[openssl] master update

Dr. Paul Dale pauli at openssl.org
Thu Apr 30 10:27:32 UTC 2020


The branch master has been updated
       via  64e54bf5c6657bf423d3ba463f31095d598d94e7 (commit)
       via  206da660a37e84b7266db4e2c4e9485cdafb1366 (commit)
       via  209c3d3ef655a807cdb109f3316bb86433ae7f07 (commit)
       via  6f0bdf41a34d21a0a7abf154c2a454fb5437251e (commit)
       via  3e47e7b454fb5e51c4e7efa98f40ea94d6e9c1fa (commit)
       via  ba61a0e60ff8d645d41e0bf4d65e753adca18b24 (commit)
       via  5e12a13af7413d301e8e781e4f8e3e9b953f0df5 (commit)
       via  cb383f10d1fe5e9020280952caea4fa9c2e4139d (commit)
       via  61cdc2a08dcd6d4805dab21483974cc82b88d6e3 (commit)
       via  67d744b933b4f31a5b9a5341f2cfea7535363a88 (commit)
       via  d4d67bafe704c28e86ec8c19b62fdb541dec7a3e (commit)
       via  0e2b6091e90dea687f1b2d336a053484faf225b9 (commit)
       via  437e36aed578f0a3213cc87b34abecb36bf1bde5 (commit)
       via  70e18f9dcefdf6c276531159de433f09d4179178 (commit)
       via  2a4ad6a5d48de69b7f8b2b07c99d1f6c510c569c (commit)
       via  576bcdb5bdc1311064a108098eedc4a0723615ba (commit)
       via  9dbfb11d5a204badbc28dec27cb98121bb00f996 (commit)
       via  4dcff55c75f911ea190b57b94d9540f80a961a4f (commit)
       via  ada7d4c345825551678972bd4b2221db2ae52fd9 (commit)
       via  089c292825a3b64ed375223751bd84a6da8312c1 (commit)
       via  dc8908bfe29c50e98655c8c75be4be84da4d46f6 (commit)
       via  e655ce14d0c68e8ddf85a2941e222f7806f84013 (commit)
       via  1f74259d4237a98db7aaa65c55a747f15a347b7c (commit)
       via  bd5f280091e7b9b2308b6f99a239653eb317ca7d (commit)
       via  9b0e74c41aae177f8abf3227d923a076d2117f9a (commit)
       via  721330705a2eb040270742367721d5a006e004f4 (commit)
       via  4f5e206dd8357f8f0c6c1fc3c6792286f6b6c609 (commit)
       via  92f0684d11de6e7ff35cd14d26160545451d1ea6 (commit)
      from  bb4f39114caabbc11caf7840db7bfcd2bf2ff430 (commit)


- Log -----------------------------------------------------------------
commit 64e54bf5c6657bf423d3ba463f31095d598d94e7
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:32:14 2020 +1000

    coverity 1462581 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 206da660a37e84b7266db4e2c4e9485cdafb1366
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:28:55 2020 +1000

    coverity 1462580 Improper use of negative value
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 209c3d3ef655a807cdb109f3316bb86433ae7f07
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:26:48 2020 +1000

    coverity 1462578 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 6f0bdf41a34d21a0a7abf154c2a454fb5437251e
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:25:42 2020 +1000

    coverity 1462576 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 3e47e7b454fb5e51c4e7efa98f40ea94d6e9c1fa
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 07:48:32 2020 +1000

    coverity 1462567: Null pointer dereferences
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit ba61a0e60ff8d645d41e0bf4d65e753adca18b24
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:19:11 2020 +1000

    coverity 1462574 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 5e12a13af7413d301e8e781e4f8e3e9b953f0df5
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:17:48 2020 +1000

    coverity 1462573 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit cb383f10d1fe5e9020280952caea4fa9c2e4139d
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:16:04 2020 +1000

    coverity 1462572 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 61cdc2a08dcd6d4805dab21483974cc82b88d6e3
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:13:46 2020 +1000

    coverity 1462571 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 67d744b933b4f31a5b9a5341f2cfea7535363a88
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:10:15 2020 +1000

    coverity 1462570 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit d4d67bafe704c28e86ec8c19b62fdb541dec7a3e
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:06:14 2020 +1000

    coverity 1462566 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 0e2b6091e90dea687f1b2d336a053484faf225b9
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 09:04:05 2020 +1000

