[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Thu Apr 28 12:15:23 UTC 2016
The branch master has been updated
via b3bd3d5af8ed31f438db4367ce3a4bd43067e764 (commit)
via 34b9acbd3f81b46967f692c0af49020c8c405746 (commit)
via 5e8129f278f5358243b4a8b3651e795d6a32696d (commit)
via d54ac5c4bfcb75967960492de31a83fbc7c46673 (commit)
via 460c5e1d2f7388216f12d345d13202381b30e2a3 (commit)
via 8e588e2812f82419fb177e42480b4edffc676070 (commit)
via 204cf9406e8f8cd1e3748e69a19e35bf0c224443 (commit)
via a4e584a610e4a73f1fd7edef7e5b301c0be18bbf (commit)
via f08e8034505ae69d6b986f20a63b705d1f012744 (commit)
via 2280358146b620647c51a5b940dd9104c4ea3a3f (commit)
via 29f4c357f045562d7eb7837ae890efc1bf4809a2 (commit)
via d71eb667c403d9781ef919794e29a79eb930ab88 (commit)
via 91fb42ddbef7a88640d1a0f853c941c20df07de7 (commit)
via b0b6ba2d11ce4188e32be50c9e87672c67183616 (commit)
via df0f2759220f825efe1a77eae9e658fe37cc89c3 (commit)
from 2bd8c8539595b8708e825d306a45ddddc17c915c (commit)
- Log -----------------------------------------------------------------
commit b3bd3d5af8ed31f438db4367ce3a4bd43067e764
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:22:20 2016 +0100
Don't leak memory on error path in dane_ctx_enable()
The function dane_ctx_enable() allocated some memory that it did not
free in an error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 34b9acbd3f81b46967f692c0af49020c8c405746
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:17:33 2016 +0100
Free an ASN1_OBJECT in an error path
The r2i_certpol() function allocates an ASN1_OBJECT but can fail to free
it in an error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 5e8129f278f5358243b4a8b3651e795d6a32696d
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:13:59 2016 +0100
Don't leak an ASN1_OCTET_STRING on error in rsa_cms_encrypt
The rsa_cms_encrypt() function allocates an ASN1_OCTET_STRING but can
then fail to free it in an error condition.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit d54ac5c4bfcb75967960492de31a83fbc7c46673
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:09:35 2016 +0100
Free memory on error in PKCS7_dataFinal()
The PKCS7_dataFinal() function allocates a memory buffer but then fails
to free it on an error condition.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 460c5e1d2f7388216f12d345d13202381b30e2a3
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:06:40 2016 +0100
Don't leak memory on error in PKCS12_key_gen_uni
The PKCS12_key_gen_uni() had one error path which did not free memory
correctly.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 8e588e2812f82419fb177e42480b4edffc676070
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:00:37 2016 +0100
Don't leak memory on error in i2b_PVK
The i2b_PVK function leaked a number of different memory allocations on
error paths (and even some non-error paths).
