[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Thu Apr 30 21:48:56 UTC 2015


The branch master has been updated
       via  68dc682499ea3fe27d909c946d7abd39062d6efd (commit)
      from  222561fe8ef510f336417a666f69f81ddc9b8fe4 (commit)


- Log -----------------------------------------------------------------
commit 68dc682499ea3fe27d909c946d7abd39062d6efd
Author: Rich Salz <rsalz at openssl.org>
Date:   Thu Apr 30 17:48:31 2015 -0400

    In apps, malloc or die
    
    No point in proceeding if you're out of memory.  So change
    *all* OPENSSL_malloc calls in apps to use the new routine which
    prints a message and exits.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.c          | 36 +++++++++++++++--------------
 apps/apps.h          |  1 +
 apps/ca.c            | 64 +++++++++++-----------------------------------------
 apps/cms.c           |  6 +----
 apps/dgst.c          | 11 ++-------
 apps/dhparam.c       |  6 +----
 apps/dsaparam.c      | 13 +++--------
 apps/ecparam.c       | 20 ++++------------
 apps/enc.c           |  9 ++------
 apps/engine.c        | 10 +++-----
 apps/openssl.c       |  4 +---
 apps/passwd.c        | 17 ++++----------
 apps/pkeyutl.c       | 11 ++++-----
 apps/rsa.c           | 17 +++++---------
 apps/rsautl.c        |  8 ++-----
 apps/s_cb.c          | 26 ++++-----------------
 apps/s_client.c      | 43 +++++++++++++++--------------------
 apps/s_server.c      | 62 ++++++++++++++++++--------------------------------
 apps/s_socket.c      |  6 +----
 apps/speed.c         | 22 ++++--------------
 apps/srp.c           | 21 +++--------------
 apps/ts.c            |  8 ++-----
 apps/vms_decc_init.c |  2 +-
 apps/x509.c          | 13 ++---------
 24 files changed, 126 insertions(+), 310 deletions(-)

diff --git a/apps/apps.c b/apps/apps.c
index 9475fe3..f74b968 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -180,7 +180,7 @@ int chopup_args(ARGS *arg, char *buf)
     arg->argc = 0;
     if (arg->size == 0) {
         arg->size = 20;
-        arg->argv = OPENSSL_malloc(sizeof(char *) * arg->size);
+        arg->argv = app_malloc(sizeof(char *) * arg->size, "argv space");
         if (arg->argv == NULL)
             return 0;
     }
@@ -367,13 +367,7 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
             ok = UI_add_input_string(ui, prompt, ui_flags, buf,
                                      PW_MIN_LENGTH, bufsiz - 1);
         if (ok >= 0 && verify) {
-            buff = OPENSSL_malloc(bufsiz);
-            if (!buff) {
-                BIO_printf(bio_err, "Out of memory\n");
-                UI_free(ui);
-                OPENSSL_free(prompt);
-                return 0;
-            }
+            buff = app_malloc(bufsiz, "password buffer");
             ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
                                       PW_MIN_LENGTH, bufsiz - 1, buf);
         }
@@ -989,6 +983,21 @@ static int load_certs_crls(const char *file, int format,
     return rv;
 }
 
+void* app_malloc(int sz, const char *what)
+{
+    void *vp = OPENSSL_malloc(sz);
+
+    if (vp == NULL) {
+        BIO_printf(bio_err, "%s: Could not allocate %d bytes for %s\n",
+                opt_getprog(), sz, what);
+        ERR_print_errors(bio_err);
+        exit(1);
+    }
+    return vp;
+}
+
+
+
 STACK_OF(X509) *load_certs(const char *file, int format,
                            const char *pass, ENGINE *e, const char *desc)
 {
@@ -1585,11 +1594,7 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
         }
     }
 
-    if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL) {
-        fprintf(stderr, "Out of memory\n");
-        goto err;
-    }
-
+    retdb = app_malloc(sizeof *retdb, "new DB");
     retdb->db = tmpdb;
     tmpdb = NULL;
     if (db_attr)
@@ -2230,10 +2235,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
     if (len >= 65535)
         return NULL;
 
-    out = OPENSSL_malloc(strlen(in) + 1);
-    if (!out)
-        return NULL;
-
+    out = app_malloc(strlen(in) + 1, "NPN buffer");
     for (i = 0; i <= len; ++i) {
         if (i == len || in[i] == ',') {
             if (i - start > 255) {
diff --git a/apps/apps.h b/apps/apps.h
index 5b24233..e55dcd6 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -469,6 +469,7 @@ typedef struct ca_db_st {
     TXT_DB *db;
 } CA_DB;
 
+void* app_malloc(int sz, const char *what);
 BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
 int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
                 ASN1_INTEGER **retai);
diff --git a/apps/ca.c b/apps/ca.c
index a3e0bda..bc7c3fd 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -491,21 +491,11 @@ end_of_options:
         const char *s = X509_get_default_cert_area();
         size_t len;
 