    coverity 1462564 Improper use of negative value
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 437e36aed578f0a3213cc87b34abecb36bf1bde5
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:58:59 2020 +1000

    coverity 1462562 Dereference before null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 70e18f9dcefdf6c276531159de433f09d4179178
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:57:38 2020 +1000

    coverity 1462561 Uninitialized scalar variable
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 2a4ad6a5d48de69b7f8b2b07c99d1f6c510c569c
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:54:28 2020 +1000

    coverity 1462560 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 576bcdb5bdc1311064a108098eedc4a0723615ba
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:45:04 2020 +1000

    coverity 1462556 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 9dbfb11d5a204badbc28dec27cb98121bb00f996
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:42:20 2020 +1000

    coverity 1462554 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 4dcff55c75f911ea190b57b94d9540f80a961a4f
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:33:27 2020 +1000

    coverity 1462549 Dereference before null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit ada7d4c345825551678972bd4b2221db2ae52fd9
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:30:49 2020 +1000

    coverity 1462548 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 089c292825a3b64ed375223751bd84a6da8312c1
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:26:39 2020 +1000

    coverity 1462546 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit dc8908bfe29c50e98655c8c75be4be84da4d46f6
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:25:33 2020 +1000

    coverity 1462545 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit e655ce14d0c68e8ddf85a2941e222f7806f84013
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:21:06 2020 +1000

    coverity: 1462544 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 1f74259d4237a98db7aaa65c55a747f15a347b7c
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:05:23 2020 +1000

    coverity 1462543 Logically dead code
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit bd5f280091e7b9b2308b6f99a239653eb317ca7d
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 08:01:28 2020 +1000

    coverity 1462541 Dereference after null check
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 9b0e74c41aae177f8abf3227d923a076d2117f9a
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 07:59:02 2020 +1000

    coverity 1462550 Resource leak
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 721330705a2eb040270742367721d5a006e004f4
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 07:51:16 2020 +1000

    coverity 1462565: Null pointer dereferences
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 4f5e206dd8357f8f0c6c1fc3c6792286f6b6c609
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 07:40:17 2020 +1000

    coverity 1462577: Incorrect expression
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

commit 92f0684d11de6e7ff35cd14d26160545451d1ea6
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Apr 27 07:32:43 2020 +1000

    param bld: avoid freeing the param builder structure on error paths.
    
    The param builder was recently modified so that it doesn't free the passed in
    param builder structure.  Some of the error paths didn't get synced up with this
    change and resulted in double frees.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/11651)

-----------------------------------------------------------------------

Summary of changes:
 apps/lib/app_x509.c                                | 15 +++++---
 apps/lib/apps.c                                    |  8 +++-
 crypto/cms/cms_kari.c                              | 44 +++++++++++-----------
 crypto/cms/cms_sd.c                                |  4 +-
 crypto/ct/ct_policy.c                              |  1 +
 crypto/ct/ct_sct_ctx.c                             |  4 +-
 crypto/ec/ecx_meth.c                               |  4 +-
 crypto/err/openssl.txt                             |  1 +
 crypto/evp/evp_err.c                               |  1 +
 crypto/evp/m_sigver.c                              | 24 +++++++-----
 crypto/evp/p_lib.c                                 | 16 +++++---
 crypto/evp/pkey_mac.c                              | 21 +++++++----
 crypto/evp/pmeth_gn.c                              |  2 +-
 crypto/ffc/ffc_backend.c                           |  7 +---
 crypto/hmac/hmac.c                                 |  2 +
 crypto/param_build.c                               |  2 -
 crypto/rsa/rsa_gen.c                               |  2 +-
 crypto/ts/ts_rsp_sign.c                            |  1 +
 crypto/x509/v3_tlsf.c                              |  5 ++-
 crypto/x509/x509_vfy.c                             |  1 +
 include/openssl/evperr.h                           |  2 +
 providers/implementations/ciphers/cipher_aes_ocb.c |  2 +-
 providers/implementations/keymgmt/rsa_kmgmt.c      |  1 +
 providers/implementations/macs/kmac_prov.c         |  2 +
 ssl/ssl_cert.c                                     |  5 ++-
 ssl/tls13_enc.c                                    |  1 +
 test/drbg_extra_test.c                             |  6 +--
 test/param_build_test.c                            |  2 +-
 28 files changed, 112 insertions(+), 74 deletions(-)

