root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix memory leak in BN_rand_range() 

The patch enables BN_rand_range() to exit immediately
if BIGNUM *rnd is NULL.

CLA: trivial

Fixes: #18951

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18982)

(cherry picked from commit 70f589ae41)
This commit is contained in:
valdaarhun 2022-08-11 00:48:05 +05:30 committed by Tomas Mraz
parent 0f0634bc8c
commit 682d4a1204
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/bn/bn_rand.c
View File

@ -136,6 +136,11 @@ static int bnrand_range(BNRAND_FLAG flag, BIGNUM *r, const BIGNUM *range,
int n;
int count = 100;
if (r == NULL) {
ERR_raise(ERR_LIB_BN, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (range->neg || BN_is_zero(range)) {
ERR_raise(ERR_LIB_BN, BN_R_INVALID_RANGE);
return 0;