[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Tue May 7 23:53:42 UTC 2019
The branch master has been updated
via 0dc6bf3c39732aea7bc049d145c395bbec895f52 (commit)
via 1f760760952b866d53b1ad9b457e1d6027e71c6c (commit)
via ff6c7cc60fcc5dad0b05c144a15b9af9ee3e7288 (commit)
via 1702c500b58414a936ce139853620b57547e6a0c (commit)
via d05105665f1ba9b3d72abc456b7ae42d782477be (commit)
via 97ee8af49560d6f7fe2d8f7fe9657172155522a3 (commit)
via 6521cb0319e9bb1d49c93bd9885c7b253e90cef6 (commit)
via 21d9856986e4b24a782e76270c8a83cc315faa3f (commit)
via d2c2e49eab69c7446c1c2c7227f63f8618ca99a5 (commit)
via 0484af225d96f449e21f5ad65cfa332e0091260b (commit)
via a05bf83c7964bb3928b323fe356b9f70f105036d (commit)
via ea053ec99e985a3d76762bc54ccce23e12d08999 (commit)
via 4894dcad6282985a96f5b3b560019c21c2bb3a6b (commit)
from 9acbe07d2300d34a7ea846d9756f33b4595e32fb (commit)
- Log -----------------------------------------------------------------
commit 0dc6bf3c39732aea7bc049d145c395bbec895f52
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 11:10:33 2019 +1000
Coverity CID 1444950: Control flow issues
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit 1f760760952b866d53b1ad9b457e1d6027e71c6c
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 11:07:41 2019 +1000
Coverity CID 1444951: Null pointer dereferences
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit ff6c7cc60fcc5dad0b05c144a15b9af9ee3e7288
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 11:06:33 2019 +1000
Coverity CID 1444952: Null pointer dereferences
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit 1702c500b58414a936ce139853620b57547e6a0c
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 11:04:37 2019 +1000
Coverity CID 1444953: Null pointer dereferences
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit d05105665f1ba9b3d72abc456b7ae42d782477be
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:59:14 2019 +1000
Coverity CID 1444954: Integer handling issues
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit 97ee8af49560d6f7fe2d8f7fe9657172155522a3
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:57:34 2019 +1000
Coverity CID 1444955: Null pointer dereferences
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit 6521cb0319e9bb1d49c93bd9885c7b253e90cef6
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:55:39 2019 +1000
Coverity CID 1444956: Integer handling issues
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit 21d9856986e4b24a782e76270c8a83cc315faa3f
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:52:52 2019 +1000
Coverity CID 1444957: Error handling issues
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit d2c2e49eab69c7446c1c2c7227f63f8618ca99a5
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:48:42 2019 +1000
Coverity CID 1444958: Null pointer dereferences
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit 0484af225d96f449e21f5ad65cfa332e0091260b
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:45:57 2019 +1000
Coverity CID 1444959: Integer handling issues
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit a05bf83c7964bb3928b323fe356b9f70f105036d
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:42:58 2019 +1000
Coverity CID 1444960: Error handling issues
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit ea053ec99e985a3d76762bc54ccce23e12d08999
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:26:32 2019 +1000
Coverity CID 1444961: Integer handling issues
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
commit 4894dcad6282985a96f5b3b560019c21c2bb3a6b
Author: Pauli <paul.dale at oracle.com>
Date: Tue May 7 10:18:29 2019 +1000
Coverity CID 1444963: Null pointer dereferences
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
-----------------------------------------------------------------------
Summary of changes:
apps/info.c | 3 +--
crypto/asn1/p5_scrypt.c | 9 +++++++--
crypto/engine/eng_openssl.c | 9 ++++++---
crypto/err/openssl.txt | 1 +
crypto/evp/e_des3.c | 8 +++++---
crypto/evp/evp_enc.c | 23 ++++++++++++++++++++---
crypto/evp/evp_err.c | 1 +
crypto/evp/p5_crpt.c | 20 ++++++++++++++------
crypto/evp/p5_crpt2.c | 9 +++++++--
