/*
- * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
}
/* OK, make sure the returned bignum is "zero" */
BN_zero(ret);
+ /* clear BN_FLG_CONSTTIME if leaked from previous frames */
+ ret->flags &= (~BN_FLG_CONSTTIME);
ctx->used++;
CTXDBG_RET(ctx, ret);
return ret;
/* Need to expand */
unsigned int newsize =
st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES;
- unsigned int *newitems = OPENSSL_malloc(sizeof(*newitems) * newsize);
- if (newitems == NULL)
+ unsigned int *newitems;
+
+ if ((newitems = OPENSSL_malloc(sizeof(*newitems) * newsize)) == NULL) {
+ BNerr(BN_F_BN_STACK_PUSH, ERR_R_MALLOC_FAILURE);
return 0;
+ }
if (st->depth)
memcpy(newitems, st->indexes, sizeof(*newitems) * st->depth);
OPENSSL_free(st->indexes);
/* Full; allocate a new pool item and link it in. */
if (p->used == p->size) {
- BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(*item));
- if (item == NULL)
+ BN_POOL_ITEM *item;
+
+ if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) {
+ BNerr(BN_F_BN_POOL_GET, ERR_R_MALLOC_FAILURE);
return NULL;
+ }
for (loop = 0, bn = item->vals; loop++ < BN_CTX_POOL_SIZE; bn++) {
bn_init(bn);
if ((flag & BN_FLG_SECURE) != 0)