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 204cf9406e8f8cd1e3748e69a19e35bf0c224443
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 13:52:37 2016 +0100
Don't leak memory on error in b2i_rsa
The b2i_rsa() function uses a number of temporary local variables which
get leaked on an error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit a4e584a610e4a73f1fd7edef7e5b301c0be18bbf
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 13:40:52 2016 +0100
Don't leak resource on error in OCSP_url_svcloc_new
On error we could leak a ACCESS_DESCRIPTION and an ASN1_IA5STRING. Both
should be freed in the error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit f08e8034505ae69d6b986f20a63b705d1f012744
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 13:32:58 2016 +0100
Check that we were actually allocated BIGNUMs in dsa_builtin_paramgen2
Calls to BN_CTX_get() can fail so we should check that they were
successful.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 2280358146b620647c51a5b940dd9104c4ea3a3f
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 13:22:29 2016 +0100
Don't leak EVP_MD_CTX on error path
The cms_SignerInfo_content_sign() function allocated an EVP_MD_CTX but
then failed to free it on an error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 29f4c357f045562d7eb7837ae890efc1bf4809a2
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 13:18:38 2016 +0100
Don't leak memory on error in cms_RecipientInfo_pwri_crypt
The cms_RecipientInfo_pwri_crypt() allocated an EVP_CIPHER_CTX but then
failed to free it in some error paths. By allocating it a bit later that
can be avoided.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit d71eb667c403d9781ef919794e29a79eb930ab88
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 12:59:19 2016 +0100
Don't leak memory on error in BN_generate_prime_ex
In BN_generate_prime_ex() we do some sanity checks first and return
with an error if they fail. We should do that *before* allocating any
resources to avoid a memory leak.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 91fb42ddbef7a88640d1a0f853c941c20df07de7
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 12:55:44 2016 +0100
Free a BIGNUM on error in BN_mpi2bn
In the BN_mpi2bn() function, a failure of a call to BN_bin2bn() could
result in the leak of a previously allocated BIGNUM value.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit b0b6ba2d11ce4188e32be50c9e87672c67183616
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 12:52:29 2016 +0100
Don't leak memory on failure to create a mem BIO
During construction of a mem BIO we allocate some resources. If this
allocation fails we can end up leaking everything we have allocated so
far.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit df0f2759220f825efe1a77eae9e658fe37cc89c3
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 12:46:51 2016 +0100
Close the accept socket on error
When setting an accepted socket for non-blocking, if the operation fails
make sure we close the accepted socket.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/bio/b_sock2.c | 4 +++-
crypto/bio/bss_mem.c | 17 +++++++++++------
crypto/bn/bn_mpi.c | 16 +++++++++-------
crypto/bn/bn_prime.c | 7 ++++---
crypto/cms/cms_pwri.c | 10 +++++++---
crypto/cms/cms_sd.c | 2 +-
crypto/dsa/dsa_gen.c | 2 ++
crypto/ocsp/ocsp_ext.c | 4 ++++
crypto/pem/pvkfmt.c | 32 +++++++++++++++++++++++---------
crypto/pkcs12/p12_key.c | 2 +-
crypto/pkcs7/pk7_doit.c | 1 +
crypto/rsa/rsa_ameth.c | 3 ++-
crypto/x509v3/v3_cpols.c | 1 +
ssl/ssl_lib.c | 1 +
14 files changed, 70 insertions(+), 32 deletions(-)
diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c
index 9f092fc..e876e07 100644
--- a/crypto/bio/b_sock2.c
+++ b/crypto/bio/b_sock2.c
@@ -294,8 +294,10 @@ int BIO_accept_ex(int accept_sock, BIO_ADDR *addr_, int options)
return INVALID_SOCKET;
}
- if (!BIO_socket_nbio(accepted_sock, (options & BIO_SOCK_NONBLOCK) != 0))
+ if (!BIO_socket_nbio(accepted_sock, (options & BIO_SOCK_NONBLOCK) != 0)) {
+ closesocket(accepted_sock);
return INVALID_SOCKET;
+ }
return accepted_sock;
}
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 46bd034..3b6f173 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -150,17 +150,22 @@ static int mem_init(BIO *bi, unsigned long flags)