diff --git a/apps/lib/app_x509.c b/apps/lib/app_x509.c
index 89c5960fa6..00581aabbd 100644
--- a/apps/lib/app_x509.c
+++ b/apps/lib/app_x509.c
@@ -106,12 +106,15 @@ static int do_x509_ctrl_string(int (*ctrl)(void *object, int cmd,
         cmd = EVP_PKEY_CTRL_SET1_ID; /* ... except we put it in X509 */
 #endif
     } else if (strcmp(stmp, "hexdistid") == 0) {
-        long hexid_len = 0;
-        void *hexid = OPENSSL_hexstr2buf((const char *)vtmp, &hexid_len);
-
-        OPENSSL_free(stmp);
-        stmp = vtmp = hexid;
-        vtmp_len = (size_t)hexid_len;
+        if (vtmp != NULL) {
+            void *hexid;
+            long hexid_len = 0;
+
+            hexid = OPENSSL_hexstr2buf((const char *)vtmp, &hexid_len);
+            OPENSSL_free(stmp);
+            stmp = vtmp = hexid;
+            vtmp_len = (size_t)hexid_len;
+        }
 #ifdef EVP_PKEY_CTRL_SET1_ID
         cmd = EVP_PKEY_CTRL_SET1_ID; /* ... except we put it in X509 */
 #endif
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 1a23ae0846..6facdf3e5b 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -420,9 +420,13 @@ static int load_pkcs12(BIO *in, const char *desc,
     char tpass[PEM_BUFSIZE];
     int len, ret = 0;
     PKCS12 *p12;
+
     p12 = d2i_PKCS12_bio(in, NULL);
-    if (p12 == NULL && desc != NULL) {
-        BIO_printf(bio_err, "Error loading PKCS12 file for %s\n", desc);
+    if (p12 == NULL) {
+        if (desc != NULL)
+            BIO_printf(bio_err, "Error loading PKCS12 file for %s\n", desc);
+        else
+            BIO_printf(bio_err, "Error loading PKCS12 file\n");
         goto die;
     }
     /* See if an empty password will do */
diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index 4e837718dc..a2149ce002 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -382,27 +382,27 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri,  X509 *recip, EVP_PKEY *r
         if (!cms_kari_create_ephemeral_key(kari, recipPubKey))
             return 0;
     } else {
-         /* Use originator key */
-         CMS_OriginatorIdentifierOrKey *oik = ri->d.kari->originator;
+        /* Use originator key */
+        CMS_OriginatorIdentifierOrKey *oik = ri->d.kari->originator;
 
-         if (originatorPrivKey == NULL && originator == NULL)
+        if (originatorPrivKey == NULL || originator == NULL)
             return 0;
 
-         if (flags & CMS_USE_ORIGINATOR_KEYID) {
-              oik->type = CMS_OIK_KEYIDENTIFIER;
-              oik->d.subjectKeyIdentifier = ASN1_OCTET_STRING_new();
-              if (oik->d.subjectKeyIdentifier == NULL)
-                   return 0;
-              if (!cms_set1_keyid(&oik->d.subjectKeyIdentifier, originator))
-                   return 0;
-         } else {
-              oik->type = CMS_REK_ISSUER_SERIAL;
-              if (!cms_set1_ias(&oik->d.issuerAndSerialNumber, originator))
-                   return 0;
-         }
-
-         if (!cms_kari_set_originator_private_key(kari, originatorPrivKey))
-             return 0;
+        if (flags & CMS_USE_ORIGINATOR_KEYID) {
+             oik->type = CMS_OIK_KEYIDENTIFIER;
+             oik->d.subjectKeyIdentifier = ASN1_OCTET_STRING_new();
+             if (oik->d.subjectKeyIdentifier == NULL)
+                  return 0;
+             if (!cms_set1_keyid(&oik->d.subjectKeyIdentifier, originator))
+                  return 0;
+        } else {
+             oik->type = CMS_REK_ISSUER_SERIAL;
+             if (!cms_set1_ias(&oik->d.issuerAndSerialNumber, originator))
+                  return 0;
+        }
+
+        if (!cms_kari_set_originator_private_key(kari, originatorPrivKey))
+            return 0;
     }
 
     EVP_PKEY_up_ref(recipPubKey);
@@ -415,7 +415,7 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
 {
     EVP_CIPHER_CTX *ctx = kari->ctx;
     const EVP_CIPHER *kekcipher;
-    int keylen = EVP_CIPHER_key_length(cipher);
+    int keylen;
     int ret;
 
