The branch master has been updated
via aefbcde29166caf851cf388361d70fd0dcf17d87 (commit)
from 14db620282bea38dc44479e562cf9bb61a716444 (commit)
- Log -----------------------------------------------------------------
commit aefbcde29166caf851cf388361d70fd0dcf17d87
Author: Jiasheng Jiang <[email protected]>
Date: Sat Feb 5 18:00:51 2022 +0800
rsa: add check after calling BN_BLINDING_lock
As the potential failure of getting lock, we need to check the return
value of the BN_BLINDING_lock() in order to avoid the dirty data.
Signed-off-by: Jiasheng Jiang <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
Reviewed-by: Matt Caswell <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/17642)
-----------------------------------------------------------------------
Summary of changes:
crypto/rsa/rsa_ossl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index c417a4b8f6..de4a580032 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -213,7 +213,9 @@ static int rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f,
BIGNUM *unblind,
*/
int ret;
- BN_BLINDING_lock(b);
+ if (!BN_BLINDING_lock(b))
+ return 0;
+
ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);
BN_BLINDING_unlock(b);
