[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Wed Jun 1 17:02:45 UTC 2016
The branch master has been updated
via 723412d4d8c8466b1d90b8f348c2c8f24c692f59 (commit)
via 137e5555bd3d1dc4486619bc524502c55682a6f4 (commit)
via 423281001ce96d731361152f8f6c52a1fefc2660 (commit)
via 69e2bd32efb756b59cea75af22d869679c448e91 (commit)
via fe71bb3ad97ed01ccf92812891cc2bc3ef3dce76 (commit)
via 379a8ed1ffdbb0c8dbf89b2777b1b710f968db6e (commit)
via 6eb311eea6fca45495b3a48c396f5aa8e8f7e714 (commit)
via 97323d57cd6dbbd0c06383dea3cc1b90d11f2557 (commit)
via 1c422164d8343688b8356fcb26f6b7e06921433b (commit)
via a855d1a155dd88aaf136bdc1deb88e68558b94fd (commit)
via b0cb22b07c71c13412c633c816afb5afccdb84b7 (commit)
via 6e4ab54b93a161bed3d668315b13359b883caca4 (commit)
via 0e9eb1a57bd2e12eda7939f053240499f6169d74 (commit)
from ff3bb913cfe47104293138a17014d3bde9db5e32 (commit)
- Log -----------------------------------------------------------------
commit 723412d4d8c8466b1d90b8f348c2c8f24c692f59
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 28 14:00:10 2016 +0100
Don't leak memory on set_reasons() error path
The set_reasons() function in v3_crld.c leaks a STACK_OF(CONF_VALUE)
object on an error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 137e5555bd3d1dc4486619bc524502c55682a6f4
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 28 13:53:52 2016 +0100
Don't leak memory on int X509_PURPOSE_add() error path
The int X509_PURPOSE_add() function was leaking an X509_PURPOSE object
on error.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 423281001ce96d731361152f8f6c52a1fefc2660
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 28 13:46:31 2016 +0100
Don't leak memory on X509_TRUST_add() error path
The X509_TRUST_add() function was leaking an X509_TRUST object on error.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 69e2bd32efb756b59cea75af22d869679c448e91
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 17:19:01 2016 +0100
Don't leak memory on ASN1_item_pack() error path
The ASN1_item_pack() function was leaking an ASN1_STRING object on error
paths.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit fe71bb3ad97ed01ccf92812891cc2bc3ef3dce76
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 16:59:49 2016 +0100
Don't leak memory on ASN1_GENERALIZEDTIME_adj() error path
The ASN1_GENERALIZEDTIME_adj() function leaks an ASN1_GENERALIZEDTIME
object on an error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 379a8ed1ffdbb0c8dbf89b2777b1b710f968db6e
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 16:50:14 2016 +0100
Don't leak memory in v2i_POLICY_MAPPINGS() on error path
The v2i_POLICY_MAPPINGS() function leaked ASN1_OBJECT pointers on error
paths.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 6eb311eea6fca45495b3a48c396f5aa8e8f7e714
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 16:41:43 2016 +0100
Don't leak memory from notice_section function on error path
The notice_section() function allocates a STACK_OF(CONF_VALUE) but
then fails to free it on an error path.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 97323d57cd6dbbd0c06383dea3cc1b90d11f2557
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 15:03:26 2016 +0100
Don't leak memory in v2i_AUTHORITY_KEYID
The v2i_AUTHORITY_KEYID() function can leak memory under an error
condition.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 1c422164d8343688b8356fcb26f6b7e06921433b
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:59:35 2016 +0100
Fix memory leak in crl2pkcs7 app
The crl2pkcs7 app leaks a stack of OPENSSL_STRINGs in error paths.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit a855d1a155dd88aaf136bdc1deb88e68558b94fd
