diff options
| author | Werner Koch <wk@gnupg.org> | 2014-08-21 11:39:17 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2014-08-21 12:22:37 +0200 |
| commit | 18056ace7f466cb8c1eaf08e5dc0400516d83b4c (patch) | |
| tree | c9da7e759ba962071b2a961082d2c5a32326df58 /src | |
| parent | 34bb55ee36df3aca3ebca88f8b61c786cd0c0701 (diff) | |
| download | libgcrypt-18056ace7f466cb8c1eaf08e5dc0400516d83b4c.tar.gz | |
cipher: Fix possible NULL deref in call to prime generator.
* cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
error code.
* cipher/dsa.c (generate): Take care of new return code.
* cipher/elgamal.c (generate): Change to return an error code. Take
care of _gcry_generate_elg_prime return code.
(generate_using_x): Take care of _gcry_generate_elg_prime return code.
(elg_generate): Propagate return code from generate.
--
GnuPG-bug-id: 1699, 1700
Reported-by: S.K. Gupta
Note that the NULL deref may have only happened on malloc failure.
Diffstat (limited to 'src')
| -rw-r--r-- | src/g10lib.h | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/g10lib.h b/src/g10lib.h index 43dc0113..238871d0 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -236,9 +236,12 @@ gcry_mpi_t _gcry_generate_public_prime (unsigned int nbits, gcry_random_level_t random_level, int (*extra_check)(void*, gcry_mpi_t), void *extra_check_arg); -gcry_mpi_t _gcry_generate_elg_prime (int mode, - unsigned int pbits, unsigned int qbits, - gcry_mpi_t g, gcry_mpi_t **factors); +gcry_err_code_t _gcry_generate_elg_prime (int mode, + unsigned int pbits, + unsigned int qbits, + gcry_mpi_t g, + gcry_mpi_t *r_prime, + gcry_mpi_t **factors); gcry_mpi_t _gcry_derive_x931_prime (const gcry_mpi_t xp, const gcry_mpi_t xp1, const gcry_mpi_t xp2, const gcry_mpi_t e, |