The branch openssl-3.0 has been updated
via 53234cb0f408bbfbb04ea0e12f1fc61feb2aa600 (commit)
from db40ffab8dbf3ae0e932bb737ff787c6c1eb3ca2 (commit)
- Log -----------------------------------------------------------------
commit 53234cb0f408bbfbb04ea0e12f1fc61feb2aa600
Author: Jiasheng Jiang <jiash...@iscas.ac.cn>
Date: Sat Feb 5 18:00:51 2022 +0800
rsa: add check after calling BN_BLINDING_lock
As the potential failure of getting lock, we need to check the return
value of the BN_BLINDING_lock() in order to avoid the dirty data.
Signed-off-by: Jiasheng Jiang <jiash...@iscas.ac.cn>
Reviewed-by: Paul Dale <pa...@openssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17642)
(cherry picked from commit aefbcde29166caf851cf388361d70fd0dcf17d87)
-----------------------------------------------------------------------
Summary of changes:
crypto/rsa/rsa_ossl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index c417a4b8f6..de4a580032 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -213,7 +213,9 @@ static int rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f,
BIGNUM *unblind,
*/
int ret;
- BN_BLINDING_lock(b);
+ if (!BN_BLINDING_lock(b))
+ return 0;
+
ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);
BN_BLINDING_unlock(b);