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:54:58 2016 +0100
Free a temporary buffer used by dsaparam application
The dsaparam application allocates a temporary buffer but then doesn't
free it.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit b0cb22b07c71c13412c633c816afb5afccdb84b7
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:50:32 2016 +0100
Free buffer on error in a2i_ASN1_INTEGER()
The function a2i_ASN1_INTEGER() allocates a buffer |s| but then fails
to free it on error paths.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 6e4ab54b93a161bed3d668315b13359b883caca4
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:46:09 2016 +0100
Free memory on error in cms app
The make_receipt_request() function in the cms app can leak memory on
an error condition.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 0e9eb1a57bd2e12eda7939f053240499f6169d74
Author: Matt Caswell <matt at openssl.org>
Date: Wed Apr 27 14:38:44 2016 +0100
Free tempory data on error in ec_wNAF_mul()
The ec_wNAF_mul() function allocates some temporary storage that it
doesn't always free on an error condition.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/cms.c | 3 ++-
apps/crl2p7.c | 3 +--
apps/dsaparam.c | 1 +
crypto/asn1/a_gentm.c | 35 +++++++++++++++++++++--------------
crypto/asn1/asn_pack.c | 21 ++++++++++++++-------
crypto/asn1/f_int.c | 1 +
crypto/ec/ec_mult.c | 2 ++
crypto/x509/x509_trs.c | 12 +++++++++---
crypto/x509v3/v3_akey.c | 4 ++++
crypto/x509v3/v3_cpols.c | 1 +
crypto/x509v3/v3_crld.c | 6 +++---
crypto/x509v3/v3_pmaps.c | 21 ++++++++++++---------
crypto/x509v3/v3_purp.c | 13 ++++++++++---
13 files changed, 81 insertions(+), 42 deletions(-)
diff --git a/apps/cms.c b/apps/cms.c
index 3a9b7af..ad771d2 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -1240,7 +1240,7 @@ static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
*rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING)
*rr_from)
{
- STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
+ STACK_OF(GENERAL_NAMES) *rct_to = NULL, *rct_from = NULL;
CMS_ReceiptRequest *rr;
rct_to = make_names_stack(rr_to);
if (!rct_to)
@@ -1255,6 +1255,7 @@ static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
rct_to);
return rr;
err:
+ sk_GENERAL_NAMES_pop_free(rct_to, GENERAL_NAMES_free);
return NULL;
}
diff --git a/apps/crl2p7.c b/apps/crl2p7.c
index 73e6270..1631258 100644
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -143,8 +143,6 @@ int crl2pkcs7_main(int argc, char **argv)
}
}
- sk_OPENSSL_STRING_free(certflst);
-
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
goto end;
@@ -160,6 +158,7 @@ int crl2pkcs7_main(int argc, char **argv)
}
ret = 0;
end:
+ sk_OPENSSL_STRING_free(certflst);
BIO_free(in);
BIO_free_all(out);
PKCS7_free(p7);
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index c12bd70..cd2ca4c 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -244,6 +244,7 @@ int dsaparam_main(int argc, char **argv)
" return NULL;\n"
" }\n"
" return(dsa);\n}\n");
+ OPENSSL_free(data);
}
if (!noout) {
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index 2f60d6c..8d43ee5 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -172,41 +172,48 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
struct tm *ts;
struct tm data;
size_t len = 20;
+ ASN1_GENERALIZEDTIME *tmps = NULL;
if (s == NULL)
- s = ASN1_GENERALIZEDTIME_new();
- if (s == NULL)
- return (NULL);
+ tmps = ASN1_GENERALIZEDTIME_new();
+ else
+ tmps = s;
+ if (tmps == NULL)
+ return NULL;
ts = OPENSSL_gmtime(&t, &data);
if (ts == NULL)
- return (NULL);
+ goto err;
if (offset_day || offset_sec) {
if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
- return NULL;
+ goto err;
}
- p = (char *)s->data;
- if ((p == NULL) || ((size_t)s->length < len)) {
