On Sat, Feb 25, 2017 at 11:28:43PM +0100, Daniel Cegiełka wrote:
> 1) bcode.c and bn_check() call
>
> bn_check(BN_zero(f));
>
> https://github.com/openbsd/src/blob/master/usr.bin/dc/bcode.c#L389
> https://github.com/openbsd/src/blob/master/usr.bin/dc/bcode.c#L807
> https://github.com/openbsd/src/blob/master/usr.bin/dc/bcode.c#L891
>
>
> 2) mem.c is a function
>
> https://github.com/openbsd/src/blob/master/usr.bin/dc/mem.c#L92
>
> void
> bn_check(int x) \
> {
> if (x == 0)
> err(1, "big number failure %lx", ERR_get_error());
> }
>
> 3) dc uses macro from libcrypto/bn/bn.h
>
> https://github.com/openbsd/src/blob/master/lib/libcrypto/bn/bn.h#L335
>
>
> #define BN_zero_ex(a) \
> do { \
> BIGNUM *_tmp_bn = (a); \
> _tmp_bn->top = 0; \
> _tmp_bn->neg = 0; \
> } while(0)
>
> #ifdef OPENSSL_NO_DEPRECATED
> #define BN_zero(a) BN_zero_ex(a)
> #else
> #define BN_zero(a) (BN_set_word((a),0))
> #endif
>
>
> Summing up: if OPENSSL_NO_DEPRECATED is defined, then the bn_check(int
> x) will be called with:
>
> do { \
> BIGNUM *_tmp_bn = (a); \
> _tmp_bn->top = 0; \
> _tmp_bn->neg = 0; \
> }
>
> Best regards,
> Daniel
Bleh, they could have changed the implementation without changing the
API but they choose not to and place the burden on the user of the lib.
Easy "fix" would be to remove the BN_check, but in current compat mode
that would lead to a unchecked mem allocation. Don't like that at all.
-Otto