     /* If a suitable wrap algorithm is already set nothing to do */
@@ -425,8 +425,10 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
             return 0;
         return 1;
     }
-    else if (cipher != NULL
-         && (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_GET_WRAP_CIPHER)) {
+    if (cipher == NULL)
+        return 0;
+    keylen = EVP_CIPHER_key_length(cipher);
+    if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_GET_WRAP_CIPHER) != 0) {
         ret = EVP_CIPHER_meth_get_ctrl(cipher)(NULL, EVP_CTRL_GET_WRAP_CIPHER,
                                                0, &kekcipher);
         if (ret <= 0)
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index a5342c4a00..264a4c9ba0 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -950,8 +950,10 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
     ASN1_INTEGER *key = NULL;
     if (keysize > 0) {
         key = ASN1_INTEGER_new();
-        if (key == NULL || !ASN1_INTEGER_set(key, keysize))
+        if (key == NULL || !ASN1_INTEGER_set(key, keysize)) {
+            ASN1_INTEGER_free(key);
             return 0;
+        }
     }
     alg = X509_ALGOR_new();
     if (alg == NULL) {
diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c
index 76e08b8f8f..e067fd8ea5 100644
--- a/crypto/ct/ct_policy.c
+++ b/crypto/ct/ct_policy.c
@@ -40,6 +40,7 @@ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
         ctx->propq = OPENSSL_strdup(propq);
         if (ctx->propq == NULL) {
             CTerr(0, ERR_R_MALLOC_FAILURE);
+            OPENSSL_free(ctx);
             return NULL;
         }
     }
diff --git a/crypto/ct/ct_sct_ctx.c b/crypto/ct/ct_sct_ctx.c
index 99e0c21154..ad7b6e6f93 100644
--- a/crypto/ct/ct_sct_ctx.c
+++ b/crypto/ct/ct_sct_ctx.c
@@ -24,8 +24,10 @@ SCT_CTX *SCT_CTX_new(OPENSSL_CTX *libctx, const char *propq)
 {
     SCT_CTX *sctx = OPENSSL_zalloc(sizeof(*sctx));
 
-    if (sctx == NULL)
+    if (sctx == NULL) {
         CTerr(CT_F_SCT_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
 
     sctx->libctx = libctx;
     if (propq != NULL) {
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index d23fcd42b7..a9c71f33aa 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -95,7 +95,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg,
         case EVP_PKEY_ED25519:
             if (!ED25519_public_from_private(libctx, pubkey, privkey)) {
                 ECerr(EC_F_ECX_KEY_OP, EC_R_FAILED_MAKING_PUBLIC_KEY);
-                return 0;
+                goto err;
             }
             break;
         case EVP_PKEY_X448:
@@ -104,7 +104,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg,
         case EVP_PKEY_ED448:
             if (!ED448_public_from_private(libctx, pubkey, privkey)) {
                 ECerr(EC_F_ECX_KEY_OP, EC_R_FAILED_MAKING_PUBLIC_KEY);
-                return 0;
+                goto err;
             }
             break;
         }
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 122542f6b6..4978ce7a8c 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2559,6 +2559,7 @@ EVP_R_NO_KEYMGMT_AVAILABLE:199:no keymgmt available
 EVP_R_NO_KEYMGMT_PRESENT:196:no keymgmt present
 EVP_R_NO_KEY_SET:154:no key set
 EVP_R_NO_OPERATION_SET:149:no operation set
+EVP_R_NULL_MAC_PKEY_CTX:208:null mac pkey ctx
 EVP_R_ONLY_ONESHOT_SUPPORTED:177:only oneshot supported
 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
 	operation not supported for this keytype
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 3f2b814f18..5b7b4b586c 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -114,6 +114,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_KEYMGMT_PRESENT), "no keymgmt present"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_KEY_SET), "no key set"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_OPERATION_SET), "no operation set"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NULL_MAC_PKEY_CTX), "null mac pkey ctx"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ONLY_ONESHOT_SUPPORTED),
     "only oneshot supported"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 85c1fa281a..c77683a69d 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -317,11 +317,13 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
                                                       data, dsize);
 
