linux-hardened/lib/mpi
Jesper Juhl 09c79b6096 mpi: Avoid using freed pointer in mpi_lshift_limbs()
At the start of the function we assign 'a->d' to 'ap'. Then we use the
RESIZE_IF_NEEDED macro on 'a' - this may free 'a->d' and replace it
with newly allocaetd storage. In that case, we'll be operating on
freed memory further down in the function when we index into 'ap[]'.
Since we don't actually need 'ap' until after the use of the
RESIZE_IF_NEEDED macro we can just delay the assignment to it until
after we've potentially resized, thus avoiding the issue.

While I was there anyway I also changed the integer variable 'n' to be
const. It might as well be since we only assign to it once and use it
as a constant, and then the compiler will tell us if we ever assign to
it in the future.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Acked-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2012-04-18 12:14:28 +10:00
..
generic_mpi-asm-defs.h crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
generic_mpih-add1.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
generic_mpih-lshift.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
generic_mpih-mul1.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
generic_mpih-mul2.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
generic_mpih-mul3.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
generic_mpih-rshift.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
generic_mpih-sub1.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
longlong.h lib: Fix 32-bit sparc udiv_qrnnd() definition in mpilib's longlong.h 2012-02-02 10:34:25 +11:00
Makefile crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpi-add.c crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpi-bit.c mpi: Avoid using freed pointer in mpi_lshift_limbs() 2012-04-18 12:14:28 +10:00
mpi-cmp.c crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpi-div.c lib/mpi: added missing NULL check 2012-02-02 00:23:39 +11:00
mpi-gcd.c crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpi-inline.c crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpi-inline.h crypto: GnuPG based MPI lib - header files (part 2) 2011-11-09 11:45:26 +02:00
mpi-internal.h crypto: GnuPG based MPI lib - header files (part 2) 2011-11-09 11:45:26 +02:00
mpi-inv.c crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpi-mpow.c mpi/mpi-mpow: NULL dereference on allocation failure 2011-12-08 00:09:23 +11:00
mpi-mul.c crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpi-pow.c lib/mpi: return error code on dividing by zero 2012-02-02 00:23:14 +11:00
mpi-scan.c crypto: GnuPG based MPI lib - additional sources (part 4) 2011-11-09 11:47:26 +02:00
mpicoder.c lib/mpi: removed unused functions 2012-02-02 00:23:14 +11:00
mpih-cmp.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
mpih-div.c lib/mpi: added comment on divide by 0 case 2012-02-02 00:23:39 +11:00
mpih-mul.c crypto: GnuPG based MPI lib - source files (part 1) 2011-11-09 11:45:22 +02:00
mpiutil.c lib/mpi: check for possible zero length 2012-02-02 00:23:39 +11:00