crypto/ex_data.c | 4 ++--
include/openssl/evperr.h | 1 +
11 files changed, 65 insertions(+), 23 deletions(-)
diff --git a/apps/info.c b/apps/info.c
index aa019ad..a2c359e 100644
--- a/apps/info.c
+++ b/apps/info.c
@@ -42,8 +42,7 @@ int info_main(int argc, char **argv)
prog = opt_init(argc, argv, info_options);
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
- case OPT_EOF:
- case OPT_ERR:
+ default:
opthelp:
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c
index 0382a5f..d6f38e8 100644
--- a/crypto/asn1/p5_scrypt.c
+++ b/crypto/asn1/p5_scrypt.c
@@ -217,7 +217,7 @@ int PKCS5_v2_scrypt_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
uint64_t p, r, N;
size_t saltlen;
size_t keylen = 0;
- int rv = 0;
+ int t, rv = 0;
SCRYPT_PARAMS *sparam = NULL;
if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
@@ -234,7 +234,12 @@ int PKCS5_v2_scrypt_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
goto err;
}
- keylen = EVP_CIPHER_CTX_key_length(ctx);
+ t = EVP_CIPHER_CTX_key_length(ctx);
+ if (t < 0) {
+ EVPerr(EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH);
+ goto err;
+ }
+ keylen = t;
/* Now check the parameters of sparam */
diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index 5877a26..d41006f 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -189,12 +189,15 @@ typedef struct {
static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
+ const int n = EVP_CIPHER_CTX_key_length(ctx);
+
# ifdef TEST_ENG_OPENSSL_RC4_P_INIT
fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
# endif
- memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
- RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
- test(ctx)->key);
+ if (n <= 0)
+ return n;
+ memcpy(&test(ctx)->key[0], key, n);
+ RC4_set_key(&test(ctx)->ks, n, test(ctx)->key);
return 1;
}
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 14a7e3b..4b9f27b 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2400,6 +2400,7 @@ EVP_R_INPUT_NOT_INITIALIZED:111:input not initialized
EVP_R_INVALID_CUSTOM_LENGTH:185:invalid custom length
EVP_R_INVALID_DIGEST:152:invalid digest
EVP_R_INVALID_FIPS_MODE:168:invalid fips mode
+EVP_R_INVALID_IV_LENGTH:194:invalid iv length
EVP_R_INVALID_KEY:163:invalid key
EVP_R_INVALID_KEY_LENGTH:130:invalid key length
EVP_R_INVALID_OPERATION:148:invalid operation
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 6177659..52fde95 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -280,15 +280,17 @@ static int des3_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
DES_cblock *deskey = ptr;
+ int kl;
switch (type) {
case EVP_CTRL_RAND_KEY:
- if (RAND_priv_bytes(ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0)
+ kl = EVP_CIPHER_CTX_key_length(ctx);
+ if (kl < 0 || RAND_priv_bytes(ptr, kl) <= 0)
return 0;
DES_set_odd_parity(deskey);
- if (EVP_CIPHER_CTX_key_length(ctx) >= 16)
+ if (kl >= 16)
DES_set_odd_parity(deskey + 1);
- if (EVP_CIPHER_CTX_key_length(ctx) >= 24)
+ if (kl >= 24)
DES_set_odd_parity(deskey + 2);
return 1;
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index d7ba7dd..4bc6370 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -338,6 +338,9 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
#endif
+ if (ctx->cipher == NULL)
+ return 0;
+
/* we assume block size is a power of 2 in *cryptUpdate */
OPENSSL_assert(ctx->cipher->block_size == 1
|| ctx->cipher->block_size == 8
@@ -620,7 +623,11 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
return 0;
}
- if (ctx->cipher == NULL || ctx->cipher->prov == NULL)
+ if (ctx->cipher == NULL) {
+ EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_NO_CIPHER_SET);
+ return 0;
+ }
+ if (ctx->cipher->prov == NULL)
goto legacy;
blocksize = EVP_CIPHER_CTX_block_size(ctx);
@@ -695,7 +702,11 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
return 0;
}
- if (ctx->cipher == NULL || ctx->cipher->prov == NULL)
+ if (ctx->cipher == NULL) {
+ EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_NO_CIPHER_SET);
+ return 0;
+ }
+ if (ctx->cipher->prov == NULL)
goto legacy;
blocksize = EVP_CIPHER_CTX_block_size(ctx);
@@ -832,6 +843,10 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
legacy:
