[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Tue Mar 23 23:16:58 UTC 2021
The branch master has been updated
via 9ca269af63a5772d3e9c28c4e4893fafb306202e (commit)
via 66325793ccd670c1ad8104666932bdb43cec6e42 (commit)
via 69fb52e0289c3bea809522902530511445826b63 (commit)
via 51d1991ecd5256aa14a41167a9ac6510e8bd7e93 (commit)
via 9ba18520ffaa8109eb63b46ac350c85302d9d05d (commit)
via 1634b2df9f12d3976129ba49e38638e3ab368e3d (commit)
via fe10fa75216cb0e81eeee9bced2b4d26e05bf9e7 (commit)
via 5a14bd153a9c725c3b7b1e02920dc36052320b5b (commit)
via a60b533125c9316a8433b67ad8858d936fe2a426 (commit)
via 711d7ca594ce86179df2c399fd2a6956f9939316 (commit)
from a669418c8eb64d0e3cb62af1794949066a253039 (commit)
- Log -----------------------------------------------------------------
commit 9ca269af63a5772d3e9c28c4e4893fafb306202e
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 12:49:50 2021 +1000
apps: fix coverity 1451544: improper use of negative value
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit 66325793ccd670c1ad8104666932bdb43cec6e42
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 12:46:12 2021 +1000
test: fix coverity 1451534: improper use of negative value
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit 69fb52e0289c3bea809522902530511445826b63
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 12:35:36 2021 +1000
test: fix coverity 1469427: impropery use of negative value
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit 51d1991ecd5256aa14a41167a9ac6510e8bd7e93
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 12:33:32 2021 +1000
test: fix coverity 1454812: improper use of negative value
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit 9ba18520ffaa8109eb63b46ac350c85302d9d05d
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 12:31:43 2021 +1000
test: fix coverity 1451574: improper use of negative value
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit 1634b2df9f12d3976129ba49e38638e3ab368e3d
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 12:09:19 2021 +1000
enc: fix coverity 1451499, 1451501, 1451506, 1451507, 1351511, 1451514, 1451517, 1451523, 1451526m 1451528, 1451539, 1451441, 1451549, 1451568 & 1451572: improper use of negative value
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit fe10fa75216cb0e81eeee9bced2b4d26e05bf9e7
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 11:49:56 2021 +1000
test: fix coverity 1371689 & 1371690: improper use of negative values
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit 5a14bd153a9c725c3b7b1e02920dc36052320b5b
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 11:47:02 2021 +1000
apps: fix coverity 271258: improper use of negative value
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit a60b533125c9316a8433b67ad8858d936fe2a426
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 11:42:35 2021 +1000
err: fix coverity 1452768: dereference after null check
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
commit 711d7ca594ce86179df2c399fd2a6956f9939316
Author: Pauli <ppzgs1 at gmail.com>
Date: Mon Mar 22 09:49:10 2021 +1000
pem: fix coverity 1474426: uninitialised scalar variable.
Based on the value, it would with work properly or produce an error. Most likely seems to have been the former.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14638)
-----------------------------------------------------------------------
Summary of changes:
apps/s_time.c | 8 +++++---
apps/speed.c | 5 ++++-
crypto/err/err_blocks.c | 4 +++-
crypto/evp/e_aria.c | 2 +-
crypto/evp/e_camellia.c | 6 +++++-
crypto/idea/i_cfb64.c | 5 +++++
crypto/idea/i_ofb64.c | 5 +++++
crypto/modes/cfb128.c | 5 +++++
crypto/modes/ctr128.c | 2 +-
crypto/modes/ofb128.c | 5 +++++
crypto/pem/pvkfmt.c | 2 +-
test/bad_dtls_test.c | 6 +++++-
test/clienthellotest.c | 4 ++--
test/endecoder_legacy_test.c | 5 +++--
test/servername_test.c | 4 ++--
test/sslapitest.c | 3 ++-
16 files changed, 54 insertions(+), 17 deletions(-)
diff --git a/apps/s_time.c b/apps/s_time.c
index 386a81a78e..60861642f5 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -127,7 +127,7 @@ int s_time_main(int argc, char **argv)
int maxtime = SECONDS, nConn = 0, perform = 3, ret = 1, i, st_bugs = 0;
long bytes_read = 0, finishtime = 0;
OPTION_CHOICE o;
- int min_version = 0, max_version = 0, ver, buf_len;
+ int min_version = 0, max_version = 0, ver, buf_len, fd;
size_t buf_size;
meth = TLS_client_method();
@@ -346,7 +346,8 @@ int s_time_main(int argc, char **argv)
continue;
}
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
- BIO_closesocket(SSL_get_fd(scon));
+ if ((fd = SSL_get_fd(scon)) >= 0)
+ BIO_closesocket(fd);
