Clear BN_FLG_CONSTTIME on BN_CTX_get()

[openssl.git] / crypto / bn / bn_ctx.c

diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 68c04687437f1d9fdf7971adb60fa68399d57d38..51db38b455a3c6e4a2b3d9398fa15ce4d9bd6b74 100644 (file)
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -1,5 +1,5 @@
 /*
 /*

- * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.

  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy


@@ -227,6 +227,8 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx)
     }
     /* OK, make sure the returned bignum is "zero" */
     BN_zero(ret);
     }
     /* OK, make sure the returned bignum is "zero" */
     BN_zero(ret);

+    /* clear BN_FLG_CONSTTIME if leaked from previous frames */
+    ret->flags &= (~BN_FLG_CONSTTIME);

     ctx->used++;
     CTXDBG_RET(ctx, ret);
     return ret;
     ctx->used++;
     CTXDBG_RET(ctx, ret);
     return ret;