[git] GCRYPT - branch, LIBGCRYPT-1-7-BRANCH, updated. libgcrypt-1.7.8-2-ga195d73

by NIIBE Yutaka cvs at cvs.gnupg.org
Tue Jul 4 02:43:57 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, LIBGCRYPT-1-7-BRANCH has been updated
       via  a195d7346a8006f3b6fb77ccd6df8e91833d2b5a (commit)
      from  e57ce62112a017706a38b86ad2d079b59ec2130a (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit a195d7346a8006f3b6fb77ccd6df8e91833d2b5a
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Tue Jul 4 09:33:46 2017 +0900

    mpi: Fix mpi_set_secure.
    
    * mpi/mpiutil.c (mpi_set_secure): Allocate by ->alloced.
    
    --
    
    The code was simply wrong.  The question is if (1) it allocates
    (possibly) more or (2) modifi ->alloced.  The choice is (1).
    
    Because we have routines of mpi_set_cond and mpi_swap_cond which
    assume no change for the allocated length of limbs, no surprise is
    better.  See _gcry_mpi_ec_mul_point for concrete example for those
    routines.  That's for constant-time computation.
    
    Debian-bug-id: 866964
    Suggested-by: Mark Wooding <mdw at distorted.org.uk>
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
    
    (backport from master commit:
    5feaf1cc8f22c1f8d19a34850d86fe190f1432e2)

diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c
index 6dee0b9..3ae84c3 100644
--- a/mpi/mpiutil.c
+++ b/mpi/mpiutil.c
@@ -256,7 +256,7 @@ mpi_set_secure( gcry_mpi_t a )
       gcry_assert (!ap);
       return;
     }
-  bp = mpi_alloc_limb_space (a->nlimbs, 1);
+  bp = mpi_alloc_limb_space (a->alloced, 1);
   MPN_COPY( bp, ap, a->nlimbs );
   a->d = bp;
   _gcry_mpi_free_limb_space (ap, a->alloced);

-----------------------------------------------------------------------

Summary of changes:
 mpi/mpiutil.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org

More information about the Gnupg-commits mailing list