diff -urN boinc-6.4.5.old/lib/crypt.cpp boinc-6.4.5/lib/crypt.cpp --- boinc-6.4.5.old/lib/crypt.cpp 2008-09-26 20:20:24.000000000 +0200 +++ boinc-6.4.5/lib/crypt.cpp 2009-02-17 17:33:10.000000000 +0100 @@ -243,7 +243,7 @@ // The output block must be decrypted in its entirety. // int encrypt_private(R_RSA_PRIVATE_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) { - int n, modulus_len; + int n, modulus_len, retval; modulus_len = (key.bits+7)/8; n = in.len; @@ -252,17 +252,27 @@ } RSA* rp = RSA_new(); private_to_openssl(key, rp); - RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING); + retval = RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING); + if (retval < 0) { + RSA_free(rp); + return ERR_CRYPTO; + } out.len = RSA_size(rp); RSA_free(rp); return 0; } int decrypt_public(R_RSA_PUBLIC_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) { + int retval; RSA* rp = RSA_new(); public_to_openssl(key, rp); - RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING); + retval = RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING); + if (retval < 0) { + RSA_free(rp); + return ERR_CRYPTO; + } out.len = RSA_size(rp); + RSA_free(rp); return 0; } diff -urN boinc-6.4.5.old/lib/error_numbers.h boinc-6.4.5/lib/error_numbers.h --- boinc-6.4.5.old/lib/error_numbers.h 2008-08-06 20:36:30.000000000 +0200 +++ boinc-6.4.5/lib/error_numbers.h 2009-02-17 17:34:17.000000000 +0100 @@ -185,6 +185,7 @@ #define ERR_RMDIR -227 #define ERR_SYMLINK -229 #define ERR_DB_CONN_LOST -230 +#define ERR_CRYPTO -231 // PLEASE: add a text description of your error to // the text description function boincerror() in str_util.C. diff -urN boinc-6.4.5.old/lib/str_util.cpp boinc-6.4.5/lib/str_util.cpp --- boinc-6.4.5.old/lib/str_util.cpp 2008-09-26 20:20:24.000000000 +0200 +++ boinc-6.4.5/lib/str_util.cpp 2009-02-17 17:33:50.000000000 +0100 @@ -735,6 +735,7 @@ case ERR_RMDIR: return "rmdir() failed"; case ERR_SYMLINK: return "symlink() failed"; case ERR_DB_CONN_LOST: return "DB connection lost during enumeration"; + case ERR_CRYPTO: return "encryption error"; case 404: return "HTTP file not found"; case 407: return "HTTP proxy authentication failure"; case 416: return "HTTP range request error";