From: Mark Wooding <mdw@distorted.org.uk>
Date: Fri, 7 Jul 2017 20:18:42 +0000 (+0100)
Subject: Merge remote-tracking branch 'origin/HEAD'
X-Git-Tag: 1.2.1.1~4
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/catacomb-python/commitdiff_plain/278e43d0c27875a1355ebaf3bef6d0f5df739626?hp=1d93191e19f43bce5b8f3bd3447c755c1d615f56

Merge remote-tracking branch 'origin/HEAD'

* origin/HEAD:
  catacomb/pwsafe.py: Fix stupid error which breaks `delete'.
---

diff --git a/debian/changelog b/debian/changelog
index 5da1860..aaee0c3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+catacomb-python (1.2.1) experimental; urgency=low
+
+  * Fix use-after-free bug in ECPt hashing causing hash instability.
+  * Fix keywrd argument mismatch in ECDSAPriv.
+  * Coerce DSA private key values to `MP'.
+
+ -- Mark Wooding <mdw@distorted.org.uk>  Fri, 16 Jun 2017 01:01:05 +0100
+
 catacomb-python (1.2.0) experimental; urgency=low
 
   * Bindings for HSalsa20 and HChaCha PRFs.
diff --git a/ec.c b/ec.c
index 0489bc0..c603489 100644
--- a/ec.c
+++ b/ec.c
@@ -204,8 +204,8 @@ static long ecpt_pyhash(PyObject *me)
   EC_OUT(ECPT_C(me), &p, ECPT_P(me));
   ec_putraw(ECPT_C(me), &b, &p);
   EC_DESTROY(&p);
-  xfree(q);
   h = unihash_hash(&unihash_global, h, BBASE(&b), BLEN(&b));
+  xfree(q);
   return (h % LONG_MAX);
 }
 
diff --git a/pubkey.c b/pubkey.c
index e0e8dc9..5167a97 100644
--- a/pubkey.c
+++ b/pubkey.c
@@ -65,8 +65,12 @@ static PyObject *dsa_setup(PyTypeObject *ty, PyObject *G, PyObject *u,
   if (!u) {
     g->d.u = 0;
     u = Py_None;
-  } else if ((g->d.u = getmp(u)) == 0)
-    goto end;
+  } else {
+    if ((g->d.u = getmp(u)) == 0)
+      goto end;
+    if (MP_PYCHECK(u)) Py_INCREF(u);
+    else u = mp_pywrap(g->d.u);
+  }
   if (!p) {
     assert(g->d.u); assert(calcpub);
     pp = G_CREATE(GROUP_G(G));
@@ -78,7 +82,7 @@ static PyObject *dsa_setup(PyTypeObject *ty, PyObject *G, PyObject *u,
   g->d.p = GE_X(p);
   g->d.r = GRAND_R(rng);
   g->d.h = GCHASH_CH(hash);
-  g->G = G; Py_INCREF(G); g->u = u; Py_INCREF(u); g->p = p;
+  g->G = G; Py_INCREF(G); g->u = u; g->p = p;
   g->rng = rng; Py_INCREF(rng); g->hash = hash; Py_INCREF(hash);
   return ((PyObject *)g);
 end:
@@ -344,7 +348,7 @@ static PyObject *kcdsapriv_pynew(PyTypeObject *ty,
 {
   PyObject *G, *u, *p = 0, *rng = rand_pyobj, *hash = has160_pyobj;
   PyObject *rc = 0;
-  char *kwlist[] = { "G", "p", "u", "hash", "rng", 0 };
+  char *kwlist[] = { "G", "u", "p", "hash", "rng", 0 };
 
   if (!PyArg_ParseTupleAndKeywords(arg, kw, "O!O|O!O!O!:new", kwlist,
 				   group_pytype, &G,