Skip to content
Permalink
Browse files

Merge DSA reallocation timing fix CVE-2018-0734.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from #7513)
  • Loading branch information...
paulidale committed Oct 28, 2018
1 parent 896e8c5 commit 43e6a58d4991a451daf4891ff05a48735df871ac
Showing with 1 addition and 1 deletion.
  1. +1 −1 crypto/dsa/dsa_ossl.c
@@ -279,7 +279,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
goto err;

/* Preallocate space */
q_bits = BN_num_bits(dsa->q);
q_bits = BN_num_bits(dsa->q) + sizeof(dsa->q->d[0]) * 16;
if (!BN_set_bit(&k, q_bits)
|| !BN_set_bit(&l, q_bits)
|| !BN_set_bit(&m, q_bits))

0 comments on commit 43e6a58

Please sign in to comment.
You can’t perform that action at this time.