diff options
author | Doug Hogan <[email protected]> | 2019-01-14 22:37:15 -0800 |
---|---|---|
committer | Doug Hogan <[email protected]> | 2019-01-14 22:53:50 -0800 |
commit | 4f0403027dfd109276823d32f10d85d7b3478ca8 (patch) | |
tree | 40f943c93b9c2aaa22a64313981bda963207f65b /lib/crypto/c_src | |
parent | 3b51e7933ba42b3299ba0678ce1b4d8a844064cd (diff) | |
download | otp-4f0403027dfd109276823d32f10d85d7b3478ca8.tar.gz otp-4f0403027dfd109276823d32f10d85d7b3478ca8.tar.bz2 otp-4f0403027dfd109276823d32f10d85d7b3478ca8.zip |
dh_p is referenced after dh_params owns it
* Need to keep a reference even though ownership was transfered to dh_params.
* Also, be more conservative and return atom_error where the original
code did.
Diffstat (limited to 'lib/crypto/c_src')
-rw-r--r-- | lib/crypto/c_src/dh.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/lib/crypto/c_src/dh.c b/lib/crypto/c_src/dh.c index bb87080d7b..d077007a52 100644 --- a/lib/crypto/c_src/dh.c +++ b/lib/crypto/c_src/dh.c @@ -27,6 +27,7 @@ ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar unsigned int mpint; /* 0 or 4 */ ERL_NIF_TERM head, tail; BIGNUM *dh_p = NULL; + BIGNUM *dh_p_shared; BIGNUM *dh_g = NULL; BIGNUM *priv_key_in = NULL; unsigned long len = 0; @@ -72,15 +73,16 @@ ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar /* Load dh_params with values to use by the generator. Mem mgmnt transfered from dh_p etc to dh_params */ if ((dh_params = DH_new()) == NULL) - goto err; + goto bad_arg; if (priv_key_in) { if (!DH_set0_key(dh_params, NULL, priv_key_in)) - goto err; + goto bad_arg; /* On success, dh_params owns priv_key_in */ priv_key_in = NULL; } if (!DH_set0_pqg(dh_params, dh_p, NULL, dh_g)) - goto err; + goto bad_arg; + dh_p_shared = dh_p; /* Don't free this because dh_params owns it */ /* On success, dh_params owns dh_p and dh_g */ dh_p = NULL; dh_g = NULL; @@ -88,13 +90,14 @@ ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar if (len) { int bn_len; - if ((bn_len = BN_num_bits(dh_p)) < 0) + if ((bn_len = BN_num_bits(dh_p_shared)) < 0) goto bad_arg; + dh_p_shared = NULL; /* dh_params owns the reference */ if (len >= (size_t)bn_len) goto bad_arg; if (!DH_set_length(dh_params, (long)len)) - goto err; + goto bad_arg; } #ifdef HAS_EVP_PKEY_CTX @@ -159,8 +162,11 @@ ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar goto done; bad_arg: - err: ret = enif_make_badarg(env); + goto done; + + err: + ret = atom_error; done: if (priv_key_in) |