  legacy:
-    /* do_sigver_init() checked that |digest_custom| is non-NULL */
-    if (pctx->flag_call_digest_custom
-        && !ctx->pctx->pmeth->digest_custom(ctx->pctx, ctx))
-        return 0;
-    pctx->flag_call_digest_custom = 0;
+    if (pctx != NULL) {
+        /* do_sigver_init() checked that |digest_custom| is non-NULL */
+        if (pctx->flag_call_digest_custom
+            && !ctx->pctx->pmeth->digest_custom(ctx->pctx, ctx))
+            return 0;
+        pctx->flag_call_digest_custom = 0;
+    }
 
     return EVP_DigestUpdate(ctx, data, dsize);
 }
@@ -345,11 +347,13 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
                                                         data, dsize);
 
  legacy:
-    /* do_sigver_init() checked that |digest_custom| is non-NULL */
-    if (pctx->flag_call_digest_custom
-        && !ctx->pctx->pmeth->digest_custom(ctx->pctx, ctx))
-        return 0;
-    pctx->flag_call_digest_custom = 0;
+    if (pctx != NULL) {
+        /* do_sigver_init() checked that |digest_custom| is non-NULL */
+        if (pctx->flag_call_digest_custom
+            && !ctx->pctx->pmeth->digest_custom(ctx->pctx, ctx))
+            return 0;
+        pctx->flag_call_digest_custom = 0;
+    }
 
     return EVP_DigestUpdate(ctx, data, dsize);
 }
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 84fb91412f..bbeb7276fe 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -230,9 +230,11 @@ static int evp_pkey_cmp_any(const EVP_PKEY *a, const EVP_PKEY *b,
      * us to compare types using legacy NIDs.
      */
     if ((a->type != EVP_PKEY_NONE
-         && !EVP_KEYMGMT_is_a(b->keymgmt, OBJ_nid2sn(a->type)))
+         && (b->keymgmt == NULL
+             || !EVP_KEYMGMT_is_a(b->keymgmt, OBJ_nid2sn(a->type))))
         || (b->type != EVP_PKEY_NONE
-            && !EVP_KEYMGMT_is_a(a->keymgmt, OBJ_nid2sn(b->type))))
+            && (a->keymgmt == NULL
+                || !EVP_KEYMGMT_is_a(a->keymgmt, OBJ_nid2sn(b->type)))))
         return -1;               /* not the same key type */
 
     /*
@@ -1210,10 +1212,12 @@ static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str,
          * to the |save_type| field, because |type| is supposed to be set
          * to EVP_PKEY_NONE in that case.
          */
-        if (keymgmt != NULL)
-            pkey->save_type = ameth->pkey_id;
-        else if (pkey->ameth != NULL)
-            pkey->type = ameth->pkey_id;
+        if (ameth != NULL) {
+            if (keymgmt != NULL)
+                pkey->save_type = ameth->pkey_id;
+            else if (pkey->ameth != NULL)
+                pkey->type = ameth->pkey_id;
+        }
 #endif
     }
     return 1;
diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c
index bfd8cd630d..56231e3938 100644
--- a/crypto/evp/pkey_mac.c
+++ b/crypto/evp/pkey_mac.c
@@ -493,13 +493,24 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 }
 
 static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
-                              const char *type, const char *value)
+                             const char *type, const char *value)
 {
     MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
-    const EVP_MAC *mac = EVP_MAC_CTX_mac(hctx->ctx);
+    const EVP_MAC *mac;
     OSSL_PARAM params[2];
     int ok = 0;
 
+    if (hctx == NULL) {
+        EVPerr(0, EVP_R_NULL_MAC_PKEY_CTX);
+        return 0;
+    }
+    if (hctx->ctx == NULL) {
+        /* This actually means the fetch failed during the init call */
+        EVPerr(0, EVP_R_FETCH_FAILED);
+        return 0;
+    }
+    mac = EVP_MAC_CTX_mac(hctx->ctx);
+
     /*
      * Translation of some control names that are equivalent to a single
      * parameter name.
@@ -520,12 +531,6 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
         return 0;
     params[1] = OSSL_PARAM_construct_end();
 
