[Pettycoin-dev] [raw_decode_base_n PATCH 1/3] caller_do_bn_init.patch

[Nelson Castillo]

Problem:

raw_decode_base_n leaks if we allocate the bignum with BN_new(),
because BN_init() is called on an initialized BIGNUM.

Fix:

raw_decode_base58 no longer calls BN_init() and the caller has to call
BN_init() if needed.

Signed-off-by: Nelson Castillo <nelsoneci at gmail.com>
---
 base58.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/base58.c b/base58.c
index da4a17d..bdf5ea2 100644
--- a/base58.c
+++ b/base58.c
@@ -84,7 +84,6 @@ out:
  */
 bool raw_decode_base58(BIGNUM *bn, const char *src, size_t len)
 {
-	BN_init(bn);
 	BN_zero(bn);
 
 	while (len) {
@@ -163,6 +162,7 @@ bool pettycoin_from_base58(bool *test_net,
 		base58_len -= 2;
 	}
 
+	BN_init(&bn);
 	if (!raw_decode_base58(&bn, base58, base58_len))
 		return false;
 
@@ -224,6 +224,7 @@ bool ripemd_from_base58(u8 *version, u8 ripemd160[RIPEMD160_DIGEST_LENGTH],
 	if (strlen(base58) > BASE58_ADDR_MAX_LEN - 1)
 		return false;
 
+	BN_init(&bn);
 	/* Fails if it contains invalid characters. */
 	if (!raw_decode_base58(&bn, base58, strlen(base58)))
 		return false;
@@ -329,6 +330,7 @@ EC_KEY *key_from_base58(const char *base58, size_t base58_len,
 	} else
 		is_bitcoin = false;
 
+	BN_init(&bn);
 	if (!raw_decode_base58(&bn, base58, base58_len))
 		return NULL;