+ p = (char *)tmps->data;
+ if ((p == NULL) || ((size_t)tmps->length < len)) {
p = OPENSSL_malloc(len);
if (p == NULL) {
ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE);
- return (NULL);
+ goto err;
}
- OPENSSL_free(s->data);
- s->data = (unsigned char *)p;
+ OPENSSL_free(tmps->data);
+ tmps->data = (unsigned char *)p;
}
BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", ts->tm_year + 1900,
ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min,
ts->tm_sec);
- s->length = strlen(p);
- s->type = V_ASN1_GENERALIZEDTIME;
+ tmps->length = strlen(p);
+ tmps->type = V_ASN1_GENERALIZEDTIME;
#ifdef CHARSET_EBCDIC_not
- ebcdic2ascii(s->data, s->data, s->length);
+ ebcdic2ascii(tmps->data, tmps->data, tmps->length);
#endif
- return (s);
+ return tmps;
+ err:
+ if (s == NULL)
+ ASN1_GENERALIZEDTIME_free(tmps);
+ return NULL;
}
const char *_asn1_mon[12] = {
diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c
index 7c30202..1f5be53 100644
--- a/crypto/asn1/asn_pack.c
+++ b/crypto/asn1/asn_pack.c
@@ -17,28 +17,35 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
{
ASN1_STRING *octmp;
- if (oct == NULL|| *oct== NULL) {
+ if (oct == NULL || *oct == NULL) {
if ((octmp = ASN1_STRING_new()) == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
return NULL;
}
- if (oct)
- *oct = octmp;
- } else
+ } else {
octmp = *oct;
+ }
OPENSSL_free(octmp->data);
octmp->data = NULL;
if ((octmp->length = ASN1_item_i2d(obj, &octmp->data, it)) == 0) {
ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR);
- return NULL;
+ goto err;
}
- if (!octmp->data) {
+ if (octmp->data == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
- return NULL;
+ goto err;
}
+
+ if (oct != NULL && *oct == NULL)
+ *oct = octmp;
+
return octmp;
+ err:
+ if (oct == NULL || *oct == NULL)
+ ASN1_STRING_free(octmp);
+ return NULL;
}
/* Extract an ASN1 object from an ASN1_STRING */
diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
index 15aece9..0f16ac0 100644
--- a/crypto/asn1/f_int.c
+++ b/crypto/asn1/f_int.c
@@ -148,6 +148,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
return 1;
err:
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
+ OPENSSL_free(s);
return 0;
}
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 4215dc7..036cdde 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -312,6 +312,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
numblocks = (tmp_len + blocksize - 1) / blocksize;
if (numblocks > pre_comp->numblocks) {
ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+ OPENSSL_free(tmp_wNAF);
goto err;
}
totalnum = num + numblocks;
@@ -326,6 +327,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
wNAF_len[i] = blocksize;
if (tmp_len < blocksize) {
ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+ OPENSSL_free(tmp_wNAF);
goto err;
}
tmp_len -= blocksize;
diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
index db0024f..d736418 100644
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -148,7 +148,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
/* dup supplied name */
if ((trtmp->name = OPENSSL_strdup(name)) == NULL) {
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;
}
/* Keep the dynamic flag of existing entry */
trtmp->flags &= X509_TRUST_DYNAMIC;
@@ -165,14 +165,20 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
if (trtable == NULL
&& (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) {
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;;
}
if (!sk_X509_TRUST_push(trtable, trtmp)) {
X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;
}
}
return 1;
+ err:
+ if (idx == -1) {
+ OPENSSL_free(trtmp->name);
+ OPENSSL_free(trtmp);
+ }
+ return 0;
}
static void trtable_free(X509_TRUST *p)
diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index a7d0b29..d9f7704 100644
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -143,12 +143,16 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
}
akeyid->issuer = gens;
+ gen = NULL;
+ gens = NULL;
akeyid->serial = serial;
akeyid->keyid = ikeyid;
return akeyid;
err:
+ sk_GENERAL_NAME_free(gens);
+ GENERAL_NAME_free(gen);
X509_NAME_free(isname);
ASN1_INTEGER_free(serial);
ASN1_OCTET_STRING_free(ikeyid);
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index fe722b1..81d0d99 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -295,6 +295,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
if (!nos || !sk_CONF_VALUE_num(nos)) {
X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_NUMBERS);
X509V3_conf_err(cnf);
+ sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
goto err;
}
ret = nref_nos(nref->noticenos, nos);
diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c
index 221eedf..c4c77f1 100644
--- a/crypto/x509v3/v3_crld.c
+++ b/crypto/x509v3/v3_crld.c
@@ -150,10 +150,10 @@ static int set_reasons(ASN1_BIT_STRING **preas, char *value)
const char *bnam;
int i, ret = 0;
rsk = X509V3_parse_list(value);
- if (!rsk)
- return 0;
- if (*preas)
+ if (rsk == NULL)
return 0;
+ if (*preas != NULL)
+ goto err;
for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) {
bnam = sk_CONF_VALUE_value(rsk, i)->name;
if (*preas == NULL) {
diff --git a/crypto/x509v3/v3_pmaps.c b/crypto/x509v3/v3_pmaps.c
index 959b678..73f4ec2 100644
--- a/crypto/x509v3/v3_pmaps.c
+++ b/crypto/x509v3/v3_pmaps.c
@@ -64,9 +64,9 @@ static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
- POLICY_MAPPINGS *pmaps;
- POLICY_MAPPING *pmap;
- ASN1_OBJECT *obj1, *obj2;
+ POLICY_MAPPINGS *pmaps = NULL;
+ POLICY_MAPPING *pmap = NULL;
+ ASN1_OBJECT *obj1 = NULL, *obj2 = NULL;
CONF_VALUE *val;
int i;
@@ -78,30 +78,33 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
val = sk_CONF_VALUE_value(nval, i);
if (!val->value || !val->name) {
- sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
X509V3_R_INVALID_OBJECT_IDENTIFIER);
X509V3_conf_err(val);
- return NULL;
+ goto err;
}
obj1 = OBJ_txt2obj(val->name, 0);
obj2 = OBJ_txt2obj(val->value, 0);
if (!obj1 || !obj2) {
- sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
X509V3_R_INVALID_OBJECT_IDENTIFIER);
X509V3_conf_err(val);
- return NULL;
+ goto err;
}
pmap = POLICY_MAPPING_new();
if (pmap == NULL) {
- sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
- return NULL;
+ goto err;
}
pmap->issuerDomainPolicy = obj1;
pmap->subjectDomainPolicy = obj2;
+ obj1 = obj2 = NULL;
sk_POLICY_MAPPING_push(pmaps, pmap);
}
return pmaps;
+ err:
+ ASN1_OBJECT_free(obj1);
+ ASN1_OBJECT_free(obj2);
+ sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
+ return NULL;
}
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index b757d8e..b0d40ed 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -180,7 +180,7 @@ int X509_PURPOSE_add(int id, int trust, int flags,
ptmp->sname = OPENSSL_strdup(sname);
if (!ptmp->name || !ptmp->sname) {
X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;
}
/* Keep the dynamic flag of existing entry */
ptmp->flags &= X509_PURPOSE_DYNAMIC;
@@ -197,14 +197,21 @@ int X509_PURPOSE_add(int id, int trust, int flags,
if (xptable == NULL
&& (xptable = sk_X509_PURPOSE_new(xp_cmp)) == NULL) {
X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;
}
if (!sk_X509_PURPOSE_push(xptable, ptmp)) {
X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
- return 0;
+ goto err;
}
}
return 1;
+ err:
+ if (idx == -1) {
+ OPENSSL_free(ptmp->name);
+ OPENSSL_free(ptmp->sname);
+ OPENSSL_free(ptmp);
+ }
+ return 0;
}
static void xptable_free(X509_PURPOSE *p)
More information about the openssl-commits
mailing list