+        len = strlen(s) + 1 + sizeof(CONFIG_FILE);
+        tofree = app_malloc(len, "config filename");
 #ifdef OPENSSL_SYS_VMS
-        len = strlen(s) + sizeof(CONFIG_FILE);
-        tofree = OPENSSL_malloc(len);
-        if (!tofree) {
-            BIO_printf(bio_err, "Out of memory\n");
-            goto end;
-        }
         strcpy(tofree, s);
 #else
-        len = strlen(s) + sizeof(CONFIG_FILE) + 1;
-        tofree = OPENSSL_malloc(len);
-        if (!tofree) {
-            BIO_printf(bio_err, "Out of memory\n");
-            goto end;
-        }
         BUF_strlcpy(tofree, s, len);
         BUF_strlcat(tofree, "/", len);
 #endif
@@ -1975,17 +1965,17 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         goto end;
 
     /* We now just add it to the database */
-    row[DB_type] = OPENSSL_malloc(2);
+    row[DB_type] = app_malloc(2, "row db type");
 
     tm = X509_get_notAfter(ret);
-    row[DB_exp_date] = OPENSSL_malloc(tm->length + 1);
+    row[DB_exp_date] = app_malloc(tm->length + 1, "row expdate");
     memcpy(row[DB_exp_date], tm->data, tm->length);
     row[DB_exp_date][tm->length] = '\0';
 
     row[DB_rev_date] = NULL;
 
     /* row[DB_serial] done already */
-    row[DB_file] = OPENSSL_malloc(8);
+    row[DB_file] = app_malloc(8, "row file");
     row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
 
     if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
@@ -1997,11 +1987,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     row[DB_type][0] = 'V';
     row[DB_type][1] = '\0';
 
-    if ((irow = OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
-        BIO_printf(bio_err, "Memory allocation failure\n");
-        goto end;
-    }
-
+    irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row space");
     for (i = 0; i < DB_NUMBER; i++) {
         irow[i] = row[i];
         row[i] = NULL;
@@ -2223,34 +2209,25 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
                    row[DB_serial], row[DB_name]);
 
         /* We now just add it to the database */
-        row[DB_type] = OPENSSL_malloc(2);
+        row[DB_type] = app_malloc(2, "row type");
 
         tm = X509_get_notAfter(x509);
-        row[DB_exp_date] = OPENSSL_malloc(tm->length + 1);
+        row[DB_exp_date] = app_malloc(tm->length + 1, "row exp_data");
         memcpy(row[DB_exp_date], tm->data, tm->length);
         row[DB_exp_date][tm->length] = '\0';
 
         row[DB_rev_date] = NULL;
 
         /* row[DB_serial] done already */
-        row[DB_file] = OPENSSL_malloc(8);
+        row[DB_file] = app_malloc(8, "row filename");
 
         /* row[DB_name] done already */
 
-        if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-            (row[DB_file] == NULL)) {
-            BIO_printf(bio_err, "Memory allocation failure\n");
-            goto end;
-        }
         BUF_strlcpy(row[DB_file], "unknown", 8);
         row[DB_type][0] = 'V';
         row[DB_type][1] = '\0';
 
-        if ((irow = OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
-            BIO_printf(bio_err, "Memory allocation failure\n");
-            goto end;
-        }
-
+        irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row ptr");
         for (i = 0; i < DB_NUMBER; i++) {
             irow[i] = row[i];
             row[i] = NULL;
@@ -2312,11 +2289,7 @@ static int get_certificate_status(const char *serial, CA_DB *db)
         row[i] = NULL;
 
     /* Malloc needed char spaces */
-    row[DB_serial] = OPENSSL_malloc(strlen(serial) + 2);
-    if (row[DB_serial] == NULL) {
-        BIO_printf(bio_err, "Malloc failure\n");
-        goto end;
-    }
+    row[DB_serial] = app_malloc(strlen(serial) + 2, "row serial#");
 
     if (strlen(serial) % 2) {
         /*
@@ -2385,11 +2358,7 @@ static int do_updatedb(CA_DB *db)
 
     /* get actual time and make a string */
     a_tm = X509_gmtime_adj(a_tm, 0);
-    a_tm_s = OPENSSL_malloc(a_tm->length + 1);
-    if (a_tm_s == NULL) {
-        cnt = -1;
-        goto end;
-    }
+    a_tm_s = (char *)OPENSSL_malloc(a_tm->length + 1);
 
     memcpy(a_tm_s, a_tm->data, a_tm->length);
     a_tm_s[a_tm->length] = '\0';
@@ -2429,11 +2398,8 @@ static int do_updatedb(CA_DB *db)
         }
     }
 
- end:
-
     ASN1_UTCTIME_free(a_tm);
     OPENSSL_free(a_tm_s);
-
     return (cnt);
 }
 
@@ -2533,11 +2499,7 @@ char *make_revocation_str(int rev_type, char *rev_arg)
     if (other)
         i += strlen(other) + 1;
 
