[openssl] OpenSSL_1_1_1-stable update
shane.lontis at oracle.com
shane.lontis at oracle.com
Mon Sep 7 07:49:43 UTC 2020
The branch OpenSSL_1_1_1-stable has been updated
via 309e73dfe067b3b774ef6f57bf665f41373a81ca (commit)
from 56456c3404b0ec27f93816d951ff7a58827481f0 (commit)
- Log -----------------------------------------------------------------
commit 309e73dfe067b3b774ef6f57bf665f41373a81ca
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Mon Sep 7 17:44:38 2020 +1000
Coverity Fixes
x_algor.c: Explicit null dereferenced
cms_sd.c: Resource leak
ts_rsp_sign.c Resource Leak
extensions_srvr.c: Resourse Leak
v3_alt.c: Resourse Leak
pcy_data.c: Resource Leak
cms_lib.c: Resource Leak
drbg_lib.c: Unchecked return code
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12531)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/x_algor.c | 12 ++++++++----
crypto/cms/cms_lib.c | 3 ++-
crypto/cms/cms_sd.c | 4 +++-
crypto/rand/drbg_lib.c | 8 +++++---
crypto/ts/ts_rsp_sign.c | 2 ++
crypto/x509v3/pcy_data.c | 1 +
crypto/x509v3/v3_alt.c | 1 +
ssl/statem/extensions_srvr.c | 2 +-
8 files changed, 23 insertions(+), 10 deletions(-)
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
index e13daf849b..2046d8f3cf 100644
--- a/crypto/asn1/x_algor.c
+++ b/crypto/asn1/x_algor.c
@@ -110,13 +110,17 @@ int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src)
if ((dest->algorithm = OBJ_dup(src->algorithm)) == NULL)
return 0;
- if (src->parameter)
+ if (src->parameter) {
+ dest->parameter = ASN1_TYPE_new();
+ if (dest->parameter == NULL)
+ return 0;
+
/* Assuming this is also correct for a BOOL.
* set does copy as a side effect.
*/
if (ASN1_TYPE_set1(dest->parameter,
- src->parameter->type, src->parameter->value.ptr) == 0)
- return 0;
-
+ src->parameter->type, src->parameter->value.ptr) == 0)
+ return 0;
+ }
return 1;
}
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 57afba4361..cdd794e211 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -92,12 +92,13 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
default:
CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
- return NULL;
+ goto err;
}
if (cmsbio)
return BIO_push(cmsbio, cont);
+err:
if (!icont)
BIO_free(cont);
return NULL;
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 29ba4c1b13..6030f07181 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -897,8 +897,10 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
ASN1_INTEGER *key = NULL;
if (keysize > 0) {
key = ASN1_INTEGER_new();
- if (key == NULL || !ASN1_INTEGER_set(key, keysize))
+ if (key == NULL || !ASN1_INTEGER_set(key, keysize)) {
+ ASN1_INTEGER_free(key);
return 0;
+ }
}
alg = X509_ALGOR_new();
if (alg == NULL) {
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index faf0590c6c..73fd4394a3 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -330,7 +330,7 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
drbg->reseed_next_counter = tsan_load(&drbg->reseed_prop_counter);
if (drbg->reseed_next_counter) {
drbg->reseed_next_counter++;
- if(!drbg->reseed_next_counter)
+ if (!drbg->reseed_next_counter)
drbg->reseed_next_counter = 1;
}
@@ -432,7 +432,7 @@ int RAND_DRBG_reseed(RAND_DRBG *drbg,
drbg->reseed_next_counter = tsan_load(&drbg->reseed_prop_counter);
if (drbg->reseed_next_counter) {
drbg->reseed_next_counter++;
- if(!drbg->reseed_next_counter)
+ if (!drbg->reseed_next_counter)
drbg->reseed_next_counter = 1;
}
@@ -554,7 +554,9 @@ int rand_drbg_restart(RAND_DRBG *drbg,
drbg->meth->reseed(drbg, adin, adinlen, NULL, 0);
} else if (reseeded == 0) {
/* do a full reseeding if it has not been done yet above */
- RAND_DRBG_reseed(drbg, NULL, 0, 0);
+ if (!RAND_DRBG_reseed(drbg, NULL, 0, 0)) {
+ RANDerr(RAND_F_RAND_DRBG_RESTART, RAND_R_RESEED_ERROR);
+ }
}
}
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index 041a187da6..342582f024 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -57,12 +57,14 @@ static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
goto err;
if (!ASN1_INTEGER_set(serial, 1))
goto err;
+
return serial;
err:
TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
"Error during serial number generation.");
+ ASN1_INTEGER_free(serial);
return NULL;
}
diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
index 0735059513..62db3b48e2 100644
--- a/crypto/x509v3/pcy_data.c
+++ b/crypto/x509v3/pcy_data.c
@@ -52,6 +52,7 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE);
+ ASN1_OBJECT_free(id);
return NULL;
}
ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 7ac2911b91..0bcee334a8 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -275,6 +275,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
num = sk_GENERAL_NAME_num(ialt);
if (!sk_GENERAL_NAME_reserve(gens, num)) {
X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE);
+ sk_GENERAL_NAME_free(ialt);
goto err;
}
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 3b07c6b940..3c7395c0eb 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1151,7 +1151,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
if (sesstmp == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_PARSE_CTOS_PSK, ERR_R_INTERNAL_ERROR);
- return 0;
+ goto err;
}
SSL_SESSION_free(sess);
sess = sesstmp;
More information about the openssl-commits
mailing list