BIO_BUF_MEM *bb = OPENSSL_zalloc(sizeof(*bb));
if (bb == NULL)
- return(0);
- if ((bb->buf = BUF_MEM_new_ex(flags)) == NULL)
- return(0);
- if ((bb->readp = OPENSSL_zalloc(sizeof(*bb->readp))) == NULL)
- return(0);
+ return 0;
+ if ((bb->buf = BUF_MEM_new_ex(flags)) == NULL) {
+ OPENSSL_free(bb);
+ return 0;
+ }
+ if ((bb->readp = OPENSSL_zalloc(sizeof(*bb->readp))) == NULL) {
+ BUF_MEM_free(bb->buf);
+ OPENSSL_free(bb);
+ return 0;
+ }
*bb->readp = *bb->buf;
bi->shutdown = 1;
bi->init = 1;
bi->num = -1;
bi->ptr = (char *)bb;
- return(1);
+ return 1;
}
static int mem_new(BIO *bi)
diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c
index 80d105d..86d9675 100644
--- a/crypto/bn/bn_mpi.c
+++ b/crypto/bn/bn_mpi.c
@@ -94,34 +94,36 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
if (n < 4) {
BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
- return (NULL);
+ return NULL;
}
len = ((long)d[0] << 24) | ((long)d[1] << 16) | ((int)d[2] << 8) | (int)
d[3];
if ((len + 4) != n) {
BNerr(BN_F_BN_MPI2BN, BN_R_ENCODING_ERROR);
- return (NULL);
+ return NULL;
}
if (a == NULL)
a = BN_new();
if (a == NULL)
- return (NULL);
+ return NULL;
if (len == 0) {
a->neg = 0;
a->top = 0;
- return (a);
+ return a;
}
d += 4;
if ((*d) & 0x80)
neg = 1;
- if (BN_bin2bn(d, (int)len, a) == NULL)
- return (NULL);
+ if (BN_bin2bn(d, (int)len, a) == NULL) {
+ BN_free(a);
+ return NULL;
+ }
a->neg = neg;
if (neg) {
BN_clear_bit(a, BN_num_bits(a) - 1);
}
bn_check_top(a);
- return (a);
+ return a;
}
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index a5887d9..e8eafbc 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -208,9 +208,6 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
prime_t *mods = NULL;
int checks = BN_prime_checks_for_size(bits);
- mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES);
- if (mods == NULL)
- goto err;
if (bits < 2) {
/* There are no prime numbers this small. */
BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
@@ -221,6 +218,10 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
return 0;
}
+ mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES);
+ if (mods == NULL)
+ goto err;
+
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c
index 5ab20e2..3e1328c 100644
--- a/crypto/cms/cms_pwri.c
+++ b/crypto/cms/cms_pwri.c
@@ -323,7 +323,7 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
CMS_PasswordRecipientInfo *pwri;
int r = 0;
X509_ALGOR *algtmp, *kekalg = NULL;
- EVP_CIPHER_CTX *kekctx;
+ EVP_CIPHER_CTX *kekctx = NULL;
const EVP_CIPHER *kekcipher;
unsigned char *key = NULL;
size_t keylen;
@@ -331,7 +331,6 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
ec = cms->d.envelopedData->encryptedContentInfo;
pwri = ri->d.pwri;
- kekctx = EVP_CIPHER_CTX_new();
if (!pwri->pass) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
@@ -358,9 +357,14 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
if (!kekcipher) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
- goto err;
+ return 0;
}
+ kekctx = EVP_CIPHER_CTX_new();
+ if (kekctx == NULL) {
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
/* Fixup cipher based on AlgorithmIdentifier to set IV etc */
if (!EVP_CipherInit_ex(kekctx, kekcipher, NULL, NULL, NULL, en_de))
goto err;
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 151f40f..e4739b3 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -588,7 +588,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
if (!si->pkey) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
- return 0;
+ goto err;
}
if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index c278d98..d97a06b 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -406,6 +406,8 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
X = BN_CTX_get(ctx);
c = BN_CTX_get(ctx);
test = BN_CTX_get(ctx);
+ if (test == NULL)
+ goto err;
/* if p, q already supplied generate g only */
if (ret->p && ret->q) {
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
index 854da8e..030ddf9 100644
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -509,12 +509,16 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
goto err;
ad->location->type = GEN_URI;
ad->location->d.ia5 = ia5;
+ ia5 = NULL;
if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad))
goto err;
+ ad = NULL;
urls++;
}
