[PATCH 2/3] mpi: fix missing fields in an empty point and the mpi_clear requires a non-empty argument.
Jussi Kivilinna
jussi.kivilinna at iki.fi
Tue Jan 7 22:46:38 CET 2020
Hello,
On 22.12.2019 11.15, Tianjia Zhang via Gcrypt-devel wrote:
> * mpi/ec.c (_gcry_mpi_point_set): Assign value to missing fields.
>
> The problem is triggered when using the following code by
> mpi_ec_get_elliptic_curve:
>
> elliptic_curve_t E;
> memset (&E, 0, sizeof E);
> mpi_point_set (&E->G, G->x, G->y, G->z);
I think this issue should be fixed in 'mpi_ec_get_elliptic_curve' rather than in '_gcry_mpi_point_set'. '_gcry_mpi_point_set' expects POINT to be either properly initialized point structure or NULL. 'mpi_ec_get_elliptic_curve' however is passing point structure that has not been initialized with '_gcry_mpi_point_init'.
So, I'd change
{
mpi_point_set (&E->G, G->x, G->y, G->z);
mpi_point_set (G, NULL, NULL, NULL);
mpi_point_release (G);
}
to
{
_gcry_mpi_point_init (&E->G);
mpi_point_set (&E->G, G->x, G->y, G->z);
mpi_point_set (G, NULL, NULL, NULL);
mpi_point_release (G);
}
-Jussi
>
> Signed-off-by: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
> ---
> mpi/ec.c | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/mpi/ec.c b/mpi/ec.c
> index d4c4f953..94d93354 100644
> --- a/mpi/ec.c
> +++ b/mpi/ec.c
> @@ -224,16 +224,16 @@ _gcry_mpi_point_set (mpi_point_t point,
> point = mpi_point_new (0);
>
> if (x)
> - mpi_set (point->x, x);
> - else
> + point->x = mpi_set (point->x, x);
> + else if (point->x)
> mpi_clear (point->x);
> if (y)
> - mpi_set (point->y, y);
> - else
> + point->y = mpi_set (point->y, y);
> + else if (point->y)
> mpi_clear (point->y);
> if (z)
> - mpi_set (point->z, z);
> - else
> + point->z = mpi_set (point->z, z);
> + else if (point->z)
> mpi_clear (point->z);
>
> return point;
>
More information about the Gcrypt-devel
mailing list