From: Geoff Thorpe Date: Tue, 9 Mar 2004 03:47:35 +0000 (+0000) Subject: More changes coming out of the bignum auditing. BN_CTX_get() should ideally X-Git-Tag: LEVITTE_before_const~10 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=e7716b7a197d551a22dfdb4df6021db8e92bae5d More changes coming out of the bignum auditing. BN_CTX_get() should ideally return a "zero" bignum as BN_new() does - so reset 'top'. During BN_CTX_end(), released bignums should be consistent so enforce this in debug builds. Also, reduce the number of wasted BN_clear_free() calls from BN_CTX_end() (typically by 75% or so). Submitted by: Nils Larsch Reviewed by: Geoff Thorpe, Ulf Möller --- diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 7b5be7c435..9366ce6d7f 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -123,7 +123,8 @@ void BN_CTX_free(BN_CTX *ctx) for (i=0; i < BN_CTX_NUM; i++) { bn_check_top(&(ctx->bn[i])); - BN_clear_free(&(ctx->bn[i])); + if (ctx->bn[i].d) + BN_clear_free(&(ctx->bn[i])); } if (ctx->flags & BN_FLG_MALLOCED) OPENSSL_free(ctx); @@ -154,7 +155,8 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx) } return NULL; } - bn_check_top(&(ctx->bn[ctx->tos])); + /* always return a 'zeroed' bignum */ + ctx->bn[ctx->tos].top = 0; return (&(ctx->bn[ctx->tos++])); } @@ -170,19 +172,11 @@ void BN_CTX_end(BN_CTX *ctx) ctx->too_many = 0; ctx->depth--; - /* It appears some "scrapbook" uses of BN_CTX result in BIGNUMs being - * left in an inconsistent state when they are released (eg. BN_div). - * These can trip us up when they get reused, so the safest fix is to - * make sure the BIGNUMs are made sane when the context usage is - * releasing them. */ if (ctx->depth < BN_CTX_NUM_POS) -#if 0 +#ifndef BN_DEBUG ctx->tos = ctx->pos[ctx->depth]; #else - { while(ctx->tos > ctx->pos[ctx->depth]) - /* This ensures the BIGNUM is sane(r) for reuse. */ - ctx->bn[--(ctx->tos)].top = 0; - } + bn_check_top(&ctx->bn[--(ctx->tos)]); #endif }