x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
err:
+ ASN1_IA5STRING_free(ia5);
+ ACCESS_DESCRIPTION_free(ad);
OCSP_SERVICELOC_free(sloc);
return x;
}
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 634cc59..e7ee6dd 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -356,6 +356,7 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
const unsigned char *pin = *in;
EVP_PKEY *ret = NULL;
BIGNUM *e = NULL, *n = NULL, *d = NULL;
+ BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
RSA *rsa = NULL;
unsigned int nbyte, hnbyte;
nbyte = (bitlen + 7) >> 3;
@@ -372,7 +373,6 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
if (!read_lebn(&pin, nbyte, &n))
goto memerr;
if (!ispub) {
- BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
if (!read_lebn(&pin, hnbyte, &p))
goto memerr;
if (!read_lebn(&pin, hnbyte, &q))
@@ -396,6 +396,14 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
return ret;
memerr:
PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
+ BN_free(e);
+ BN_free(n);
+ BN_free(p);
+ BN_free(q);
+ BN_free(dmp1);
+ BN_free(dmq1);
+ BN_free(iqmp);
+ BN_free(d);
RSA_free(rsa);
EVP_PKEY_free(ret);
return NULL;
@@ -799,26 +807,29 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
{
int outlen = 24, pklen;
unsigned char *p, *salt = NULL;
- EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX *cctx = NULL;
if (enclevel)
outlen += PVK_SALTLEN;
pklen = do_i2b(NULL, pk, 0);
if (pklen < 0)
return -1;
outlen += pklen;
- if (!out)
+ if (out == NULL)
return outlen;
- if (*out)
+ if (*out != NULL) {
p = *out;
- else {
+ } else {
p = OPENSSL_malloc(outlen);
if (p == NULL) {
PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
return -1;
}
- *out = p;
}
+ cctx = EVP_CIPHER_CTX_new();
+ if (cctx == NULL)
+ return -1;
+
write_ledword(&p, MS_PVKMAGIC);
write_ledword(&p, 0);
if (EVP_PKEY_id(pk) == EVP_PKEY_DSA)
@@ -835,9 +846,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
p += PVK_SALTLEN;
}
do_i2b(&p, pk, 0);
- if (enclevel == 0)
- return outlen;
- else {
+ if (enclevel != 0) {
char psbuf[PEM_BUFSIZE];
unsigned char keybuf[20];
int enctmplen, inlen;
@@ -863,7 +872,12 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen))
goto error;
}
+
EVP_CIPHER_CTX_free(cctx);
+
+ if (*out == NULL)
+ *out = p;
+
return outlen;
error:
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 6a9a325..1a1ea70 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -129,7 +129,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
v = EVP_MD_block_size(md_type);
u = EVP_MD_size(md_type);
if (u < 0)
- return 0;
+ goto err;
D = OPENSSL_malloc(v);
Ai = OPENSSL_malloc(u);
B = OPENSSL_malloc(v + 1);
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 9d66fc4..72bd54d 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -808,6 +808,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
goto err;
if (!EVP_SignFinal(ctx_tmp, abuf, &abuflen, si->pkey)) {
+ OPENSSL_free(abuf);
PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
goto err;
}
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 4ff2665..abb357e 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -849,10 +849,11 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))
goto err;
if (labellen > 0) {
- ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();
+ ASN1_OCTET_STRING *los;
oaep->pSourceFunc = X509_ALGOR_new();
if (oaep->pSourceFunc == NULL)
goto err;
+ los = ASN1_OCTET_STRING_new();
if (los == NULL)
goto err;
if (!ASN1_OCTET_STRING_set(los, label, labellen)) {
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index b4dd3ad..f1db67f 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -188,6 +188,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
pol = POLICYINFO_new();
if (pol == NULL) {
X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+ ASN1_OBJECT_free(pobj);
goto err;
}
pol->policyid = pobj;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f93b98f..99d88b3 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -215,6 +215,7 @@ static int dane_ctx_enable(struct dane_ctx_st *dctx)
mdord = OPENSSL_zalloc(n * sizeof(*mdord));
if (mdord == NULL || mdevp == NULL) {
+ OPENSSL_free(mdord);
OPENSSL_free(mdevp);
SSLerr(SSL_F_DANE_CTX_ENABLE, ERR_R_MALLOC_FAILURE);
return 0;
More information about the openssl-commits
mailing list