Skip to content
Permalink
Browse files

Check BN_rand_range return value

CVE-2014-4733.

In practice, the function should never fail.
  • Loading branch information...
jvoisin authored and alandekok committed Jul 14, 2014
1 parent 4037222 commit 52328081b0afb6b756c2bfa15a3c1203a9ec50f3
Showing with 8 additions and 2 deletions.
  1. +8 −2 src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c
@@ -282,8 +282,14 @@ int compute_scalar_element (pwd_session_t *sess, BN_CTX *bnctx) {
goto fail;
}

BN_rand_range(sess->private_value, sess->order);
BN_rand_range(mask, sess->order);
if (BN_rand_range(sess->private_value, sess->order) != 1) {
DEBUG2("Unable to get randomness for private_value");
goto fail;
}
if (BN_rand_range(mask, sess->order) != 1) {
DEBUG2("Unable to get randomness for mask");
goto fail;
}
BN_add(sess->my_scalar, sess->private_value, mask);
BN_mod(sess->my_scalar, sess->my_scalar, sess->order, bnctx);

0 comments on commit 5232808

Please sign in to comment.
You can’t perform that action at this time.