Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid double-free errors in RSA key generation #525

Merged
merged 3 commits into from
Sep 5, 2019
Merged

Avoid double-free errors in RSA key generation #525

merged 3 commits into from
Sep 5, 2019

Conversation

ilammy
Copy link
Collaborator

@ilammy ilammy commented Sep 4, 2019

We should not free pub_exp after we have successfully passed it into EVP_PKEY_CTX with EVP_PKEY_CTX_set_rsa_keygen_pubexp() call. Otherwise we'll free the same object twice when calling EVP_PKEY_CTX_free() later. This is actual for both OpenSSL and BoringSSL backends.

We also do not own pkey_ctx in soter_rsa_gen_key(). It is owned by the caller: soter_rsa_key_pair_gen_init(). We should not free it ourselves in case of errors. (And we should not use magic macros unless really necessary.)

This should resolve issues #516 and #517.

@ilammy
Avoid double-free of pub_exp (OpenSSL)
3f00936 
We should not free pub_exp after we have successfully passed it into
EVP_PKEY_CTX with EVP_PKEY_CTX_ctrl(EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP)
call. Otherwise we'll free the same object twice when calling
EVP_PKEY_CTX_free().
@ilammy
Avoid double-free of pub_exp (BoringSSL)
35108fe 
We should not free pub_exp after we have successfully passed it into
EVP_PKEY_CTX with EVP_PKEY_CTX_set_rsa_keygen_pubexp() call. Otherwise
we'll free the same object twice when calling EVP_PKEY_CTX_free().
@ilammy
Avoid double-free of EVP_PKEY_CTX (BoringSSL)
ee4fb11 
We do not own pkey_ctx in soter_rsa_gen_key(). It is owned by the caller:
soter_rsa_key_pair_gen_init(). We should not free it ourselves in case of
errors. (And we should not use magic macros unless really necessary.)
@ilammy ilammy added the core Themis Core written in C, its packages label Sep 4, 2019
@ilammy
Copy link
Collaborator Author

ilammy commented Sep 4, 2019

Just like before, I'd wait for @ignatk's comments before merging this.

Lagovas
Lagovas approved these changes Sep 4, 2019
View reviewed changes
Copy link
Collaborator

@Lagovas Lagovas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

vixentael
vixentael approved these changes Sep 4, 2019
View reviewed changes
Copy link
Contributor

@vixentael vixentael left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👀

@ilammy ilammy merged commit ffb17b9 into cossacklabs:master Sep 5, 2019
@ilammy ilammy deleted the rsa-keygen-double-free branch September 5, 2019 11:24
@vixentael vixentael mentioned this pull request Sep 30, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vixentael vixentael vixentael approved these changes

@ignatk ignatk ignatk approved these changes

@Lagovas Lagovas Lagovas approved these changes

@storojs72 storojs72 Awaiting requested review from storojs72

Assignees
No one assigned
Labels
core Themis Core written in C, its packages
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@ilammy @vixentael @ignatk @Lagovas