-    str = OPENSSL_malloc(i);
-
-    if (!str)
-        return NULL;
-
+    str = app_malloc(i, "revocation reason");
     BUF_strlcpy(str, (char *)revtm->data, i);
     if (reason) {
         BUF_strlcat(str, ",", i);
diff --git a/apps/cms.c b/apps/cms.c
index 16dbc0c..907b108 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -570,11 +570,7 @@ int cms_main(int argc, char **argv)
             }
             if (key_param == NULL || key_param->idx != keyidx) {
                 cms_key_param *nparam;
-                nparam = OPENSSL_malloc(sizeof(cms_key_param));
-                if (!nparam) {
-                    BIO_printf(bio_err, "Out of memory\n");
-                    goto end;
-                }
+                nparam = app_malloc(sizeof *nparam, "key param buffer");
                 nparam->idx = keyidx;
                 if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
diff --git a/apps/dgst.c b/apps/dgst.c
index 106e939..3ff4750 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -139,10 +139,7 @@ int dgst_main(int argc, char **argv)
     int engine_impl = 0;
 
     prog = opt_progname(argv[0]);
-    if ((buf = OPENSSL_malloc(BUFSIZE)) == NULL) {
-        BIO_printf(bio_err, "%s: out of memory\n", prog);
-        goto end;
-    }
+    buf = app_malloc(BUFSIZE, "I/O buffer");
     md = EVP_get_digestbyname(prog);
 
     prog = opt_init(argc, argv, dgst_options);
@@ -394,11 +391,7 @@ int dgst_main(int argc, char **argv)
             goto end;
         }
         siglen = EVP_PKEY_size(sigkey);
-        sigbuf = OPENSSL_malloc(siglen);
-        if (!sigbuf) {
-            BIO_printf(bio_err, "Out of memory\n");
-            goto end;
-        }
+        sigbuf = app_malloc(siglen, "signature buffer");
         siglen = BIO_read(sigbio, sigbuf, siglen);
         BIO_free(sigbio);
         if (siglen <= 0) {
diff --git a/apps/dhparam.c b/apps/dhparam.c
index e7fa7ae..c66c591 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -379,11 +379,7 @@ int dhparam_main(int argc, char **argv)
 
         len = BN_num_bytes(dh->p);
         bits = BN_num_bits(dh->p);
-        data = OPENSSL_malloc(len);
-        if (data == NULL) {
-            perror("OPENSSL_malloc");
-            goto end;
-        }
+        data = app_malloc(len, "print a BN");
         BIO_printf(out, "#ifndef HEADER_DH_H\n"
                         "# include <openssl/dh.h>\n"
                         "#endif\n"
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 5aa6e2c..afc8a82 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -268,16 +268,9 @@ int dsaparam_main(int argc, char **argv)
     }
 
     if (C) {
-        unsigned char *data;
-        int len, bits_p;
-
-        len = BN_num_bytes(dsa->p);
-        bits_p = BN_num_bits(dsa->p);
-        data = OPENSSL_malloc(len + 20);
-        if (data == NULL) {
-            perror("OPENSSL_malloc");
-            goto end;
-        }
+        int len = BN_num_bytes(dsa->p);
+        int bits_p = BN_num_bits(dsa->p);
+        unsigned char *data = app_malloc(len + 20, "BN space");
 
         BIO_printf(bio_out, "DSA *get_dsa%d()\n{\n", bits_p);
         print_bignum_var(bio_out, dsa->p, "dsap", len, data);
diff --git a/apps/ecparam.c b/apps/ecparam.c
index f316793..5b39e83 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -229,16 +229,10 @@ int ecparam_main(int argc, char **argv)
 
     if (list_curves) {
         EC_builtin_curve *curves = NULL;
-        size_t crv_len = 0;
-        size_t n = 0;
-
-        crv_len = EC_get_builtin_curves(NULL, 0);
-
-        curves = OPENSSL_malloc((int)(sizeof(EC_builtin_curve) * crv_len));
-
-        if (curves == NULL)
-            goto end;
+        size_t crv_len = EC_get_builtin_curves(NULL, 0);
+        size_t n;
 
+        curves = app_malloc((int)(sizeof *curves * crv_len), "list curves");
         if (!EC_get_builtin_curves(curves, crv_len)) {
             OPENSSL_free(curves);
             goto end;
@@ -346,7 +340,7 @@ int ecparam_main(int argc, char **argv)
                 || (ec_gen = BN_new()) == NULL
                 || (ec_order = BN_new()) == NULL
                 || (ec_cofactor = BN_new()) == NULL) {
-            perror("OPENSSL_malloc");
+            perror("Can't allocate BN");
             goto end;
         }
 
@@ -388,11 +382,7 @@ int ecparam_main(int argc, char **argv)
         if ((tmp_len = (size_t)BN_num_bytes(ec_cofactor)) > buf_len)
             buf_len = tmp_len;
 
