From: Daiki Ueno Date: Sun, 24 Mar 2024 21:45:39 +0000 (+0900) Subject: gnutls_privkey_decrypt_data: don't free plaintext on failure X-Git-Tag: 3.8.5~5^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5e8afe0d6bf4e6980ed2fa7e50a773c2fad44ea9;p=thirdparty%2Fgnutls.git gnutls_privkey_decrypt_data: don't free plaintext on failure As _wrap_nettle_pk_decrypt uses a locally allocated buffer for the plaintext, it doesn't need to free the plaintext given by the caller. Signed-off-by: Daiki Ueno --- diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index dd6b9936a8..13546673eb 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -1034,7 +1034,6 @@ static int _wrap_nettle_pk_decrypt(gnutls_pk_algorithm_t algo, cleanup: gnutls_free(buf); if (ret < 0) { - gnutls_free(plaintext->data); _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR); } else if (not_approved) { _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED); diff --git a/tests/rsa-rsa-oaep.c b/tests/rsa-rsa-oaep.c index 175dc6d54f..3a2bd9aa99 100644 --- a/tests/rsa-rsa-oaep.c +++ b/tests/rsa-rsa-oaep.c @@ -53,6 +53,7 @@ static void encrypt_decrypt_data(gnutls_privkey_t privkey, gnutls_pubkey_t pubkey; gnutls_datum_t ciphertext = { NULL, 0 }; gnutls_datum_t decrypted = { NULL, 0 }; + gnutls_datum_t uninitialized; assert(gnutls_pubkey_init(&pubkey) >= 0); ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0); @@ -70,6 +71,15 @@ static void encrypt_decrypt_data(gnutls_privkey_t privkey, ret = gnutls_privkey_decrypt_data(privkey, 0, &ciphertext, &decrypted); fips_pop_context(fips_context, exp_state); + /* gnutls_privkey_decrypt_data shouldn't touch plaintext upon + * failure */ + assert(ciphertext.size >= 4); + memcpy(ciphertext.data, "\xde\xad\xbe\xef", 4); + ret = gnutls_privkey_decrypt_data(privkey, 0, &ciphertext, + &uninitialized); + if (ret >= 0) + fail("gnutls_privkey_decrypt_data unexpectedly succeeded\n"); + out: gnutls_pubkey_deinit(pubkey); gnutls_free(ciphertext.data);