-    if (hctx->ctx == NULL) {
-        /* This actually means the fetch failed during the init call */
-        EVPerr(0, EVP_R_FETCH_FAILED);
-        return 0;
-    }
-
     ok = EVP_MAC_CTX_set_params(hctx->ctx, params);
     OPENSSL_free(params[0].data);
     return ok;
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index dbc6c914e7..dc1dad86ba 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -93,7 +93,7 @@ static int gen_init(EVP_PKEY_CTX *ctx, int operation)
 #endif
 
  end:
-    if (ret <= 0)
+    if (ret <= 0 && ctx != NULL)
         ctx->operation = EVP_PKEY_OP_UNDEFINED;
     return ret;
 
diff --git a/crypto/ffc/ffc_backend.c b/crypto/ffc/ffc_backend.c
index d9b3e2e8af..1cfa427df6 100644
--- a/crypto/ffc/ffc_backend.c
+++ b/crypto/ffc/ffc_backend.c
@@ -63,11 +63,8 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[])
         ffc->pcounter = i;
     }
     prm = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_COFACTOR);
-    if (prm != NULL) {
-        if (!OSSL_PARAM_get_BN(prm, &j))
-            goto err;
-        j = NULL;
-    }
+    if (prm != NULL && !OSSL_PARAM_get_BN(prm, &j))
+        goto err;
     prm = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_H);
     if (prm != NULL) {
         if (!OSSL_PARAM_get_int(prm, &i))
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index b49baec4c1..6c1a70e4bd 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -55,6 +55,8 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
         j = EVP_MD_block_size(md);
         if (!ossl_assert(j <= (int)sizeof(keytmp)))
             return 0;
+        if (j < 0)
+            return 0;
         if (j < len) {
             if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl)
                     || !EVP_DigestUpdate(ctx->md_ctx, key, len)
diff --git a/crypto/param_build.c b/crypto/param_build.c
index c4624ec33e..43b194bcea 100644
--- a/crypto/param_build.c
+++ b/crypto/param_build.c
@@ -361,14 +361,12 @@ OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
         if (s == NULL) {
             CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
                       CRYPTO_R_SECURE_MALLOC_FAILURE);
-            OPENSSL_free(bld);
             return NULL;
         }
     }
     params = OPENSSL_malloc(total);
     if (params == NULL) {
         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
-        OPENSSL_free(bld);
         OPENSSL_secure_free(s);
         return NULL;
     }
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index 3d5a32a0a1..5712aa1791 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -463,7 +463,7 @@ static int rsa_keygen_pairwise_test(RSA *rsa, OSSL_CALLBACK *cb, void *cbarg)
     if (ciphertxt_len <= 0)
         goto err;
     if (ciphertxt_len == plaintxt_len
-        && memcmp(decoded, plaintxt, plaintxt_len) == 0)
+        && memcmp(ciphertxt, plaintxt, plaintxt_len) == 0)
         goto err;
 
     OSSL_SELF_TEST_oncorrupt_byte(st, ciphertxt);
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index ba69cbece2..e1f187995b 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -57,6 +57,7 @@ static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
     TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
     TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
                                 "Error during serial number generation.");
+    ASN1_INTEGER_free(serial);
     return NULL;
 }
 
diff --git a/crypto/x509/v3_tlsf.c b/crypto/x509/v3_tlsf.c
index 597e8eda5e..ec9652aeef 100644
--- a/crypto/x509/v3_tlsf.c
+++ b/crypto/x509/v3_tlsf.c
@@ -91,7 +91,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
 {
     TLS_FEATURE *tlsf;
     char *extval, *endptr;
-    ASN1_INTEGER *ai;
+    ASN1_INTEGER *ai = NULL;
     CONF_VALUE *val;
     int i;
     size_t j;
@@ -130,10 +130,13 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
             X509V3err(X509V3_F_V2I_TLS_FEATURE, ERR_R_MALLOC_FAILURE);
             goto err;
         }
+        /* So it doesn't get purged if an error occurs next time around */
+        ai = NULL;
     }
     return tlsf;
 
  err:
     sk_ASN1_INTEGER_pop_free(tlsf, ASN1_INTEGER_free);
+    ASN1_INTEGER_free(ai);
     return NULL;
 }
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index e5fbd2afd1..fb0469183f 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -3258,6 +3258,7 @@ static int build_chain(X509_STORE_CTX *ctx)
             if (ss < 0) {
                 X509err(X509_F_BUILD_CHAIN, ERR_R_INTERNAL_ERROR);
                 ctx->error = X509_V_ERR_UNSPECIFIED;
+                sk_X509_free(sktmp);
                 return 0;
             }
 
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index 9290cfff94..b8799a6f43 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -10,6 +10,7 @@
 