-        buffer = OPENSSL_malloc(buf_len);
-        if (buffer == NULL) {
-            perror("OPENSSL_malloc");
-            goto end;
-        }
+        buffer = app_malloc(buf_len, "BN buffer");
 
         BIO_printf(out, "EC_GROUP *get_ec_group_%d(void)\n{\n", len);
         print_bignum_var(out, ec_p, "ec_p", len, buffer);
diff --git a/apps/enc.c b/apps/enc.c
index c6b8d2b..83067b8 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -313,13 +313,8 @@ int enc_main(int argc, char **argv)
     if (verbose)
         BIO_printf(bio_err, "bufsize=%d\n", bsize);
 
-    strbuf = OPENSSL_malloc(SIZE);
-    buff = OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
-    if ((buff == NULL) || (strbuf == NULL)) {
-        BIO_printf(bio_err, "OPENSSL_malloc failure %ld\n",
-                   (long)EVP_ENCODE_LENGTH(bsize));
-        goto end;
-    }
+    strbuf = app_malloc(SIZE, "strbuf");
+    buff = app_malloc(EVP_ENCODE_LENGTH(bsize), "evp buffer");
 
     if (debug) {
         BIO_set_callback(in, BIO_debug_callback);
diff --git a/apps/engine.c b/apps/engine.c
index 7dcc1b0..448802b 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -98,9 +98,7 @@ static int append_buf(char **buf, const char *s, int *size, int step)
 
     if (*buf == NULL) {
         *size = step;
-        *buf = OPENSSL_malloc(*size);
-        if (*buf == NULL)
-            return 0;
+        *buf = app_malloc(*size, "engine buffer");
         **buf = '\0';
     }
 
@@ -211,8 +209,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *out, const char *indent)
             if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
                                    NULL, NULL)) <= 0)
                 goto err;
-            if ((name = OPENSSL_malloc(len + 1)) == NULL)
-                goto err;
+            name = app_malloc(len + 1, "name buffer");
             if (ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
                             NULL) <= 0)
                 goto err;
@@ -221,8 +218,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *out, const char *indent)
                                    NULL, NULL)) < 0)
                 goto err;
             if (len > 0) {
-                if ((desc = OPENSSL_malloc(len + 1)) == NULL)
-                    goto err;
+                desc = app_malloc(len + 1, "description buffer");
                 if (ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
                                 NULL) <= 0)
                     goto err;
diff --git a/apps/openssl.c b/apps/openssl.c
index 786f5d3..f6013f7 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -204,9 +204,7 @@ static char *make_config_name()
     char *p;
 
     len = strlen(t) + strlen(OPENSSL_CONF) + 2;
-    p = OPENSSL_malloc(len);
-    if (p == NULL)
-        return NULL;
+    p = app_malloc(len, "config filename buffer");
     BUF_strlcpy(p, t, len);
 #ifndef OPENSSL_SYS_VMS
     BUF_strlcat(p, "/", len);
diff --git a/apps/passwd.c b/apps/passwd.c
index 3c6fd52..c529792 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -221,12 +221,9 @@ int passwd_main(int argc, char **argv)
         /* no passwords on the command line */
 
         passwd_malloc_size = pw_maxlen + 2;
-        /*
-         * longer than necessary so that we can warn about truncation
-         */
-        passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
-        if (passwd_malloc == NULL)
-            goto end;
+        /* longer than necessary so that we can warn about truncation */
+        passwd = passwd_malloc =
+            app_malloc(passwd_malloc_size, "password buffer");
     }
 
     if ((in == NULL) && (passwds == NULL)) {
@@ -426,9 +423,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 # ifndef OPENSSL_NO_DES
         if (usecrypt) {
             if (*salt_malloc_p == NULL) {
-                *salt_p = *salt_malloc_p = OPENSSL_malloc(3);
-                if (*salt_malloc_p == NULL)
-                    goto end;
+                *salt_p = *salt_malloc_p = app_malloc(3, "salt buffer");
             }
             if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0)
                 goto end;
@@ -447,9 +442,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
             int i;
 
             if (*salt_malloc_p == NULL) {
-                *salt_p = *salt_malloc_p = OPENSSL_malloc(9);
-                if (*salt_malloc_p == NULL)
-                    goto end;
+                *salt_p = *salt_malloc_p = app_malloc(9, "salt buffer");
             }
             if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0)
                 goto end;
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index da7dc2e..3afe0eb 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -299,13 +299,10 @@ int pkeyutl_main(int argc, char **argv)
     rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
                   buf_in, (size_t)buf_inlen);
     if (rv > 0) {
-        buf_out = OPENSSL_malloc(buf_outlen);
-        if (!buf_out)
-            rv = -1;
-        else
-            rv = do_keyop(ctx, pkey_op,
-                          buf_out, (size_t *)&buf_outlen,
-                          buf_in, (size_t)buf_inlen);
+        buf_out = app_malloc(buf_outlen, "buffer output");
+        rv = do_keyop(ctx, pkey_op,
+                      buf_out, (size_t *)&buf_outlen,
+                      buf_in, (size_t)buf_inlen);
     }
     if (rv <= 0) {
         ERR_print_errors(bio_err);
diff --git a/apps/rsa.c b/apps/rsa.c
index c8b05e6..0a8e198 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -344,19 +344,14 @@ int rsa_main(int argc, char **argv)
     }
 # ifndef OPENSSL_NO_RC4
     else if (outformat == FORMAT_NETSCAPE) {
-        unsigned char *p, *pp;
-        int size;
+        unsigned char *p, *save;
+        int size = i2d_RSA_NET(rsa, NULL, NULL, 0);
 
