Commit 8abeefec authored by Benjamin Kaduk's avatar Benjamin Kaduk
Browse files

Fix memory leak in DH_get_nid() 



If q is non-NULL but p is indeed a safe prime, a modified copy
of p could be leaked.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4525)
parent 141e4709

crypto/dh/dh_rfc7919.c

+3 −4
Original line number Diff line number Diff line
@@ -66,10 +66,9 @@ int DH_get_nid(const DH *dh) 
        BIGNUM *q = BN_dup(dh->p);



        /* Check q = p * 2 + 1 we already know q is odd, so just shift right */

        if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q)) {

        if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q))

            nid = NID_undef;

        BN_free(q);

            return NID_undef;

        }

    }

    return nid;

}