 #ifndef OPENSSL_EVPERR_H
 # define OPENSSL_EVPERR_H
+# pragma once
 
 # include <openssl/opensslconf.h>
 # include <openssl/symhacks.h>
@@ -223,6 +224,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_NO_KEYMGMT_PRESENT                         196
 # define EVP_R_NO_KEY_SET                                 154
 # define EVP_R_NO_OPERATION_SET                           149
+# define EVP_R_NULL_MAC_PKEY_CTX                          208
 # define EVP_R_ONLY_ONESHOT_SUPPORTED                     177
 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
 # define EVP_R_OPERATON_NOT_INITIALIZED                   151
diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c
index 8d7f8956fc..859f3524a4 100644
--- a/providers/implementations/ciphers/cipher_aes_ocb.c
+++ b/providers/implementations/ciphers/cipher_aes_ocb.c
@@ -153,7 +153,7 @@ static int aes_ocb_block_update_internal(PROV_AES_OCB_CTX *ctx,
     size_t nextblocks;
     size_t outlint = 0;
 
-    if (bufsz != 0)
+    if (*bufsz != 0)
         nextblocks = fillblock(buf, bufsz, AES_BLOCK_SIZE, &in, &inl);
     else
         nextblocks = inl & ~(AES_BLOCK_SIZE-1);
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
index 3bf175b752..181df998ad 100644
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -376,6 +376,7 @@ static void *rsa_gen_init(void *provctx, int selection)
         if ((gctx->pub_exp = BN_new()) == NULL
             || !BN_set_word(gctx->pub_exp, RSA_F4)) {
             BN_free(gctx->pub_exp);
+            OPENSSL_free(gctx);
             gctx = NULL;
         } else {
             gctx->nbits = 2048;
diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c
index 6feaba7695..451b52460c 100644
--- a/providers/implementations/macs/kmac_prov.c
+++ b/providers/implementations/macs/kmac_prov.c
@@ -250,6 +250,8 @@ static int kmac_init(void *vmacctx)
         return 0;
 
     block_len = EVP_MD_block_size(ossl_prov_digest_md(&kctx->digest));
+    if (block_len < 0)
+        return 0;
 
     /* Set default custom string if it is not already set */
     if (kctx->custom_len == 0) {
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 51bfa439f0..408404958e 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -872,7 +872,10 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags)
             untrusted = cpk->chain;
     }
 
-    xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
+    if (s == NULL)
+        xs_ctx = X509_STORE_CTX_new_with_libctx(ctx->libctx, ctx->propq);
+    else
+        xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
     if (xs_ctx == NULL) {
         SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE);
         goto err;
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index e23309e4a3..e81f3656ee 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -608,6 +608,7 @@ int tls13_change_cipher_state(SSL *s, int which)
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                          SSL_F_TLS13_CHANGE_CIPHER_STATE,
                          SSL_R_ALGORITHM_FETCH_FAILED);
+                EVP_MD_CTX_free(mdctx);
                 goto err;
             }
 
diff --git a/test/drbg_extra_test.c b/test/drbg_extra_test.c
index 8d7b8fbf8f..e7c0d77d7f 100644
--- a/test/drbg_extra_test.c
+++ b/test/drbg_extra_test.c
@@ -75,10 +75,8 @@ static int run_extra_kat(const struct drbg_extra_kat *td)
         failures++;
 
 err:
-    if (drbg != NULL) {
-        RAND_DRBG_uninstantiate(drbg);
-        RAND_DRBG_free(drbg);
-    }
+    RAND_DRBG_uninstantiate(drbg);
+    RAND_DRBG_free(drbg);
     return failures == 0;
 }
 
diff --git a/test/param_build_test.c b/test/param_build_test.c
index a253f06318..d2cf78dc97 100644
--- a/test/param_build_test.c
+++ b/test/param_build_test.c
@@ -205,7 +205,7 @@ static int builder_limit_test(void)
     
     for (i = 0; i < n; i++) {
         names[i][0] = 'A' + (i / 26) - 1;
-        names[i][0] = 'a' + (i % 26) - 1;
+        names[i][1] = 'a' + (i % 26) - 1;
         names[i][2] = '\0';
         if (!TEST_true(OSSL_PARAM_BLD_push_int(bld, names[i], 3 * i + 1)))
             goto err;


More information about the openssl-commits mailing list