-        i = 1;
-        size = i2d_RSA_NET(rsa, NULL, NULL, 0);
-        if ((p = OPENSSL_malloc(size)) == NULL) {
-            BIO_printf(bio_err, "Memory allocation failure\n");
-            goto end;
-        }
-        pp = p;
+        save = p = app_malloc(size, "RSA i2d buffer");
         i2d_RSA_NET(rsa, &p, NULL, 0);
-        BIO_write(out, (char *)pp, size);
-        OPENSSL_free(pp);
+        BIO_write(out, (char *)save, size);
+        OPENSSL_free(save);
+        i = 1;
     }
 # endif
     else if (outformat == FORMAT_PEM) {
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 67cb76e..f138293 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -257,12 +257,8 @@ int rsautl_main(int argc, char **argv)
 
     keysize = RSA_size(rsa);
 
-    rsa_in = OPENSSL_malloc(keysize * 2);
-    rsa_out = OPENSSL_malloc(keysize);
-    if (!rsa_in || !rsa_out) {
-        BIO_printf(bio_err, "Out of memory\n");
-        goto end;
-    }
+    rsa_in = app_malloc(keysize * 2, "hold rsa key");
+    rsa_out = app_malloc(keysize, "output rsa key");
 
     /* Read the input data */
     rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 1d026b6..1f2d371 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -439,11 +439,7 @@ int ssl_print_curves(BIO *out, SSL *s, int noshared)
     ncurves = SSL_get1_curves(s, NULL);
     if (ncurves <= 0)
         return 1;
-    curves = OPENSSL_malloc(ncurves * sizeof(int));
-    if (!curves) {
-        BIO_printf(out, "Out of memory\n");
-        return 0;
-    }
+    curves = app_malloc(ncurves * sizeof(int), "curves to print");
     SSL_get1_curves(s, curves);
 
     BIO_puts(out, "Supported Elliptic Curves: ");
@@ -955,12 +951,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
         OPENSSL_assert(0);
         break;
     }
-    buffer = OPENSSL_malloc(length);
-
-    if (buffer == NULL) {
-        BIO_printf(bio_err, "out of memory\n");
-        return 0;
-    }
+    buffer = app_malloc(length, "cookie generate buffer");
 
     switch (peer.sa.sa_family) {
     case AF_INET:
@@ -1028,12 +1019,7 @@ int verify_cookie_callback(SSL *ssl, unsigned char *cookie,
         OPENSSL_assert(0);
         break;
     }
-    buffer = OPENSSL_malloc(length);
-
-    if (buffer == NULL) {
-        BIO_printf(bio_err, "out of memory\n");
-        return 0;
-    }
+    buffer = app_malloc(length, "cookie verify buffer");
 
     switch (peer.sa.sa_family) {
     case AF_INET:
@@ -1187,10 +1173,8 @@ void ssl_ctx_set_excert(SSL_CTX *ctx, SSL_EXCERT *exc)
 
 static int ssl_excert_prepend(SSL_EXCERT **pexc)
 {
-    SSL_EXCERT *exc;
-    exc = OPENSSL_malloc(sizeof(SSL_EXCERT));
-    if (!exc)
-        return 0;
+    SSL_EXCERT *exc = app_malloc(sizeof *exc, "prepend cert");
+
     exc->certfile = NULL;
     exc->keyfile = NULL;
     exc->chainfile = NULL;
diff --git a/apps/s_client.c b/apps/s_client.c
index fdd1f5c..344c88c 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -385,14 +385,10 @@ static int ssl_srp_verify_param_cb(SSL *s, void *arg)
 static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
 {
     SRP_ARG *srp_arg = (SRP_ARG *)arg;
-    char *pass = OPENSSL_malloc(PWD_STRLEN + 1);
+    char *pass = app_malloc(PWD_STRLEN + 1, "SRP password buffer");
     PW_CB_DATA cb_tmp;
     int l;
 
