simon-git: putty (master): Simon Tatham

Commits to Tartarus CVS repository. tartarus-commits at lists.tartarus.org
Sat Dec 20 18:56:25 GMT 2014 

TL;DR:
  0acc74d Fixes to memory management in the elliptic curve code.
  c46da2f Fix memory management in bignum_random_in_range.
  ae4986a Do an smemclr(bytes) in bignum_random_in_range.
  2320877 Merge branch 'pre-0.64'

Repository:     git://git.tartarus.org/simon/putty.git
On the web:     http://tartarus.org/~simon-git/gitweb/?p=putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2014-12-20 18:56:25

commit 0acc74d711638c583d67c187a1b731b36a075d9f
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=0acc74d711638c583d67c187a1b731b36a075d9f;hp=d23c0972cd850c77871f9a314e0520d7023c8b62
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Dec 20 17:07:17 2014 +0000

    Fixes to memory management in the elliptic curve code.
    
    There was an error-handling path testing the wrong variable; an
    inappropriate call to ec_point_free in decodepoint() (in fact, that
    function always gets passed a pointer to an ec_point structure that's
    not a dynamically allocated block at all or not in its own right, so
    we should have just cleared its contents without freeing the structure
    itself); a missing return on an error path which would have caused the
    same structure to be freed a second time; and two missing freebn in
    ecdsa_sign.
    
    Patch due to Tim Kosse.

 sshecc.c |   11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

commit c46da2f079cd28503f7b3fac5734bf6863858257
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=c46da2f079cd28503f7b3fac5734bf6863858257;hp=0acc74d711638c583d67c187a1b731b36a075d9f
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Dec 20 18:43:46 2014 +0000

    Fix memory management in bignum_random_in_range.
    
    We were allocating a new array in which to make up a random number
    every time we went round the loop, and not freeing any of them. Now we
    allocate a single array to use for all loop iterations, and clear and
    free it properly afterwards.
    
    Patch due to Tim Kosse.

 sshbn.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

commit ae4986a4330cb1a19689521ac3388034849da35f
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=ae4986a4330cb1a19689521ac3388034849da35f;hp=c46da2f079cd28503f7b3fac5734bf6863858257
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Dec 20 18:44:36 2014 +0000

    Do an smemclr(bytes) in bignum_random_in_range.
    
    It's used for sensitive data, so we shouldn't leave it lying around
    after free.

 sshbn.c |    1 +
 1 file changed, 1 insertion(+)

commit 23208779e78024a004f5e51c189874cb50c29af0
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=23208779e78024a004f5e51c189874cb50c29af0;hp=ae4986a4330cb1a19689521ac3388034849da35f
Merge: ae4986a 02dd708
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Dec 20 18:52:40 2014 +0000

    Merge branch 'pre-0.64'

More information about the tartarus-commits mailing list