*outl = 0;
+ if (ctx->cipher == NULL) {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_NO_CIPHER_SET);
+ return 0;
+ }
if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
i = ctx->cipher->do_cipher(ctx, out, NULL, 0);
@@ -949,9 +964,11 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
{
+ int kl;
if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
- if (RAND_priv_bytes(key, EVP_CIPHER_CTX_key_length(ctx)) <= 0)
+ kl = EVP_CIPHER_CTX_key_length(ctx);
+ if (kl <= 0 || RAND_priv_bytes(key, kl) <= 0)
return 0;
return 1;
}
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 703d172..836f5ee 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -249,6 +249,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
"invalid custom length"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_DIGEST), "invalid digest"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_IV_LENGTH), "invalid iv length"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY), "invalid key"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_OPERATION), "invalid operation"},
diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c
index 5abc2b9..0f5158e 100644
--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -28,7 +28,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
EVP_MD_CTX *ctx;
unsigned char md_tmp[EVP_MAX_MD_SIZE];
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
- int i;
+ int i, ivl, kl;
PBEPARAM *pbe;
int saltlen, iter;
unsigned char *salt;
@@ -48,6 +48,17 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
return 0;
}
+ ivl = EVP_CIPHER_iv_length(cipher);
+ if (ivl < 0 || ivl > 16) {
+ EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_IV_LENGTH);
+ return 0;
+ }
+ kl = EVP_CIPHER_key_length(cipher);
+ if (kl < 0 || kl > (int)sizeof(md_tmp)) {
+ EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+
if (!pbe->iter)
iter = 1;
else
@@ -86,11 +97,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL))
goto err;
}
- OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
- memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
- OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
- memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
- EVP_CIPHER_iv_length(cipher));
+ memcpy(key, md_tmp, kl);
+ memcpy(iv, md_tmp + (16 - ivl), ivl);
if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
goto err;
OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index ac5b974..c231a32 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -134,7 +134,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
const EVP_CIPHER *c, const EVP_MD *md, int en_de)
{
unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
- int saltlen, iter;
+ int saltlen, iter, t;
int rv = 0;
unsigned int keylen = 0;
int prf_nid, hmac_md_nid;
@@ -157,7 +157,12 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
goto err;
}
- keylen = EVP_CIPHER_CTX_key_length(ctx);
+ t = EVP_CIPHER_CTX_key_length(ctx);
+ if (t < 0) {
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH);
+ goto err;
+ }
+ keylen = t;
/* Now check the parameters of the kdf */
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index d9dd3d2..055420a 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -114,7 +114,7 @@ int crypto_free_ex_index_ex(OPENSSL_CTX *ctx, int class_index, int idx)
OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
if (global == NULL)
- goto err;
+ return 0;
ip = get_and_lock(ctx, class_index);
if (ip == NULL)
@@ -152,7 +152,7 @@ int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl,
OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
if (global == NULL)
- goto err;
+ return -1;
ip = get_and_lock(ctx, class_index);
if (ip == NULL)
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index ba95fd2..3aa9792 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -191,6 +191,7 @@ int ERR_load_EVP_strings(void);
# define EVP_R_INVALID_CUSTOM_LENGTH 185
# define EVP_R_INVALID_DIGEST 152
# define EVP_R_INVALID_FIPS_MODE 168
+# define EVP_R_INVALID_IV_LENGTH 194
# define EVP_R_INVALID_KEY 163
# define EVP_R_INVALID_KEY_LENGTH 130
# define EVP_R_INVALID_OPERATION 148
More information about the openssl-commits
mailing list