Closed Bug 550869 Opened 11 years ago Closed 11 years ago

RSA_PrivateKeyCheck doesn't MP_DIGITS = 0 all locals before using CHECK_MPI_OK mp_init

Categories

(NSS :: Libraries, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: timeless, Assigned: timeless)

References

()

Details

(Keywords: coverity, Whiteboard: FIPS)

Attachments

(1 file)

806  	RSA_PrivateKeyCheck(RSAPrivateKey *key)
808  	    mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res;
811  	    MP_DIGITS(&n)    = 0;
812  	    MP_DIGITS(&psub1)= 0;
813  	    MP_DIGITS(&qsub1)= 0;
814  	    MP_DIGITS(&e)    = 0;
815  	    MP_DIGITS(&d)    = 0;
816  	    MP_DIGITS(&d_p)  = 0;
817  	    MP_DIGITS(&d_q)  = 0;
818  	    MP_DIGITS(&qInv) = 0;
819  	    MP_DIGITS(&res)  = 0;

821  	    CHECK_MPI_OK( mp_init(&p)    );

904  	cleanup:

907  	    mp_clear(&q);

when p init fails, it jumps to cleanup which tries to clear q which wasn't intialized
Keywords: coverity
OS: Mac OS X → Linux
Attached patch patchSplinter Review
Attachment #431217 - Flags: review?(nelson)
Code is inside the FIPS boundary
OS: Linux → All
Hardware: x86 → All
Whiteboard: FIPS
Target Milestone: --- → 3.13
Comment on attachment 431217 [details] [diff] [review]
patch

r=nelson
Attachment #431217 - Flags: review?(nelson) → review+
Checking in rsa.c; new revision: 1.39.8.2; previous revision: 1.39.8.1

Thanks, Josh.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.