OpenSSL 1.1.0 support and RSA_set0_key() double frees?
Jakub Jelen
jjelen at redhat.com
Tue Jun 20 02:26:09 AEST 2017
On 06/19/2017 06:16 PM, Yekkirala, Venkatesh Sri wrote:
> Hi Jakub,
>
> The patch for this introduces an unconditional goto at line 3344:
>
> http://pkgs.fedoraproject.org/cgit/rpms/openssh.git/tree/openssh-7.3p1-openssl-1.1.0.patch#n3344
>
> as shown in the below snippet:
>
> /* calculate p-1 and q-1 */
> - if ((r = rsa_generate_additional_parameters(prv->rsa)) != 0)
> + if ((r = rsa_generate_additional_parameters(prv->rsa, iqmp)) != 0)
> + BN_free(iqmp);
> goto out;
>
> /* enable blinding */
>
> FYI,
>
> venkat
>
Thank you for a review. Should be fixed now.
Regards,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat
More information about the openssh-unix-dev
mailing list