OpenSSL: Fix memory leak in crypto_dh_derive_secret()

BN_clear() does not free the BIGNUM; it only clears its value. Fix this
memory leak by using the appropriate BN_clear_free() function instead.

Fixes: b11fa98bcb ("Add explicit checks for peer's DH public key")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2019-05-08 18:53:32 +03:00 committed by Jouni Malinen
parent 57ec74ea9b
commit 8925d2010d

View file

@ -570,8 +570,8 @@ int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
failed = !q || !ctx || !tmp || failed = !q || !ctx || !tmp ||
!BN_mod_exp(tmp, pub, q, p, ctx) || !BN_mod_exp(tmp, pub, q, p, ctx) ||
!BN_is_one(tmp); !BN_is_one(tmp);
BN_clear(q); BN_clear_free(q);
BN_clear(tmp); BN_clear_free(tmp);
BN_CTX_free(ctx); BN_CTX_free(ctx);
if (failed) if (failed)
goto fail; goto fail;
@ -580,8 +580,8 @@ int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
res = crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len, res = crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len,
prime, prime_len, secret, len); prime, prime_len, secret, len);
fail: fail:
BN_clear(pub); BN_clear_free(pub);
BN_clear(p); BN_clear_free(p);
return res; return res;
} }