[go: nahoru, domu]
Skip to content

Commit

Permalink
Merge DSA reallocation timing fix CVE-2018-0734.
Browse files Browse the repository at this point in the history 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from #7513)
  • Loading branch information
@paulidale
paulidale committed Oct 28, 2018
1 parent 896e8c5 commit 43e6a58
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion crypto/dsa/dsa_ossl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
goto err;

/* Preallocate space */
q_bits = BN_num_bits(dsa->q);
q_bits = BN_num_bits(dsa->q) + sizeof(dsa->q->d[0]) * 16;
if (!BN_set_bit(&k, q_bits)
|| !BN_set_bit(&l, q_bits)
|| !BN_set_bit(&m, q_bits))
Expand Down

0 comments on commit 43e6a58

Please sign in to comment.