Commit 5f747c7f authored by Geoff Thorpe's avatar Geoff Thorpe
Browse files

When a BN_CTX is used for temporary workspace, the variables are sometimes 

left in an inconsistent state when they are released for later reuse. This
change resets the BIGNUMs when they are released back to the context.
parent c4db1a8b

crypto/bn/bn_ctx.c

+13 −0
Original line number Diff line number Diff line
@@ -167,6 +167,19 @@ void BN_CTX_end(BN_CTX *ctx) 


	ctx->too_many = 0;

	ctx->depth--;

	/* It appears some "scrapbook" uses of BN_CTX result in BIGNUMs being

	 * left in an inconsistent state when they are released (eg. BN_div).

	 * These can trip us up when they get reused, so the safest fix is to

	 * make sure the BIGNUMs are made sane when the context usage is

	 * releasing them. */

	if (ctx->depth < BN_CTX_NUM_POS)

#if 0

		ctx->tos = ctx->pos[ctx->depth];

#else

		{

		while(ctx->tos > ctx->pos[ctx->depth])

			/* This ensures the BIGNUM is sane(r) for reuse. */

			ctx->bn[--(ctx->tos)].top = 0;

		}

#endif

	}