diff options
author | Werner Koch <wk@gnupg.org> | 2014-08-21 11:39:17 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2014-08-21 12:22:37 +0200 |
commit | 18056ace7f466cb8c1eaf08e5dc0400516d83b4c (patch) | |
tree | c9da7e759ba962071b2a961082d2c5a32326df58 /cipher/elgamal.c | |
parent | 34bb55ee36df3aca3ebca88f8b61c786cd0c0701 (diff) | |
download | libgcrypt-18056ace7f466cb8c1eaf08e5dc0400516d83b4c.tar.gz |
cipher: Fix possible NULL deref in call to prime generator.
* cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
error code.
* cipher/dsa.c (generate): Take care of new return code.
* cipher/elgamal.c (generate): Change to return an error code. Take
care of _gcry_generate_elg_prime return code.
(generate_using_x): Take care of _gcry_generate_elg_prime return code.
(elg_generate): Propagate return code from generate.
--
GnuPG-bug-id: 1699, 1700
Reported-by: S.K. Gupta
Note that the NULL deref may have only happened on malloc failure.
Diffstat (limited to 'cipher/elgamal.c')
-rw-r--r-- | cipher/elgamal.c | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/cipher/elgamal.c b/cipher/elgamal.c index a71a9bcb..cb3ca43a 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -61,7 +61,8 @@ static const char *elg_names[] = static int test_keys (ELG_secret_key *sk, unsigned int nbits, int nodie); static gcry_mpi_t gen_k (gcry_mpi_t p, int small_k); -static void generate (ELG_secret_key *sk, unsigned nbits, gcry_mpi_t **factors); +static gcry_err_code_t generate (ELG_secret_key *sk, unsigned nbits, + gcry_mpi_t **factors); static int check_secret_key (ELG_secret_key *sk); static void do_encrypt (gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_public_key *pkey); @@ -268,9 +269,10 @@ gen_k( gcry_mpi_t p, int small_k ) * Returns: 2 structures filled with all needed values * and an array with n-1 factors of (p-1) */ -static void +static gcry_err_code_t generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) { + gcry_err_code_t rc; gcry_mpi_t p; /* the prime */ gcry_mpi_t p_min1; gcry_mpi_t g; @@ -285,7 +287,13 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) if( qbits & 1 ) /* better have a even one */ qbits++; g = mpi_alloc(1); - p = _gcry_generate_elg_prime( 0, nbits, qbits, g, ret_factors ); + rc = _gcry_generate_elg_prime (0, nbits, qbits, g, &p, ret_factors); + if (rc) + { + mpi_free (p_min1); + mpi_free (g); + return rc; + } mpi_sub_ui(p_min1, p, 1); @@ -359,6 +367,8 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) /* Now we can test our keys (this should never fail!) */ test_keys ( sk, nbits - 64, 0 ); + + return 0; } @@ -373,6 +383,7 @@ static gcry_err_code_t generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x, gcry_mpi_t **ret_factors ) { + gcry_err_code_t rc; gcry_mpi_t p; /* The prime. */ gcry_mpi_t p_min1; /* The prime minus 1. */ gcry_mpi_t g; /* The generator. */ @@ -395,7 +406,13 @@ generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x, if ( (qbits & 1) ) /* Better have an even one. */ qbits++; g = mpi_alloc (1); - p = _gcry_generate_elg_prime ( 0, nbits, qbits, g, ret_factors ); + rc = _gcry_generate_elg_prime (0, nbits, qbits, g, &p, ret_factors ); + if (rc) + { + mpi_free (p_min1); + mpi_free (g); + return rc; + } mpi_sub_ui (p_min1, p, 1); if (DBG_CIPHER) @@ -662,8 +679,7 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) } else { - generate (&sk, nbits, &factors); - rc = 0; + rc = generate (&sk, nbits, &factors); } if (rc) goto leave; |