-    if (!pass) {
-        BIO_printf(bio_err, "Out of memory\n");
-        return NULL;
-    }
     cb_tmp.password = (char *)srp_arg->srppassin;
     cb_tmp.prompt_info = "SRP user";
     if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp)) < 0) {
@@ -712,13 +708,12 @@ int s_client_main(int argc, char **argv)
     verify_depth = 0;
     verify_error = X509_V_OK;
     vpm = X509_VERIFY_PARAM_new();
-    cbuf = OPENSSL_malloc(BUFSIZZ);
-    sbuf = OPENSSL_malloc(BUFSIZZ);
-    mbuf = OPENSSL_malloc(BUFSIZZ);
+    cbuf = app_malloc(BUFSIZZ, "cbuf");
+    sbuf = app_malloc(BUFSIZZ, "sbuf");
+    mbuf = app_malloc(BUFSIZZ, "mbuf");
     cctx = SSL_CONF_CTX_new();
 
-    if (vpm == NULL || cctx == NULL
-        || cbuf == NULL || sbuf == NULL || mbuf == NULL) {
+    if (vpm == NULL || cctx == NULL) {
         BIO_printf(bio_err, "%s: out of memory\n", prog);
         goto end;
     }
@@ -2176,22 +2171,20 @@ static void print_stuff(BIO *bio, SSL *s, int full)
         BIO_printf(bio, "Keying material exporter:\n");
         BIO_printf(bio, "    Label: '%s'\n", keymatexportlabel);
         BIO_printf(bio, "    Length: %i bytes\n", keymatexportlen);
-        exportedkeymat = OPENSSL_malloc(keymatexportlen);
-        if (exportedkeymat != NULL) {
-            if (!SSL_export_keying_material(s, exportedkeymat,
-                                            keymatexportlen,
-                                            keymatexportlabel,
-                                            strlen(keymatexportlabel),
-                                            NULL, 0, 0)) {
-                BIO_printf(bio, "    Error\n");
-            } else {
-                BIO_printf(bio, "    Keying material: ");
-                for (i = 0; i < keymatexportlen; i++)
-                    BIO_printf(bio, "%02X", exportedkeymat[i]);
-                BIO_printf(bio, "\n");
-            }
-            OPENSSL_free(exportedkeymat);
+        exportedkeymat = app_malloc(keymatexportlen, "export key");
+        if (!SSL_export_keying_material(s, exportedkeymat,
+                                        keymatexportlen,
+                                        keymatexportlabel,
+                                        strlen(keymatexportlabel),
+                                        NULL, 0, 0)) {
+            BIO_printf(bio, "    Error\n");
+        } else {
+            BIO_printf(bio, "    Keying material: ");
+            for (i = 0; i < keymatexportlen; i++)
+                BIO_printf(bio, "%02X", exportedkeymat[i]);
+            BIO_printf(bio, "\n");
         }
+        OPENSSL_free(exportedkeymat);
     }
     BIO_printf(bio, "---\n");
     X509_free(peer);
diff --git a/apps/s_server.c b/apps/s_server.c
index f8bec24..21d2d37 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -447,6 +447,7 @@ static BIO_METHOD methods_ebcdic = {
     ebcdic_free,
 };
 
+/* This struct is "unwarranted chumminess with the compiler." */
 typedef struct {
     size_t alloced;
     char buff[1];
@@ -461,9 +462,7 @@ static int ebcdic_new(BIO *bi)
 {
     EBCDIC_OUTBUFF *wbuf;
 
-    wbuf = OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
-    if (!wbuf)
-        return 0;
+    wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + 1024, "ebcdef wbuf");
     wbuf->alloced = 1024;
     wbuf->buff[0] = '\0';
 
@@ -518,9 +517,7 @@ static int ebcdic_write(BIO *b, const char *in, int inl)
         num = num + num;        /* double the size */
         if (num < inl)
             num = inl;
-        wbuf = OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
-        if (!wbuf)
-            return 0;
+        wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + num, "grow ebcdic wbuf");
         OPENSSL_free(b->ptr);
 
         wbuf->alloced = num;
@@ -2018,10 +2015,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
     struct timeval *timeoutp;
 #endif
 
-    if ((buf = OPENSSL_malloc(bufsize)) == NULL) {
-        BIO_printf(bio_err, "out of memory\n");
-        goto err;
-    }
+    buf = app_malloc(bufsize, "server buffer");
 #ifdef FIONBIO
     if (s_nbio) {
         unsigned long sl = 1;
@@ -2542,22 +2536,20 @@ static int init_ssl_connection(SSL *con)
         BIO_printf(bio_s_out, "Keying material exporter:\n");
         BIO_printf(bio_s_out, "    Label: '%s'\n", keymatexportlabel);
         BIO_printf(bio_s_out, "    Length: %i bytes\n", keymatexportlen);
-        exportedkeymat = OPENSSL_malloc(keymatexportlen);
-        if (exportedkeymat != NULL) {
-            if (!SSL_export_keying_material(con, exportedkeymat,
-                                            keymatexportlen,
-                                            keymatexportlabel,
-                                            strlen(keymatexportlabel),
-                                            NULL, 0, 0)) {
-                BIO_printf(bio_s_out, "    Error\n");
-            } else {
-                BIO_printf(bio_s_out, "    Keying material: ");
-                for (i = 0; i < keymatexportlen; i++)
-                    BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
-                BIO_printf(bio_s_out, "\n");
-            }
-            OPENSSL_free(exportedkeymat);
+        exportedkeymat = app_malloc(keymatexportlen, "export key");
+        if (!SSL_export_keying_material(con, exportedkeymat,
+                                        keymatexportlen,
+                                        keymatexportlabel,
+                                        strlen(keymatexportlabel),
+                                        NULL, 0, 0)) {
+            BIO_printf(bio_s_out, "    Error\n");
+        } else {
+            BIO_printf(bio_s_out, "    Keying material: ");
+            for (i = 0; i < keymatexportlen; i++)
+                BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
+            BIO_printf(bio_s_out, "\n");
         }
+        OPENSSL_free(exportedkeymat);
     }
 
