openssl: avoid NULL dereference in {DH,DSA,RSA}_size()

* ext/openssl/ossl_pkey_dh.c (ossl_dh_compute_key): Check that the DH has 'p' (the prime) before calling DH_size(). We can create a DH with no parameter but DH_size() does not check and dereferences NULL. [ruby-core:75720] [Bug #12428] * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_sign): Ditto. DSA_size() does not check dsa->q. * ext/openssl/ossl_pkey_rsa.c (ossl_rsa_public_encrypt, ossl_rsa_public_decrypt, ossl_rsa_private_encrypt, ossl_rsa_private_decrypt): Ditto. RSA_size() does not check rsa->n. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55175 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2016-05-26 05:24:58 +0000
committer: rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2016-05-26 05:24:58 +0000
commit: 2aebf3d0db2d15eac466bd2a25f0f0a9218230b4 (patch)
tree: 55b24a13d29ec6a9234cb8e17cc76a19c80850b5 /ext/openssl/ossl_pkey_dh.c
parent: 25e5ea16519939a97fdc7a9d6f53d4491709c342 (diff)
download: ruby-2aebf3d0db2d15eac466bd2a25f0f0a9218230b4.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/ext/openssl/ossl_pkey_dh.c b/ext/openssl/ossl_pkey_dh.c
index fd2b80497d..ac951a6e58 100644
--- a/ext/openssl/ossl_pkey_dh.c
+++ b/ext/openssl/ossl_pkey_dh.c
@@ -501,6 +501,8 @@ ossl_dh_compute_key(VALUE self, VALUE pub)
 
     GetPKeyDH(self, pkey);
     dh = pkey->pkey.dh;
+    if (!dh->p)
+	ossl_raise(eDHError, "incomplete DH");
     pub_key = GetBNPtr(pub);
     len = DH_size(dh);
     str = rb_str_new(0, len);
author	rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2016-05-26 05:24:58 +0000
committer	rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2016-05-26 05:24:58 +0000
commit	2aebf3d0db2d15eac466bd2a25f0f0a9218230b4 (patch)
tree	55b24a13d29ec6a9234cb8e17cc76a19c80850b5 /ext/openssl/ossl_pkey_dh.c
parent	25e5ea16519939a97fdc7a9d6f53d4491709c342 (diff)
download	ruby-2aebf3d0db2d15eac466bd2a25f0f0a9218230b4.tar.gz