diff options
| author | Brent Cook <bcook@cvs.openbsd.org> | 2018-08-05 13:30:05 +0000 |
|---|---|---|
| committer | Brent Cook <bcook@cvs.openbsd.org> | 2018-08-05 13:30:05 +0000 |
| commit | 519384f7206219e8df94702b05278a3da8da059e (patch) | |
| tree | b8c751f8c9cebbe9de1bfe3883558ff603687e60 /lib/libcrypto | |
| parent | 38b8ce3790580c0138c7e065b476dc99d34e65bd (diff) | |
In RSA_padding_add_PKCS1_OAEP, dbmask needs to be freed on failure.
ok tb@
Diffstat (limited to 'lib/libcrypto')
| -rw-r--r-- | lib/libcrypto/rsa/rsa_oaep.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/libcrypto/rsa/rsa_oaep.c b/lib/libcrypto/rsa/rsa_oaep.c index cd7af203b76..a62927506ed 100644 --- a/lib/libcrypto/rsa/rsa_oaep.c +++ b/lib/libcrypto/rsa/rsa_oaep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_oaep.c,v 1.26 2017/01/29 17:49:23 beck Exp $ */ +/* $OpenBSD: rsa_oaep.c,v 1.27 2018/08/05 13:30:04 bcook Exp $ */ /* Written by Ulf Moeller. This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ @@ -72,14 +72,18 @@ RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, } if (MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, - SHA_DIGEST_LENGTH) < 0) + SHA_DIGEST_LENGTH) < 0) { + free(dbmask); return 0; + } for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) db[i] ^= dbmask[i]; if (MGF1(seedmask, SHA_DIGEST_LENGTH, db, - emlen - SHA_DIGEST_LENGTH) < 0) + emlen - SHA_DIGEST_LENGTH) < 0) { + free(dbmask); return 0; + } for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= seedmask[i]; |