[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Matt Caswell matt at openssl.org
Tue Mar 17 14:05:00 UTC 2015


The branch OpenSSL_1_0_1-stable has been updated
       via  6a43243d1d54a8bc4056eab76237e7d474edaafc (commit)
       via  f08731cd82566d14275b7749ca553bdd7f6267f3 (commit)
       via  f4b8760056ebc6d22666652fc34dc9ad8577856c (commit)
       via  d3554bff69d97b15fef063bdb0176a0b68021325 (commit)
       via  3f9117e161246f2f09754e277f2c986a840c1f74 (commit)
      from  eadc81e7dd3fde473a9e38a57b4c29cf6b699110 (commit)


- Log -----------------------------------------------------------------
commit 6a43243d1d54a8bc4056eab76237e7d474edaafc
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 12 16:42:55 2015 +0000

    Fix seg fault in s_time
    
    Passing a negative value for the "-time" option to s_time results in a seg
    fault. This commit fixes it so that time has to be greater than 0.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (cherry picked from commit dfef52f6f277327e118fdd0fe34486852c2789b6)

commit f08731cd82566d14275b7749ca553bdd7f6267f3
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 12 14:37:26 2015 +0000

    Add sanity check to PRF
    
    The function tls1_PRF counts the number of digests in use and partitions
    security evenly between them. There always needs to be at least one digest
    in use, otherwise this is an internal error. Add a sanity check for this.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (cherry picked from commit 668f6f08c62177ab5893fc26ebb67053aafdffc8)

commit f4b8760056ebc6d22666652fc34dc9ad8577856c
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 12 12:54:44 2015 +0000

    Fix memset call in stack.c
    
    The function sk_zero is supposed to zero the elements held within a stack.
    It uses memset to do this. However it calculates the size of each element
    as being sizeof(char **) instead of sizeof(char *). This probably doesn't
    make much practical difference in most cases, but isn't a portable
    assumption.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (cherry picked from commit 7132ac830fa08d9a936e011d7c541b0c52115b33)

commit d3554bff69d97b15fef063bdb0176a0b68021325
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 12 11:25:03 2015 +0000

    Move malloc fail checks closer to malloc
    
    Move memory allocation failure checks closer to the site of the malloc in
    dgst app. Only a problem if the debug flag is set...but still should be
    fixed.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    (cherry picked from commit be1477adc97e76f4b83ed8075589f529069bd5d1)

commit 3f9117e161246f2f09754e277f2c986a840c1f74
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 12 11:10:47 2015 +0000

    Add malloc failure checks
    
    Add some missing checks for memory allocation failures in ca app.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    (cherry picked from commit a561bfe944c0beba73551731cb98af70dfee3549)

-----------------------------------------------------------------------

Summary of changes:
 apps/ca.c            | 13 +++++++++++++
 apps/dgst.c          | 10 +++++-----
 apps/s_time.c        |  7 ++++++-
 crypto/stack/stack.c |  2 +-
 ssl/t1_enc.c         |  5 +++++
 5 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index 055548a..5d29a64 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -2803,6 +2803,11 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
     ASN1_GENERALIZEDTIME *comp_time = NULL;
     tmp = BUF_strdup(str);
 
+    if(!tmp) {
+        BIO_printf(bio_err, "memory allocation failure\n");
+        goto err;
+    }
+
     p = strchr(tmp, ',');
 
     rtime_str = tmp;
@@ -2820,6 +2825,10 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
 
     if (prevtm) {
         *prevtm = ASN1_UTCTIME_new();
+        if(!*prevtm) {
+            BIO_printf(bio_err, "memory allocation failure\n");
+            goto err;
+        }
         if (!ASN1_UTCTIME_set_string(*prevtm, rtime_str)) {
             BIO_printf(bio_err, "invalid revocation date %s\n", rtime_str);
             goto err;
@@ -2860,6 +2869,10 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
                 goto err;
             }
             comp_time = ASN1_GENERALIZEDTIME_new();
+            if(!comp_time) {
+                BIO_printf(bio_err, "memory allocation failure\n");
+                goto err;
+            }
             if (!ASN1_GENERALIZEDTIME_set_string(comp_time, arg_str)) {
                 BIO_printf(bio_err, "invalid compromised time %s\n", arg_str);
                 goto err;
diff --git a/apps/dgst.c b/apps/dgst.c
index 8459c19..ad2f234 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -287,6 +287,11 @@ int MAIN(int argc, char **argv)
 
     in = BIO_new(BIO_s_file());
     bmd = BIO_new(BIO_f_md());
+    if ((in == NULL) || (bmd == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
     if (debug) {
         BIO_set_callback(in, BIO_debug_callback);
         /* needed for windows 3.1 */
@@ -298,11 +303,6 @@ int MAIN(int argc, char **argv)
         goto end;
     }
 
-    if ((in == NULL) || (bmd == NULL)) {
-        ERR_print_errors(bio_err);
-        goto end;
-    }
-
     if (out_bin == -1) {
         if (keyfile)
             out_bin = 1;
diff --git a/apps/s_time.c b/apps/s_time.c
index 5846f3a..a40997a 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -302,6 +302,10 @@ static int parseArgs(int argc, char **argv)
             if (--argc < 1)
                 goto bad;
             maxTime = atoi(*(++argv));
+            if(maxTime <= 0) {
+                BIO_printf(bio_err, "time must be > 0\n");
+                badop = 1;
+            }
         } else {
             BIO_printf(bio_err, "unknown option %s\n", *argv);
             badop = 1;
@@ -550,7 +554,8 @@ int MAIN(int argc, char **argv)
          nConn, totalTime, ((double)nConn / totalTime), bytes_read);
     printf
         ("%d connections in %ld real seconds, %ld bytes read per connection\n",
-         nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);
+         nConn, (long)time(NULL) - finishtime + maxTime,
+         bytes_read / (nConn?nConn:1));
 
     ret = 0;
  end:
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index fbe9d6e..331f907 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -278,7 +278,7 @@ void sk_zero(_STACK *st)
         return;
     if (st->num <= 0)
         return;
-    memset((char *)st->data, 0, sizeof(st->data) * st->num);
+    memset((char *)st->data, 0, sizeof(*st->data) * st->num);
     st->num = 0;
 }
 
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index fa1c002..4e2845f 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -261,6 +261,11 @@ static int tls1_PRF(long digest_mask,
         if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
             count++;
     }
+    if(!count) {
+        /* Should never happen */
+        SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
     len = slen / count;
     if (count == 1)
         slen = 0;


More information about the openssl-commits mailing list