diff --git a/CHANGES b/CHANGES index 3e6569abd8..215bda7a15 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,12 @@ Changes between 0.9.6 and 0.9.6a [xx XXX 2001] + *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling + the method-specific "init()" handler. Also clean up ex_data after + calling the method-specific "finish()" handler. Previously, this was + happening the other way round. + [Geoff Thorpe] + *) Avoid coredump with unsupported or invalid public keys by checking if X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when PKCS7_verify() fails with non detached data. diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index a8d5340bf4..8516bdafb4 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -120,13 +120,13 @@ DH *DH_new_method(DH_METHOD *meth) ret->method_mont_p=NULL; ret->references = 1; ret->flags=ret->meth->flags; + CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { + CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); return(ret); } @@ -147,10 +147,10 @@ void DH_free(DH *r) } #endif - CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); - if(r->meth->finish) r->meth->finish(r); + CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); + if (r->p != NULL) BN_clear_free(r->p); if (r->g != NULL) BN_clear_free(r->g); if (r->q != NULL) BN_clear_free(r->q); diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index be30d18b8a..5dfc0eea43 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -125,13 +125,13 @@ DSA *DSA_new_method(DSA_METHOD *meth) ret->references=1; ret->flags=ret->meth->flags; + CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { + CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); return(ret); } @@ -155,10 +155,10 @@ void DSA_free(DSA *r) } #endif - CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data); - if(r->meth->finish) r->meth->finish(r); + CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data); + if (r->p != NULL) BN_clear_free(r->p); if (r->q != NULL) BN_clear_free(r->q); if (r->g != NULL) BN_clear_free(r->g); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index b5b420da97..422643e9f2 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -145,13 +145,13 @@ RSA *RSA_new_method(RSA_METHOD *meth) ret->blinding=NULL; ret->bignum_data=NULL; ret->flags=ret->meth->flags; + CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { + CRYPTO_free_ex_data(rsa_meth,ret,&ret->ex_data); OPENSSL_free(ret); ret=NULL; } - else - CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); return(ret); } @@ -174,11 +174,11 @@ void RSA_free(RSA *r) } #endif - CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); - if (r->meth->finish != NULL) r->meth->finish(r); + CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); + if (r->n != NULL) BN_clear_free(r->n); if (r->e != NULL) BN_clear_free(r->e); if (r->d != NULL) BN_clear_free(r->d);