mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-07 17:53:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
bbc3c22c0e
openssl/crypto/ec
History
Nicola Tuveri 9c47a3386d Fix coverity issues in EC after #11807 
This should fix 2 issues detected by Coverity and introduced with
https://github.com/openssl/openssl/pull/11807

- CID 1463577:  Memory - corruptions  (ARRAY_VS_SINGLETON)
- CID 1463573:  Memory - corruptions  (ARRAY_VS_SINGLETON)

In practice the tests seem to show that they both aren't real issues,
yet I believe this small change should appease the scanner and at the
same time improve clarity for the reader.

Here is the original report:

```
** CID 1463577:  Memory - corruptions  (ARRAY_VS_SINGLETON)

________________________________________________________________________________________________________
*** CID 1463577:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/crypto/ec/ec_lib.c: 1123 in EC_POINT_mul()
1117
1118         if (group->meth->mul != NULL)
1119             ret = group->meth->mul(group, r, g_scalar, point != NULL
1120                                    && p_scalar != NULL, &point, &p_scalar, ctx);
1121         else
1122             /* use default */
   CID 1463577:  Memory - corruptions  (ARRAY_VS_SINGLETON)
   Passing "&point" to function "ec_wNAF_mul" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.
1123             ret = ec_wNAF_mul(group, r, g_scalar, point != NULL
1124                               && p_scalar != NULL, &point, &p_scalar, ctx);
1125
1126     #ifndef FIPS_MODULE
1127         BN_CTX_free(new_ctx);
1128     #endif

** CID 1463573:  Memory - corruptions  (ARRAY_VS_SINGLETON)

________________________________________________________________________________________________________
*** CID 1463573:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/crypto/ec/ec_lib.c: 1123 in EC_POINT_mul()
1117
1118         if (group->meth->mul != NULL)
1119             ret = group->meth->mul(group, r, g_scalar, point != NULL
1120                                    && p_scalar != NULL, &point, &p_scalar, ctx);
1121         else
1122             /* use default */
   CID 1463573:  Memory - corruptions  (ARRAY_VS_SINGLETON)
   Passing "&p_scalar" to function "ec_wNAF_mul" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.
1123             ret = ec_wNAF_mul(group, r, g_scalar, point != NULL
1124                               && p_scalar != NULL, &point, &p_scalar, ctx);
1125
1126     #ifndef FIPS_MODULE
1127         BN_CTX_free(new_ctx);
1128     #endif
```

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11919)
2020-05-24 20:13:31 +03:00
..
asm Update copyright year 2020-04-23 13:55:52 +01:00
curve448 Update copyright year 2020-04-23 13:55:52 +01:00
build.info s390: ECX key generation fixes. 2020-04-17 19:51:37 +10:00
curve25519.c Update copyright year 2020-04-23 13:55:52 +01:00
ec2_oct.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ec2_smpl.c deprecate EC_POINT_make_affine and EC_POINTs_make_affine 2020-05-20 20:10:31 +02:00
ec_ameth.c Update copyright year 2020-04-23 13:55:52 +01:00
ec_asn1.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ec_backend.c PROV: Fix EC_KEY exporters to allow domain parameter keys 2020-03-27 12:49:17 +01:00
ec_check.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ec_ctrl.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ec_curve.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ec_cvt.c Update copyright year 2020-04-23 13:55:52 +01:00
ec_err.c ecx: check for errors creating public keys from private ones. 2020-04-17 19:51:37 +10:00
ec_key.c deprecate EC precomputation functionality 2020-05-19 16:29:37 +03:00
ec_kmeth.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ec_lib.c Fix coverity issues in EC after #11807 2020-05-24 20:13:31 +03:00
ec_local.h Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ec_mult.c deprecate EC_POINT_make_affine and EC_POINTs_make_affine 2020-05-20 20:10:31 +02:00
ec_oct.c Update copyright year 2020-04-23 13:55:52 +01:00
ec_pmeth.c Update copyright year 2020-04-23 13:55:52 +01:00
ec_print.c Update copyright year 2020-04-23 13:55:52 +01:00
ecdh_kdf.c Update copyright year 2020-04-23 13:55:52 +01:00
ecdh_ossl.c Update copyright year 2020-04-23 13:55:52 +01:00
ecdsa_ossl.c Update copyright year 2020-04-23 13:55:52 +01:00
ecdsa_sign.c Update copyright year 2020-04-23 13:55:52 +01:00
ecdsa_vrf.c Update copyright year 2020-04-23 13:55:52 +01:00
eck_prn.c Following the license change, modify the boilerplates in crypto/ec/ 2018-12-06 14:51:47 +01:00
ecp_mont.c Update copyright year 2020-04-23 13:55:52 +01:00
ecp_nist.c Update copyright year 2020-04-23 13:55:52 +01:00
ecp_nistp224.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ecp_nistp256.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ecp_nistp521.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ecp_nistputil.c Update copyright year 2020-04-23 13:55:52 +01:00
ecp_nistz256_table.c Following the license change, modify the boilerplates in crypto/ec/ 2018-12-06 14:51:47 +01:00
ecp_nistz256.c deprecate EC_POINT_make_affine and EC_POINTs_make_affine 2020-05-20 20:10:31 +02:00
ecp_oct.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
ecp_s390x_nistp.c Update copyright year 2020-04-23 13:55:52 +01:00
ecp_smpl.c Update copyright year 2020-04-23 13:55:52 +01:00
ecx_backend.c Add the ability to ECX to import keys with only the private key 2020-05-04 09:30:55 +01:00
ecx_backend.h Fix the KEYNID2TYPE macro 2020-05-04 09:30:55 +01:00
ecx_key.c Add the library ctx into an ECX_KEY 2020-05-04 09:30:55 +01:00
ecx_meth.c Add the library ctx into an ECX_KEY 2020-05-04 09:30:55 +01:00
ecx_s390x.c Update copyright year 2020-04-23 13:55:52 +01:00