pki_crypto.c: plug ecdsa_sig->[r,s] bignum leaks

Per ecdsa(3ssl), ECDSA_SIG_new does allocate its 'r' and 's' bignum fields. Fix a bug where the initial 'r' and 's' bignums were being overwritten with newly-allocated bignums, resulting in a memory leak. BUG: https://red.libssh.org/issues/175 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 4745d652b5e71c27fd891edfe690162c0b8d3005)
author: Jon Simons <jon@jonsimons.org> 2014-10-05 05:59:54 -0700
committer: Andreas Schneider <asn@cryptomilk.org> 2014-12-05 10:46:31 +0100
commit: 5d75090d9fe23c6ef27560de47fc141fc769c6cd (patch)
tree: 2669fba764d496735f5d025694a609c0f92f7217 /src/dh.c
parent: 32a3cfe6613262cc6e84a0c5cdf9803184e9c2ce (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/src/dh.c b/src/dh.c
index 3c2e5adb..84355d48 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -407,6 +407,15 @@ bignum make_string_bn(ssh_string string){
   return bn;
 }
 
+void make_string_bn_inplace(ssh_string string, bignum bnout) {
+  unsigned int len = ssh_string_len(string);
+#ifdef HAVE_LIBGCRYPT
+  #error "unsupported"
+#elif defined HAVE_LIBCRYPTO
+  bignum_bin2bn(string->data, len, bnout);
+#endif
+}
+
 ssh_string dh_get_e(ssh_session session) {
   return make_bignum_string(session->next_crypto->e);
 }
author	Jon Simons <jon@jonsimons.org>	2014-10-05 05:59:54 -0700
committer	Andreas Schneider <asn@cryptomilk.org>	2014-12-05 10:46:31 +0100
commit	5d75090d9fe23c6ef27560de47fc141fc769c6cd (patch)
tree	2669fba764d496735f5d025694a609c0f92f7217 /src/dh.c
parent	32a3cfe6613262cc6e84a0c5cdf9803184e9c2ce (diff)