Closed
Bug 550869
Opened 14 years ago
Closed 14 years ago
RSA_PrivateKeyCheck doesn't MP_DIGITS = 0 all locals before using CHECK_MPI_OK mp_init
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.13
People
(Reporter: timeless, Assigned: timeless)
References
()
Details
(Keywords: coverity, Whiteboard: FIPS)
Attachments
(1 file)
|
1.26 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
806 RSA_PrivateKeyCheck(RSAPrivateKey *key) 808 mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res; 811 MP_DIGITS(&n) = 0; 812 MP_DIGITS(&psub1)= 0; 813 MP_DIGITS(&qsub1)= 0; 814 MP_DIGITS(&e) = 0; 815 MP_DIGITS(&d) = 0; 816 MP_DIGITS(&d_p) = 0; 817 MP_DIGITS(&d_q) = 0; 818 MP_DIGITS(&qInv) = 0; 819 MP_DIGITS(&res) = 0; 821 CHECK_MPI_OK( mp_init(&p) ); 904 cleanup: 907 mp_clear(&q); when p init fails, it jumps to cleanup which tries to clear q which wasn't intialized
Attachment #431217 -
Flags: review?(nelson)
|
||
Comment 2•14 years ago
|
||
Code is inside the FIPS boundary
OS: Linux → All
Hardware: x86 → All
Whiteboard: FIPS
|
|
||
Updated•14 years ago
|
Target Milestone: --- → 3.13
|
|
||
Comment 3•14 years ago
|
||
Comment on attachment 431217 [details] [diff] [review] patch r=nelson
Attachment #431217 -
Flags: review?(nelson) → review+
|
|
||
Comment 4•14 years ago
|
||
Checking in rsa.c; new revision: 1.39.8.2; previous revision: 1.39.8.1 Thanks, Josh.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•