mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 13:13:44 +01:00
Merge branch 'maint-0.2.5' into maint-0.2.6
This commit is contained in:
commit
e6965f78b8
7
changes/rsa_init_bug
Normal file
7
changes/rsa_init_bug
Normal file
@ -0,0 +1,7 @@
|
||||
o Major bugfixes (key management):
|
||||
- If OpenSSL fails to generate an RSA key, do not retain a dangling pointer
|
||||
to the previous (uninitialized) key value. The impact here should be
|
||||
limited to a difficult-to-trigger crash, if OpenSSL is running an
|
||||
engine that makes key generation failures possible, or if OpenSSL runs
|
||||
out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by
|
||||
Yuan Jochen Kang, Suman Jana, and Baishakhi Ray.
|
@ -555,8 +555,10 @@ crypto_pk_generate_key_with_bits(crypto_pk_t *env, int bits)
|
||||
{
|
||||
tor_assert(env);
|
||||
|
||||
if (env->key)
|
||||
if (env->key) {
|
||||
RSA_free(env->key);
|
||||
env->key = NULL;
|
||||
}
|
||||
|
||||
{
|
||||
BIGNUM *e = BN_new();
|
||||
|
Loading…
Reference in New Issue
Block a user