[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Sat Jul 7 13:04:23 UTC 2018 

The branch master has been updated
       via  74bfb980377f43367035959a2c0afb5ec501c033 (commit)
       via  bdd92f4d9bce6c62e553f89a2556c6881fc6d5dd (commit)
       via  1829ff4b5e7f1d1570ea9b9e4660a1a673e5da67 (commit)
       via  3e0076c213ec2d1149a9a89f9bc141d1a1a44630 (commit)
      from  c9d6fdd6f79c1725215347ad8409b1e60eaccf0c (commit)


- Log -----------------------------------------------------------------
commit 74bfb980377f43367035959a2c0afb5ec501c033
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Jun 26 15:21:09 2018 +0100

    Remove a memset
    
    Also avoids calling EVP_MD_size() and a missing negative result check.
    
    Issue found by Coverity.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6592)

commit bdd92f4d9bce6c62e553f89a2556c6881fc6d5dd
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Jun 26 15:12:56 2018 +0100

    Check a return value for success in ec_field_size()
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6592)

commit 1829ff4b5e7f1d1570ea9b9e4660a1a673e5da67
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Jun 26 15:10:56 2018 +0100

    Fix some Coverity issues in sm2_encrypt()
    
    Check for a negative EVP_MD_size().
    Don't dereference group until we've checked if it is NULL.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6592)

commit 3e0076c213ec2d1149a9a89f9bc141d1a1a44630
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Jun 26 15:03:05 2018 +0100

    Check md_size isn't negative before we use it
    
    Issue found by Coverity
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6592)

-----------------------------------------------------------------------

Summary of changes:
 crypto/sm2/sm2_crypt.c | 22 ++++++++++++----------
 crypto/sm2/sm2_sign.c  | 11 ++++++-----
 crypto/sm2/sm2_za.c    |  2 --
 3 files changed, 18 insertions(+), 17 deletions(-)

diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c
index 0fe1dd8..aedf905 100644
--- a/crypto/sm2/sm2_crypt.c
+++ b/crypto/sm2/sm2_crypt.c
@@ -48,7 +48,8 @@ static size_t ec_field_size(const EC_GROUP *group)
     if (p == NULL || a == NULL || b == NULL)
        goto done;
 
-    EC_GROUP_get_curve_GFp(group, p, a, b, NULL);
+    if (!EC_GROUP_get_curve_GFp(group, p, a, b, NULL))
+        goto done;
     field_size = (BN_num_bits(p) + 7) / 8;
 
  done:
@@ -121,19 +122,20 @@ int sm2_encrypt(const EC_KEY *key,
     uint8_t *msg_mask = NULL;
     uint8_t *x2y2 = NULL;
     uint8_t *C3 = NULL;
-    const size_t field_size = ec_field_size(group);
-    const size_t C3_size = EVP_MD_size(digest);
+    size_t field_size;
+    const int C3_size = EVP_MD_size(digest);
 
     /* NULL these before any "goto done" */
     ctext_struct.C2 = NULL;
     ctext_struct.C3 = NULL;
 
-    if (hash == NULL
-            || group == NULL
-            || order == NULL
-            || P == NULL
-            || field_size == 0
-            || C3_size == 0) {
+    if (hash == NULL || C3_size <= 0) {
+        SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);
+        goto done;
+    }
+
+    field_size = ec_field_size(group);
+    if (field_size == 0) {
         SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);
         goto done;
     }
@@ -273,7 +275,7 @@ int sm2_decrypt(const EC_KEY *key,
     int msg_len = 0;
     EVP_MD_CTX *hash = NULL;
 
-    if (field_size == 0 || hash_size == 0)
+    if (field_size == 0 || hash_size <= 0)
        goto done;
 
     memset(ptext_buf, 0xFF, *ptext_len);
diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c
index 14576ca..adde952 100644
--- a/crypto/sm2/sm2_sign.c
+++ b/crypto/sm2/sm2_sign.c
@@ -25,16 +25,17 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest,
 {
     EVP_MD_CTX *hash = EVP_MD_CTX_new();
     const int md_size = EVP_MD_size(digest);
-    uint8_t *za = OPENSSL_zalloc(md_size);
+    uint8_t *za = NULL;
     BIGNUM *e = NULL;
 
-    if (hash == NULL || za == NULL) {
-        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_MALLOC_FAILURE);
+    if (md_size < 0) {
+        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST);
         goto done;
     }
 
-    if (md_size < 0) {
-        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST);
+    za = OPENSSL_zalloc(md_size);
+    if (hash == NULL || za == NULL) {
+        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_MALLOC_FAILURE);
         goto done;
     }
 
diff --git a/crypto/sm2/sm2_za.c b/crypto/sm2/sm2_za.c
index 94d0dac..8f45082 100644
--- a/crypto/sm2/sm2_za.c
+++ b/crypto/sm2/sm2_za.c
@@ -59,8 +59,6 @@ int sm2_compute_userid_digest(uint8_t *out,
         goto done;
     }
 
-    memset(out, 0, EVP_MD_size(digest));
-
     if (!EVP_DigestInit(hash, digest)) {
         SM2err(SM2_F_SM2_COMPUTE_USERID_DIGEST, ERR_R_EVP_LIB);
         goto done;

More information about the openssl-commits mailing list