[openssl] master update

Dr. Paul Dale pauli at openssl.org
Mon Oct 12 00:28:09 UTC 2020


The branch master has been updated
       via  71abae18f5a27656302cb0fc076b0cd98df9e9f0 (commit)
       via  fb33f99409972ea3d217399558d3baed4a57926d (commit)
       via  19431e5e44144b57ab936ddb93fe75fe34279290 (commit)
      from  113adc1f61ce56cc3fcb7404fb521988b792750c (commit)


- Log -----------------------------------------------------------------
commit 71abae18f5a27656302cb0fc076b0cd98df9e9f0
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Oct 9 09:36:50 2020 +1000

    coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen).
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/13091)

commit fb33f99409972ea3d217399558d3baed4a57926d
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Oct 9 09:32:04 2020 +1000

    coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/13091)

commit 19431e5e44144b57ab936ddb93fe75fe34279290
Author: Pauli <paul.dale at oracle.com>
Date:   Thu Oct 8 10:25:06 2020 +1000

    vms: move otherwise dead code into the VMS relevant path.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/13091)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/by_dir.c |  7 +++++--
 test/lhash_test.c    | 25 +++++++++++++++++++++++--
 test/v3nametest.c    |  4 ++--
 3 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 3f44d541cf..f182764899 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -284,6 +284,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
         }
         for (;;) {
             char c = '/';
+
 #ifdef OPENSSL_SYS_VMS
             c = ent->dir[strlen(ent->dir) - 1];
             if (c != ':' && c != '>' && c != ']') {
@@ -297,7 +298,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
             } else {
                 c = '\0';
             }
-#endif
+
             if (c == '\0') {
                 /*
                  * This is special.  When c == '\0', no directory separator
@@ -305,7 +306,9 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
                  */
                 BIO_snprintf(b->data, b->max,
                              "%s%08lx.%s%d", ent->dir, h, postfix, k);
-            } else {
+            } else
+#endif
+            {
                 BIO_snprintf(b->data, b->max,
                              "%s%c%08lx.%s%d", ent->dir, c, h, postfix, k);
             }
diff --git a/test/lhash_test.c b/test/lhash_test.c
index c9dc8b4cee..a9aac5fb86 100644
--- a/test/lhash_test.c
+++ b/test/lhash_test.c
@@ -33,6 +33,7 @@ static int int_tests[] = { 65537, 13, 1, 3, -5, 6, 7, 4, -10, -12, -14, 22, 9,
                            -17, 16, 17, -23, 35, 37, 173, 11 };
 static const unsigned int n_int_tests = OSSL_NELEM(int_tests);
 static short int_found[OSSL_NELEM(int_tests)];
+static short int_not_found;
 
 static unsigned long int int_hash(const int *p)
 {
@@ -56,12 +57,22 @@ static int int_find(int n)
 
 static void int_doall(int *v)
 {
-    int_found[int_find(*v)]++;
+    const int n = int_find(*v);
+
+    if (n < 0)
+        int_not_found++;
+    else
+        int_found[n]++;
 }
 
 static void int_doall_arg(int *p, short *f)
 {
-    f[int_find(*p)]++;
+    const int n = int_find(*p);
+
+    if (n < 0)
+        int_not_found++;
+    else
+        f[n]++;
 }
 
 IMPLEMENT_LHASH_DOALL_ARG(int, short);
@@ -124,7 +135,12 @@ static int test_int_lhash(void)
 
     /* do_all */
     memset(int_found, 0, sizeof(int_found));
+    int_not_found = 0;
     lh_int_doall(h, &int_doall);
+    if (!TEST_int_eq(int_not_found, 0)) {
+        TEST_info("lhash int doall encountered a not found condition");
+        goto end;
+    }
     for (i = 0; i < n_int_tests; i++)
         if (!TEST_int_eq(int_found[i], 1)) {
             TEST_info("lhash int doall %d", i);
@@ -133,7 +149,12 @@ static int test_int_lhash(void)
 
     /* do_all_arg */
     memset(int_found, 0, sizeof(int_found));
+    int_not_found = 0;
     lh_int_doall_short(h, int_doall_arg, int_found);
+    if (!TEST_int_eq(int_not_found, 0)) {
+        TEST_info("lhash int doall arg encountered a not found condition");
+        goto end;
+    }
     for (i = 0; i < n_int_tests; i++)
         if (!TEST_int_eq(int_found[i], 1)) {
             TEST_info("lhash int doall arg %d", i);
diff --git a/test/v3nametest.c b/test/v3nametest.c
index 9b81988ddd..df12c15f09 100644
--- a/test/v3nametest.c
+++ b/test/v3nametest.c
@@ -289,10 +289,10 @@ static int run_cert(X509 *crt, const char *nameincert,
     for (; *pname != NULL; ++pname) {
         int samename = strcasecmp(nameincert, *pname) == 0;
         size_t namelen = strlen(*pname);
-        char *name = OPENSSL_malloc(namelen);
+        char *name = OPENSSL_malloc(namelen + 1);
         int match, ret;
 
-        memcpy(name, *pname, namelen);
+        memcpy(name, *pname, namelen + 1);
 
         match = -1;
         if (!TEST_int_ge(ret = X509_check_host(crt, name, namelen, 0, NULL),


More information about the openssl-commits mailing list