projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix off-by-one in BN_rand
[openssl.git]
/
crypto
/
bn
/
bn_rand.c
diff --git
a/crypto/bn/bn_rand.c
b/crypto/bn/bn_rand.c
index 9488454c128390f60425a05194e156c373c212e0..2764c8a30730e573c6c821d2c823ed00d5066eaa 100644
(file)
--- a/
crypto/bn/bn_rand.c
+++ b/
crypto/bn/bn_rand.c
@@
-111,7
+111,7
@@
#include <stdio.h>
#include <time.h>
#include <stdio.h>
#include <time.h>
-#include "cryptlib.h"
+#include "
internal/
cryptlib.h"
#include "bn_lcl.h"
#include <openssl/rand.h>
#include <openssl/sha.h>
#include "bn_lcl.h"
#include <openssl/rand.h>
#include <openssl/sha.h>
@@
-122,6
+122,11
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
int ret = 0, bit, bytes, mask;
time_t tim;
int ret = 0, bit, bytes, mask;
time_t tim;
+ if (bits < 0 || (bits == 1 && top > 0)) {
+ BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
+ return 0;
+ }
+
if (bits == 0) {
BN_zero(rnd);
return 1;
if (bits == 0) {
BN_zero(rnd);
return 1;
@@
-131,7
+136,7
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
bit = (bits - 1) % 8;
mask = 0xff << (bit + 1);
bit = (bits - 1) % 8;
mask = 0xff << (bit + 1);
- buf =
(unsigned char *)
OPENSSL_malloc(bytes);
+ buf = OPENSSL_malloc(bytes);
if (buf == NULL) {
BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
goto err;
if (buf == NULL) {
BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
goto err;
@@
-142,7
+147,7
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
RAND_add(&tim, sizeof(tim), 0.0);
if (pseudorand) {
RAND_add(&tim, sizeof(tim), 0.0);
if (pseudorand) {
- if (RAND_
pseudo_bytes(buf, bytes) == -1
)
+ if (RAND_
bytes(buf, bytes) <= 0
)
goto err;
} else {
if (RAND_bytes(buf, bytes) <= 0)
goto err;
} else {
if (RAND_bytes(buf, bytes) <= 0)
@@
-157,7
+162,8
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
unsigned char c;
for (i = 0; i < bytes; i++) {
unsigned char c;
for (i = 0; i < bytes; i++) {
- RAND_pseudo_bytes(&c, 1);
+ if (RAND_bytes(&c, 1) <= 0)
+ goto err;
if (c >= 128 && i > 0)
buf[i] = buf[i - 1];
else if (c < 42)
if (c >= 128 && i > 0)
buf[i] = buf[i - 1];
else if (c < 42)
@@
-167,7
+173,7
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
}
}
}
}
- if (top
!= -1
) {
+ if (top
>= 0
) {
if (top) {
if (bit == 0) {
buf[0] = 1;
if (top) {
if (bit == 0) {
buf[0] = 1;
@@
-186,10
+192,7
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
goto err;
ret = 1;
err:
goto err;
ret = 1;
err:
- if (buf != NULL) {
- OPENSSL_cleanse(buf, bytes);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, bytes);
bn_check_top(rnd);
return (ret);
}
bn_check_top(rnd);
return (ret);
}
@@
-353,7
+356,6
@@
int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
ret = 1;
err:
ret = 1;
err:
- if (k_bytes)
- OPENSSL_free(k_bytes);
+ OPENSSL_free(k_bytes);
return ret;
}
return ret;
}