In fips_rsa_sign(), if the malloc for 'sbuf' fails, 'sbuf' should not be
cleansed.
--
-- David ([email protected])
Index: fips/rsa/fips_rsa_sign.c
===================================================================
--- fips/rsa/fips_rsa_sign.c (revision 397418)
+++ fips/rsa/fips_rsa_sign.c (working copy)
@@ -250,33 +250,34 @@ static int fips_rsa_sign(int type, const
sbuf = OPENSSL_malloc(RSA_size(rsa));
saltlen = M_EVP_MD_CTX_FLAG_PSS_SALT(sv->mctx);
if (saltlen == EVP_MD_CTX_FLAG_PSS_MDLEN)
saltlen = -1;
else if (saltlen == EVP_MD_CTX_FLAG_PSS_MREC)
saltlen = -2;
if (!sbuf)
{
RSAerr(RSA_F_FIPS_RSA_SIGN,ERR_R_MALLOC_FAILURE);
- goto psserr;
+ goto psserr0;
}
if (!RSA_padding_add_PKCS1_PSS(rsa, sbuf, md,
M_EVP_MD_CTX_md(sv->mctx), saltlen))
goto psserr;
j=rsa->meth->rsa_priv_enc(i,sbuf,sigret,rsa,RSA_NO_PADDING);
if (j > 0)
{
ret=1;
*siglen=j;
}
psserr:
- OPENSSL_cleanse(md,m_len);
OPENSSL_cleanse(sbuf, i);
OPENSSL_free(sbuf);
+ psserr0:
+ OPENSSL_cleanse(md,m_len);
return ret;
}
j=RSA_size(rsa);
if (i > (j-RSA_PKCS1_PADDING_SIZE))
{
RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
goto done;
}
