The branch OpenSSL_1_1_0-stable has been updated
via 502b871ad4eacc96a31f89d9a9470ca2858da998 (commit)
from c5bc42d7a131cf7a6a2ebd97a7a4a559d01af0f9 (commit)
- Log -----------------------------------------------------------------
commit 502b871ad4eacc96a31f89d9a9470ca2858da998
Author: Bernd Edlinger <bernd.edlin...@hotmail.de>
Date: Sun Mar 17 17:28:24 2019 +0100
Clear the point S before freeing in ec_mul_consttime
The secret point R can be recovered from S using the equation R = S - P.
The X and Z coordinates should be sufficient for that.
Reviewed-by: Paul Dale <paul.d...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8505)
-----------------------------------------------------------------------
Summary of changes:
crypto/ec/ec_mult.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 8350082..47c0fc0 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -325,7 +325,7 @@ static int ec_mul_consttime(const EC_GROUP *group, EC_POINT
*r,
ret = 1;
err:
- EC_POINT_free(s);
+ EC_POINT_clear_free(s);
BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
