[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Thu May 12 11:03:45 UTC 2016 

The branch master has been updated
       via  48c16012e743a31c42d823a75bc3cb72b8fad85f (commit)
       via  7c0ef8431845ea741012a5a6ff7063dca801fadd (commit)
      from  3dfcb6a0ecbc210899e4b674331d0294189281b9 (commit)


- Log -----------------------------------------------------------------
commit 48c16012e743a31c42d823a75bc3cb72b8fad85f
Author: Dmitry Belyavsky <beldmit at gmail.com>
Date:   Wed May 11 21:00:12 2016 +0100

    Don't use GOST ciphersuites with DTLS.
    
    RT#4438
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Stephen Henson <steve at openssl.org>

commit 7c0ef8431845ea741012a5a6ff7063dca801fadd
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Wed May 11 21:14:57 2016 +0100

    Don't leak memory if realloc fails.
    
    RT#4403
    
    Reviewed-by: Viktor Dukhovni <viktor at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.c           |  9 ++++-----
 apps/engine.c         | 12 ++++++++----
 crypto/modes/ocb128.c |  6 ++++--
 ssl/s3_lib.c          |  8 ++++----
 ssl/ssl_rsa.c         |  6 ++++--
 ssl/t1_ext.c          | 12 +++++++-----
 6 files changed, 31 insertions(+), 22 deletions(-)

diff --git a/apps/apps.c b/apps/apps.c
index 537d43a..c7e01b0 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -176,8 +176,6 @@ int chopup_args(ARGS *arg, char *buf)
     if (arg->size == 0) {
         arg->size = 20;
         arg->argv = app_malloc(sizeof(*arg->argv) * arg->size, "argv space");
-        if (arg->argv == NULL)
-            return 0;
     }
 
     for (p = buf;;) {
@@ -189,11 +187,12 @@ int chopup_args(ARGS *arg, char *buf)
 
         /* The start of something good :-) */
         if (arg->argc >= arg->size) {
+            char **tmp;
             arg->size += 20;
-            arg->argv = OPENSSL_realloc(arg->argv,
-                                        sizeof(*arg->argv) * arg->size);
-            if (arg->argv == NULL)
+            tmp = OPENSSL_realloc(arg->argv, sizeof(*arg->argv) * arg->size);
+            if (tmp == NULL)
                 return 0;
+            arg->argv = tmp;
         }
         quoted = *p == '\'' || *p == '"';
         if (quoted)
diff --git a/apps/engine.c b/apps/engine.c
index b60bfbc..3b395b1 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -107,13 +107,17 @@ static int append_buf(char **buf, int *size, const char *s)
     }
 
     if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
+        char *tmp;
         *size += 256;
-        *buf = OPENSSL_realloc(*buf, *size);
+        tmp = OPENSSL_realloc(*buf, *size);
+        if (tmp == NULL) {
+            OPENSSL_free(*buf);
+            *buf = NULL;
+            return 0;
+        }
+        *buf = tmp;
     }
 
-    if (*buf == NULL)
-        return 0;
-
     if (**buf != '\0')
         OPENSSL_strlcat(*buf, ", ", *size);
     OPENSSL_strlcat(*buf, s, *size);
diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c
index 3c17aa5..cb99d09 100644
--- a/crypto/modes/ocb128.c
+++ b/crypto/modes/ocb128.c
@@ -147,6 +147,7 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx)
 
