Fix BN_[pseudo_]rand: 'mask' must be used even if top=-1.

[openssl.git] / crypto / bn / bn_ctx.c

diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 46132fd1806a04506803f23c4a2e03a4c4b2a336..28b334fbd56f55a5731e20bb590239ba2d8d0431 100644 (file)
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -69,7 +69,7 @@ BN_CTX *BN_CTX_new(void)
        {
        BN_CTX *ret;
 
-       ret=(BN_CTX *)Malloc(sizeof(BN_CTX));
+       ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX));
        if (ret == NULL)
                {
                BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
@@ -102,7 +102,7 @@ void BN_CTX_free(BN_CTX *ctx)
        for (i=0; i < BN_CTX_NUM; i++)
                BN_clear_free(&(ctx->bn[i]));
        if (ctx->flags & BN_FLG_MALLOCED)
-               Free(ctx);
+               OPENSSL_free(ctx);
        }
 
 void BN_CTX_start(BN_CTX *ctx)
@@ -112,8 +112,14 @@ void BN_CTX_start(BN_CTX *ctx)
        ctx->depth++;
        }
 
+
 BIGNUM *BN_CTX_get(BN_CTX *ctx)
        {
+       /* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically,
+        * make sure that if BN_CTX_get fails once it will return NULL again
+        * until BN_CTX_end is called.  (This is so that callers have to check
+        * only the last return value.)
+        */
        if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM)
                {
                if (!ctx->too_many)