772d0b1fbb8eaf311 /crypto/rsa | |
parent | b93a295a36efe06fd767c8109220c9df739c2c3a (diff) | |
download | openssl-e670db0183079b5f6325ce2abd9d785e0f966890.tar.gz |
Fix an information leak in the RSA padding check code.
The memory blocks contain secret data and must be
cleared before returning to the system heap.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4062)
Diffstat (limited to 'crypto/rsa')
-rw-r--r-- | crypto/rsa/rsa_oaep.c | 6 | ||||
-rw-r--r-- | crypto/rsa/rsa_pk1.c | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index d583d236ee..d4de71dfde 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -117,7 +117,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { - int i, dblen, mlen = -1, one_index = 0, msg_index; + int i, dblen = 0, mlen = -1, one_index = 0, msg_index; unsigned int good, found_one_byte; const unsigned char *maskedseed, *maskeddb; /* @@ -234,8 +234,8 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1, RSA_R_OAEP_DECODING_ERROR); cleanup: - OPENSSL_free(db); - OPENSSL_free(em); + OPENSSL_clear_free(db, dblen); + OPENSSL_clear_free(em, num); return mlen; } diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 5bc91c46d5..aeeb32c2dc 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -235,7 +235,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, memcpy(to, em + msg_index, mlen); err: - OPENSSL_free(em); + OPENSSL_clear_free(em, num); if (mlen == -1) RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, RSA_R_PKCS_DECODING_ERROR); |