[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Mon Nov 9 23:02:39 UTC 2015
The branch OpenSSL_1_0_1-stable has been updated
via 84d0c40f3fbcb9e3067cbbc2f01bd965e587c178 (commit)
from c8cc43108d97517dfce25a114acd5651f5548cd5 (commit)
- Log -----------------------------------------------------------------
commit 84d0c40f3fbcb9e3067cbbc2f01bd965e587c178
Author: Matt Caswell <matt at openssl.org>
Date: Wed Nov 4 15:51:02 2015 +0000
Fix missing malloc return value checks
During work on a larger change in master a number of locations were
identified where return value checks were missing. This backports the
relevant fixes.
Reviewed-by: Richard Levitte <levitte at openssl.org>
(cherry picked from commit 903738ac63e60c10552741e2d6de9753c67e0ff3)
Conflicts:
crypto/cms/cms_sd.c
-----------------------------------------------------------------------
Summary of changes:
apps/ca.c | 2 ++
crypto/cms/cms_pwri.c | 3 +++
crypto/engine/eng_cryptodev.c | 7 +++++--
crypto/evp/evp_key.c | 2 ++
crypto/jpake/jpake.c | 4 ++++
crypto/pem/pem_info.c | 6 ++++++
crypto/pkcs7/pk7_doit.c | 2 ++
crypto/x509v3/v3_cpols.c | 4 ++++
crypto/x509v3/v3_ncons.c | 2 ++
engines/e_chil.c | 4 ++++
ssl/s3_clnt.c | 5 +++++
ssl/s3_srvr.c | 10 ++++++++++
12 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/apps/ca.c b/apps/ca.c
index 73846de..4d64eb2 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -2514,6 +2514,8 @@ static int do_updatedb(CA_DB *db)
char **rrow, *a_tm_s;
a_tm = ASN1_UTCTIME_new();
+ if (a_tm == NULL)
+ return -1;
/* get actual time and make a string */
a_tm = X509_gmtime_adj(a_tm, 0);
diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c
index a8322dc..b91c016 100644
--- a/crypto/cms/cms_pwri.c
+++ b/crypto/cms/cms_pwri.c
@@ -121,6 +121,9 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
/* Setup algorithm identifier for cipher */
encalg = X509_ALGOR_new();
+ if (encalg == NULL) {
+ goto merr;
+ }
EVP_CIPHER_CTX_init(&ctx);
if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index bcb936d..a8a24d0 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -1230,15 +1230,18 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
BN_num_bytes(dsa->q), s) == 0) {
dsaret = DSA_SIG_new();
+ if (dsaret == NULL)
+ goto err;
dsaret->r = r;
dsaret->s = s;
+ r = s = NULL;
} else {
const DSA_METHOD *meth = DSA_OpenSSL();
- BN_free(r);
- BN_free(s);
dsaret = (meth->dsa_do_sign) (dgst, dlen, dsa);
}
err:
+ BN_free(r);
+ BN_free(s);
kop.crk_param[0].crp_p = NULL;
zapparams(&kop);
return (dsaret);
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 122bc28..5be9e33 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -104,6 +104,8 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
if ((prompt == NULL) && (prompt_string[0] != '\0'))
prompt = prompt_string;
ui = UI_new();
+ if (ui == NULL)
+ return -1;
UI_add_input_string(ui, prompt, 0, buf, min,
(len >= BUFSIZ) ? BUFSIZ - 1 : len);
if (verify)
diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c
index ed2e888..ac853d4 100644
--- a/crypto/jpake/jpake.c
+++ b/crypto/jpake/jpake.c
@@ -218,6 +218,9 @@ static int verify_zkp(const JPAKE_STEP_PART *p, const BIGNUM *zkpg,
BIGNUM *t3 = BN_new();
int ret = 0;
+ if (h == NULL || t1 == NULL || t2 == NULL || t3 == NULL)
+ goto end;
+
zkp_hash(h, zkpg, p, ctx->p.peer_name);
/* t1 = g^b */
@@ -233,6 +236,7 @@ static int verify_zkp(const JPAKE_STEP_PART *p, const BIGNUM *zkpg,
else
JPAKEerr(JPAKE_F_VERIFY_ZKP, JPAKE_R_ZKP_VERIFY_FAILED);
+end:
/* cleanup */
BN_free(t3);
BN_free(t2);
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 68747d1..4d736a1 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -172,6 +172,8 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
xi->enc_len = 0;
xi->x_pkey = X509_PKEY_new();
+ if (xi->x_pkey == NULL)
+ goto err;
ptype = EVP_PKEY_RSA;
pp = &xi->x_pkey->dec_pkey;
if ((int)strlen(header) > 10) /* assume encrypted */
@@ -193,6 +195,8 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
xi->enc_len = 0;
xi->x_pkey = X509_PKEY_new();
+ if (xi->x_pkey == NULL)
+ goto err;
ptype = EVP_PKEY_DSA;
pp = &xi->x_pkey->dec_pkey;
if ((int)strlen(header) > 10) /* assume encrypted */
@@ -214,6 +218,8 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
xi->enc_len = 0;
xi->x_pkey = X509_PKEY_new();
+ if (xi->x_pkey == NULL)
+ goto err;
ptype = EVP_PKEY_EC;
pp = &xi->x_pkey->dec_pkey;
if ((int)strlen(header) > 10) /* assume encrypted */
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 83f3b77..946aaa6 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -656,6 +656,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
bio = BIO_new_mem_buf(data_body->data, data_body->length);
else {
bio = BIO_new(BIO_s_mem());
+ if (bio == NULL)
+ goto err;
BIO_set_mem_eof_return(bio, 0);
}
if (bio == NULL)
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 0febc1b..d97f622 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -186,6 +186,10 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
goto err;
}
pol = POLICYINFO_new();
+ if (pol == NULL) {
+ X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
pol->policyid = pobj;
}
if (!sk_POLICYINFO_push(pols, pol)) {
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index b97ed27..2855269 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -132,6 +132,8 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
}
tval.value = val->value;
sub = GENERAL_SUBTREE_new();
+ if (sub == NULL)
+ goto memerr;
if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1))
goto err;
if (!*ptree)
diff --git a/engines/e_chil.c b/engines/e_chil.c
index 69d49d7..72d14fe 100644
--- a/engines/e_chil.c
+++ b/engines/e_chil.c
@@ -839,6 +839,10 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
bn_fix_top(rtmp->n);
res = EVP_PKEY_new();
+ if (res == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+ goto err;
+ }
EVP_PKEY_assign_RSA(res, rtmp);
# endif
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 104349e..28df7ca 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2825,6 +2825,11 @@ int ssl3_send_client_key_exchange(SSL *s)
pkey_ctx = EVP_PKEY_CTX_new(pub_key =
X509_get_pubkey(peer_cert), NULL);
+ if (pkey_ctx == NULL) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
/*
* If we have send a certificate, and certificate key
*
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index aa57937..e45fc4e 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2878,6 +2878,11 @@ int ssl3_get_client_key_exchange(SSL *s)
pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);
+ if (pkey_ctx == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
EVP_PKEY_decrypt_init(pkey_ctx);
/*
* If client certificate is present and is of the same type, maybe
@@ -3122,6 +3127,11 @@ int ssl3_get_cert_verify(SSL *s)
unsigned char signature[64];
int idx;
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
+ if (pctx == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
EVP_PKEY_verify_init(pctx);
if (i != 64) {
fprintf(stderr, "GOST signature length is %d", i);
More information about the openssl-commits
mailing list