     return (1);
@@ -2593,9 +2585,7 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
     int total_bytes = 0;
 #endif
 
-    buf = OPENSSL_malloc(bufsize);
-    if (buf == NULL)
-        return (0);
+    buf = app_malloc(bufsize, "server www buffer");
     io = BIO_new(BIO_f_buffer());
     ssl_bio = BIO_new(BIO_f_ssl());
     if ((io == NULL) || (ssl_bio == NULL))
@@ -2962,9 +2952,7 @@ static int rev_body(char *hostname, int s, int stype, unsigned char *context)
     KSSL_CTX *kctx;
 #endif
 
-    buf = OPENSSL_malloc(bufsize);
-    if (buf == NULL)
-        return (0);
+    buf = app_malloc(bufsize, "server rev buffer");
     io = BIO_new(BIO_f_buffer());
     ssl_bio = BIO_new(BIO_f_ssl());
     if ((io == NULL) || (ssl_bio == NULL))
@@ -3161,15 +3149,9 @@ static simple_ssl_session *first = NULL;
 
 static int add_session(SSL *ssl, SSL_SESSION *session)
 {
-    simple_ssl_session *sess;
+    simple_ssl_session *sess = app_malloc(sizeof *sess, "get session");
     unsigned char *p;
 
-    sess = OPENSSL_malloc(sizeof(simple_ssl_session));
-    if (!sess) {
-        BIO_printf(bio_err, "Out of memory adding to external cache\n");
-        return 0;
-    }
-
     SSL_SESSION_get_id(session, &sess->idlen);
     sess->derlen = i2d_SSL_SESSION(session, NULL);
     if (sess->derlen < 0) {
@@ -3179,8 +3161,8 @@ static int add_session(SSL *ssl, SSL_SESSION *session)
     }
 
     sess->id = BUF_memdup(SSL_SESSION_get_id(session, NULL), sess->idlen);
-    sess->der = OPENSSL_malloc(sess->derlen);
-    if (!sess->id || !sess->der) {
+    sess->der = app_malloc(sess->derlen, "get session buffer");
+    if (!sess->id) {
         BIO_printf(bio_err, "Out of memory adding to external cache\n");
         OPENSSL_free(sess->id);
         OPENSSL_free(sess->der);
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 050426a..caa5b61 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -562,11 +562,7 @@ static int do_accept(int acc_sock, int *sock, char **host)
         *host = NULL;
         /* return(0); */
     } else {
-        if ((*host = OPENSSL_malloc(strlen(h1->h_name) + 1)) == NULL) {
-            perror("OPENSSL_malloc");
-            closesocket(ret);
-            return (0);
-        }
+        *host = app_malloc(strlen(h1->h_name) + 1, "copy hostname");
         BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
 
         h2 = GetHostByName(*host);
diff --git a/apps/speed.c b/apps/speed.c
index 7dfdda8..720ab1c 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -791,17 +791,9 @@ int speed_main(int argc, char **argv)
         ecdh_doit[i] = 0;
 #endif
 
-    if ((buf_malloc = OPENSSL_malloc((int)BUFSIZE + misalign)) == NULL) {
-        BIO_printf(bio_err, "out of memory\n");
-        goto end;
-    }
-    if ((buf2_malloc = OPENSSL_malloc((int)BUFSIZE + misalign)) == NULL) {
-        BIO_printf(bio_err, "out of memory\n");
-        goto end;
-    }
+    buf = buf_malloc = app_malloc((int)BUFSIZE + misalign, "input buffer");
+    buf2 = buf2_malloc = app_malloc((int)BUFSIZE + misalign, "output buffer");
     misalign = 0;
-    buf = buf_malloc;
-    buf2 = buf2_malloc;
 
     prog = opt_init(argc, argv, speed_options);
     while ((o = opt_next()) != OPT_EOF) {
@@ -2452,13 +2444,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
     EVP_CIPHER_CTX ctx;
     double d = 0.0;
 
