[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Tue Oct 2 10:01:44 UTC 2018 

The branch master has been updated
       via  434893af2bd4c1fa72655f8e5262c8a432713968 (commit)
       via  c20a76f695922f409c316399f7290530f7728f19 (commit)
      from  f3002a2ed3645d8d6e1511424b3f5e89f6117edf (commit)


- Log -----------------------------------------------------------------
commit 434893af2bd4c1fa72655f8e5262c8a432713968
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Oct 1 13:16:55 2018 +0100

    Fix some Coverity warnings
    
    Check some return values on some functions.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/7335)

commit c20a76f695922f409c316399f7290530f7728f19
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Oct 1 12:06:06 2018 +0100

    Fix a mem leak in the ocsp app
    
    Free memory allocated in the parent process that is not needed in the
    child. We also free it in the parent. Technically this isn't really
    required since we end up calling exit() soon afterwards - but to
    prevent false positives we free it anyway.
    
    Fixes a Coverity issue.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/7335)

-----------------------------------------------------------------------

Summary of changes:
 apps/ocsp.c        | 2 ++
 crypto/evp/e_rc2.c | 8 +++++---
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/apps/ocsp.c b/apps/ocsp.c
index eb822c2..7fd7862 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -950,6 +950,7 @@ static void spawn_loop(void)
             sleep(30);
             break;
         case 0:             /* child */
+            OPENSSL_free(kidpids);
             signal(SIGINT, SIG_DFL);
             signal(SIGTERM, SIG_DFL);
             if (termsig)
@@ -976,6 +977,7 @@ static void spawn_loop(void)
     }
 
     /* The loop above can only break on termsig */
+    OPENSSL_free(kidpids);
     syslog(LOG_INFO, "terminating on signal: %d", termsig);
     killall(0, kidpids);
 }
diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c
index 80afe31..234d1eb 100644
--- a/crypto/evp/e_rc2.c
+++ b/crypto/evp/e_rc2.c
@@ -92,7 +92,8 @@ static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
 {
     int i;
 
-    EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
+    if (EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i) <= 0)
+        return 0;
     if (i == 128)
         return RC2_128_MAGIC;
     else if (i == 64)
@@ -136,8 +137,9 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
             return -1;
         if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
             return -1;
-        EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
-        if (EVP_CIPHER_CTX_set_key_length(c, key_bits / 8) <= 0)
+        if (EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits,
+                                NULL) <= 0
+                || EVP_CIPHER_CTX_set_key_length(c, key_bits / 8) <= 0)
             return -1;
     }
     return i;

More information about the openssl-commits mailing list