[openssl.org #1967] [PATCH 05/14] Do not run off the end of the params array.

David McCullough via RT Tue, 30 Jun 2009 05:51:18 -0700

Do not run off the end of the RSA params arrays freeing values
or we will crash (or worse, corrupt the heap).


Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html

-- 
David McCullough,  david_mccullo...@securecomputing.com,  Ph:+61 734352815
McAfee - SnapGear  http://www.snapgear.com                http://www.uCdot.org

diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index ab38cd5..4f2470b 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -681,7 +681,7 @@ zapparams(struct crypt_kop *kop)
 {
 	int i;
 
-	for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) {
+	for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
 		if (kop->crk_param[i].crp_p)
 			free(kop->crk_param[i].crp_p);
 		kop->crk_param[i].crp_p = NULL;
-- 
1.6.0.4

[openssl.org #1967] [PATCH 05/14] Do not run off the end of the params array.

Reply via email to