-    inp = OPENSSL_malloc(mblengths[num - 1]);
-    out = OPENSSL_malloc(mblengths[num - 1] + 1024);
-    if (!inp || !out) {
-        BIO_printf(bio_err, "Out of memory\n");
-        goto end;
-    }
-
+    inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
+    out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
     EVP_CIPHER_CTX_init(&ctx);
     EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, no_key, no_iv);
     EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key),
@@ -2541,7 +2528,6 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
         fprintf(stdout, "\n");
     }
 
-end:
     if (inp)
         OPENSSL_free(inp);
     if (out)
diff --git a/apps/srp.c b/apps/srp.c
index bbbe1a9..b984c14 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -138,11 +138,7 @@ static int update_index(CA_DB *db, char **row)
     char **irow;
     int i;
 
-    if ((irow = OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
-        BIO_printf(bio_err, "Memory allocation failure\n");
-        return 0;
-    }
-
+    irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row pointers");
     for (i = 0; i < DB_NUMBER; i++) {
         irow[i] = row[i];
         row[i] = NULL;
@@ -363,23 +359,12 @@ int srp_main(int argc, char **argv)
             configfile = getenv("SSLEAY_CONF");
         if (configfile == NULL) {
             const char *s = X509_get_default_cert_area();
-            size_t len;
+            size_t len = strlen(s) + 1 + sizeof(CONFIG_FILE);
 
+            tofree = app_malloc(len, "config filename space");
 # ifdef OPENSSL_SYS_VMS
-            len = strlen(s) + sizeof(CONFIG_FILE);
-            tofree = OPENSSL_malloc(len);
-            if (!tofree) {
-                BIO_printf(bio_err, "Out of memory\n");
-                goto end;
-            }
             strcpy(tofree, s);
 # else
-            len = strlen(s) + sizeof(CONFIG_FILE) + 1;
-            tofree = OPENSSL_malloc(len);
-            if (!tofree) {
-                BIO_printf(bio_err, "Out of memory\n");
-                goto end;
-            }
             BUF_strlcpy(tofree, s, len);
             BUF_strlcat(tofree, "/", len);
 # endif
diff --git a/apps/ts.c b/apps/ts.c
index e0f4313..3cfdc79 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -576,10 +576,7 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md,
         unsigned char buffer[4096];
         int length;
 
-        *md_value = OPENSSL_malloc(md_value_len);
-        if (*md_value == 0)
-            goto err;
-
+        *md_value = app_malloc(md_value_len, "digest buffer");
         EVP_DigestInit(&md_ctx, md);
         while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
             EVP_DigestUpdate(&md_ctx, buffer, length);
@@ -624,8 +621,7 @@ static ASN1_INTEGER *create_nonce(int bits)
     OPENSSL_free(nonce->data);
     /* Allocate at least one byte. */
     nonce->length = len - i;
-    if (!(nonce->data = OPENSSL_malloc(nonce->length + 1)))
-        goto err;
+    nonce->data = app_malloc(nonce->length + 1, "nonce buffer");
     memcpy(nonce->data, buf + i, nonce->length);
 
     return nonce;
diff --git a/apps/vms_decc_init.c b/apps/vms_decc_init.c
index 1717dae..3ec7b54 100644
--- a/apps/vms_decc_init.c
+++ b/apps/vms_decc_init.c
@@ -130,7 +130,7 @@ char **copy_argv(int *argc, char *argv[])
      */
 
     int i, count = *argc;
-    char **newargv = OPENSSL_malloc((count + 1) * sizeof *newargv);
+    char **newargv = app_malloc((count + 1) * sizeof *newargv, "argv copy");
 
     for (i = 0; i < count; i++)
         newargv[i] = argv[i];
diff --git a/apps/x509.c b/apps/x509.c
index e1cc3cd..5418cce 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -783,12 +783,7 @@ int x509_main(int argc, char **argv)
                                 " */\n", buf);
 
                 len = i2d_X509(x, NULL);
-                m = OPENSSL_malloc(len);
-                if (!m) {
-                    BIO_printf(bio_err, "Out of memory\n");
-                    goto end;
-                }
-
+                m = app_malloc(len, "x509 name buffer");
                 d = (unsigned char *)m;
                 len = i2d_X509_NAME(X509_get_subject_name(x), &d);
                 print_array(out, "the_subject_name", len, (unsigned char *)m);
@@ -976,11 +971,7 @@ static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile,
     len = ((serialfile == NULL)
            ? (strlen(CAfile) + strlen(POSTFIX) + 1)
            : (strlen(serialfile))) + 1;
-    buf = OPENSSL_malloc(len);
-    if (buf == NULL) {
-        BIO_printf(bio_err, "out of mem\n");
-        goto end;
-    }
+    buf = app_malloc(len, "serial# buffer");
     if (serialfile == NULL) {
         BUF_strlcpy(buf, CAfile, len);
         for (p = buf; *p; p++)


More information about the openssl-commits mailing list