[openssl] master update

Richard Levitte levitte at openssl.org
Wed Apr 29 13:35:50 UTC 2020 

The branch master has been updated
       via  036ee3706352970a15300b5cd4bf0b2cb370e12a (commit)
      from  a6ed19dc9a9fc263a3b2e6b990e2face28a1a70d (commit)


- Log -----------------------------------------------------------------
commit 036ee3706352970a15300b5cd4bf0b2cb370e12a
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Apr 28 08:41:20 2020 +0200

    EVP: Fix evp_keymgmt_util_copy() for to->keymgmt == NULL
    
    evp_keymgmt_util_copy() didn't treat the case to->keymgmt correctly.
    The proper change is to use from->keymgmt when to->keymgmt is NULL.
    
    Fixes coverity #1462553
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11668)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/keymgmt_lib.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index 3493ceb3cb..54805d741d 100644
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -346,10 +346,19 @@ int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection)
     if (from == NULL || from->keydata == NULL)
         return 0;
 
+    /*
+     * If |to| is unassigned, ensure it gets the same KEYMGMT as |from|,
+     * Note that the final setting of KEYMGMT is done further down, with
+     * EVP_PKEY_set_type_by_keymgmt(); we don't want to do that prematurely.
+     */
+    if (to_keymgmt == NULL)
+        to_keymgmt = from->keymgmt;
+
     if (to_keymgmt == from->keymgmt && to_keymgmt->copy != NULL) {
         /* Make sure there's somewhere to copy to */
         if (to_keydata == NULL
-            && (to_keydata = evp_keymgmt_newdata(to_keymgmt)) == NULL) {
+            && ((to_keydata = alloc_keydata = evp_keymgmt_newdata(to_keymgmt))
+                == NULL)) {
             ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
             return 0;
         }
@@ -375,10 +384,11 @@ int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection)
         }
 
         /*
-         * In this case to_keydata was previously unallocated, try_import()
+         * In case to_keydata was previously unallocated, try_import()
          * may have created it for us.
          */
-        to_keydata = import_data.keydata;
+        if (to_keydata == NULL)
+            to_keydata = alloc_keydata = import_data.keydata;
     } else {
         ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES);
         return 0;

More information about the openssl-commits mailing list