Commit ccb2a614 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Fix double free in DSA private key parsing. 



Fix double free bug when parsing malformed DSA private keys.

Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
libFuzzer.

CVE-2016-0705

Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
(cherry picked from commit 6c88c71b)
parent 3629c49d

crypto/dsa/dsa_ameth.c

+10 −10
Original line number Diff line number Diff line
@@ -191,6 +191,8 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) 
    STACK_OF(ASN1_TYPE) *ndsa = NULL;

    DSA *dsa = NULL;



    int ret = 0;



    if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))

        return 0;

    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
@@ -262,23 +264,21 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) 
    }



    EVP_PKEY_assign_DSA(pkey, dsa);

    BN_CTX_free(ctx);

    if (ndsa)

        sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);

    else

        ASN1_STRING_clear_free(privkey);



    return 1;

    ret = 1;

    goto done;



 decerr:

    DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);

 dsaerr:

    DSA_free(dsa);

 done:

    BN_CTX_free(ctx);

    if (privkey)

        ASN1_STRING_clear_free(privkey);

    if (ndsa)

        sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);

    DSA_free(dsa);

    return 0;

    else

        ASN1_STRING_clear_free(privkey);

    return ret;

}



static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)