     /* We don't have it - so calculate it */
     if (idx >= ctx->max_l_index) {
+        void *tmp_ptr;
         /*
          * Each additional entry allows to process almost double as
          * much data, so that in linear world the table will need to
@@ -157,10 +158,11 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx)
          * the index.
          */
         ctx->max_l_index += (idx - ctx->max_l_index + 4) & ~3;
-        ctx->l =
+        tmp_ptr =
             OPENSSL_realloc(ctx->l, ctx->max_l_index * sizeof(OCB_BLOCK));
-        if (ctx->l == NULL)
+        if (tmp_ptr == NULL) /* prevent ctx->l from being clobbered */
             return NULL;
+        ctx->l = tmp_ptr;
     }
     while (l_index < idx) {
         ocb_double(ctx->l + l_index, ctx->l + l_index + 1);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 9064abb..5d5293e 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2506,7 +2506,7 @@ static SSL_CIPHER ssl3_ciphers[] =
      SSL_eGOST2814789CNT,
      SSL_GOST89MAC,
      TLS1_VERSION, TLS1_2_VERSION,
-     DTLS1_VERSION, DTLS1_2_VERSION,
+     0, 0,
      SSL_HIGH,
      SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
      256,
@@ -2521,7 +2521,7 @@ static SSL_CIPHER ssl3_ciphers[] =
      SSL_eNULL,
      SSL_GOST94,
      TLS1_VERSION, TLS1_2_VERSION,
-     DTLS1_VERSION, DTLS1_2_VERSION,
+     0, 0,
      SSL_STRONG_NONE,
      SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
      0,
@@ -2536,7 +2536,7 @@ static SSL_CIPHER ssl3_ciphers[] =
      SSL_eGOST2814789CNT12,
      SSL_GOST89MAC12,
      TLS1_VERSION, TLS1_2_VERSION,
-     DTLS1_VERSION, DTLS1_2_VERSION,
+     0, 0,
      SSL_HIGH,
      SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
      256,
@@ -2551,7 +2551,7 @@ static SSL_CIPHER ssl3_ciphers[] =
      SSL_eNULL,
      SSL_GOST12_256,
      TLS1_VERSION, TLS1_2_VERSION,
-     DTLS1_VERSION, DTLS1_2_VERSION,
+     0, 0,
      SSL_STRONG_NONE,
      SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
      0,
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index f1280ad..88dce79 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -940,6 +940,7 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
 int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
 {
     unsigned char *serverinfo = NULL;
+    unsigned char *tmp;
     size_t serverinfo_length = 0;
     unsigned char *extension = 0;
     long extension_length = 0;
@@ -999,12 +1000,13 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
             goto end;
         }
         /* Append the decoded extension to the serverinfo buffer */
-        serverinfo =
+        tmp =
             OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
-        if (serverinfo == NULL) {
+        if (tmp == NULL) {
             SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
             goto end;
         }
+        serverinfo = tmp;
         memcpy(serverinfo + serverinfo_length, extension, extension_length);
         serverinfo_length += extension_length;
 
diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
index 3bbe1fd..2816131 100644
--- a/ssl/t1_ext.c
+++ b/ssl/t1_ext.c
@@ -205,7 +205,7 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
                                void *add_arg,
                                custom_ext_parse_cb parse_cb, void *parse_arg)
 {
-    custom_ext_method *meth;
+    custom_ext_method *meth, *tmp;
     /*
      * Check application error: if add_cb is not set free_cb will never be
      * called.
@@ -225,15 +225,17 @@ static int custom_ext_meth_add(custom_ext_methods *exts,
     /* Search for duplicate */
     if (custom_ext_find(exts, ext_type))
         return 0;
-    exts->meths = OPENSSL_realloc(exts->meths,
-                                  (exts->meths_count +
-                                   1) * sizeof(custom_ext_method));
+    tmp = OPENSSL_realloc(exts->meths,
+                          (exts->meths_count + 1) * sizeof(custom_ext_method));
 
-    if (!exts->meths) {
+    if (tmp == NULL) {
+        OPENSSL_free(exts->meths);
+        exts->meths = NULL;
         exts->meths_count = 0;
         return 0;
     }
 
+    exts->meths = tmp;
     meth = exts->meths + exts->meths_count;
     memset(meth, 0, sizeof(*meth));
     meth->parse_cb = parse_cb;

More information about the openssl-commits mailing list