nConn = 0;
totalTime = 0.0;
@@ -373,7 +374,8 @@ int s_time_main(int argc, char **argv)
bytes_read += i;
}
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
- BIO_closesocket(SSL_get_fd(scon));
+ if ((fd = SSL_get_fd(scon)) >= 0)
+ BIO_closesocket(fd);
nConn += 1;
if (SSL_session_reused(scon)) {
diff --git a/apps/speed.c b/apps/speed.c
index 0d7a9168c1..30e703632f 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -3613,7 +3613,10 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
ctx = EVP_CIPHER_CTX_new();
EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
- keylen = EVP_CIPHER_CTX_key_length(ctx);
+ if ((keylen = EVP_CIPHER_CTX_key_length(ctx)) < 0) {
+ BIO_printf(bio_err, "Impossible negative key length: %d\n", keylen);
+ return;
+ }
key = app_malloc(keylen, "evp_cipher key");
EVP_CIPHER_CTX_rand_key(ctx, key);
EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
diff --git a/crypto/err/err_blocks.c b/crypto/err/err_blocks.c
index 0a2458f801..0e3ca14f72 100644
--- a/crypto/err/err_blocks.c
+++ b/crypto/err/err_blocks.c
@@ -92,7 +92,8 @@ void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
}
if (printed_len < 0)
printed_len = 0;
- buf[printed_len] = '\0';
+ if (buf != NULL)
+ buf[printed_len] = '\0';
/*
* Try to reduce the size, but only if we maximized above. If that
@@ -103,6 +104,7 @@ void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
if ((rbuf = OPENSSL_realloc(buf, printed_len + 1)) != NULL) {
buf = rbuf;
buf_size = printed_len + 1;
+ buf[printed_len] = '\0';
}
if (buf != NULL)
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index f3a68eb09d..3e64e45f89 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -171,7 +171,7 @@ static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
unsigned int num = EVP_CIPHER_CTX_num(ctx);
- EVP_ARIA_KEY *dat = EVP_C_DATA(EVP_ARIA_KEY,ctx);
+ EVP_ARIA_KEY *dat = EVP_C_DATA(EVP_ARIA_KEY, ctx);
CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv,
EVP_CIPHER_CTX_buf_noconst(ctx), &num,
diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c
index 0d338b8b2f..3e7cd76934 100644
--- a/crypto/evp/e_camellia.c
+++ b/crypto/evp/e_camellia.c
@@ -316,9 +316,13 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
- unsigned int num = EVP_CIPHER_CTX_num(ctx);
+ int snum = EVP_CIPHER_CTX_num(ctx);
+ unsigned int num;
EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
+ if (snum < 0)
+ return 0;
+ num = snum;
if (dat->stream.ctr)
CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, ctx->iv,
EVP_CIPHER_CTX_buf_noconst(ctx), &num,
diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c
index b9db1639cf..a477799edf 100644
--- a/crypto/idea/i_cfb64.c
+++ b/crypto/idea/i_cfb64.c
@@ -33,6 +33,11 @@ void IDEA_cfb64_encrypt(const unsigned char *in, unsigned char *out,
unsigned long ti[2];
unsigned char *iv, c, cc;
+ if (n < 0) {
+ *num = -1;
+ return;
+ }
+
iv = (unsigned char *)ivec;
if (encrypt) {
while (l--) {
diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c
index 89ac18ce91..246886bdc4 100644
--- a/crypto/idea/i_ofb64.c
+++ b/crypto/idea/i_ofb64.c
@@ -35,6 +35,11 @@ void IDEA_ofb64_encrypt(const unsigned char *in, unsigned char *out,
unsigned char *iv;
int save = 0;
+ if (n < 0) {
+ *num = -1;
+ return;
+ }
+
iv = (unsigned char *)ivec;
n2l(iv, v0);
n2l(iv, v1);
diff --git a/crypto/modes/cfb128.c b/crypto/modes/cfb128.c
index fa94f047b5..f9c3c60536 100644
--- a/crypto/modes/cfb128.c
+++ b/crypto/modes/cfb128.c
@@ -30,6 +30,11 @@ void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
unsigned int n;
size_t l = 0;
+ if (*num < 0) {
+ /* There is no good way to signal an error return from here */
+ *num = -1;
+ return;
+ }
n = *num;
if (enc) {
diff --git a/crypto/modes/ctr128.c b/crypto/modes/ctr128.c
index b902ee9b0b..2147751c58 100644
--- a/crypto/modes/ctr128.c
+++ b/crypto/modes/ctr128.c
@@ -155,7 +155,7 @@ void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
{
unsigned int n, ctr32;
- n = *num;
+ n = *num;
while (n && len) {
*(out++) = *(in++) ^ ecount_buf[n];
diff --git a/crypto/modes/ofb128.c b/crypto/modes/ofb128.c
index 829d724e2a..0b21380208 100644
--- a/crypto/modes/ofb128.c
+++ b/crypto/modes/ofb128.c
@@ -29,6 +29,11 @@ void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
unsigned int n;
size_t l = 0;
+ if (*num < 0) {
+ /* There is no good way to signal an error return from here */
+ *num = -1;
+ return;
+ }
n = *num;
#if !defined(OPENSSL_SMALL_FOOTPRINT)
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index bc6f6fab71..432fd34618 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -323,7 +323,7 @@ EVP_PKEY *ossl_b2i_bio(BIO *in, int *ispub)
const unsigned char *p;
unsigned char hdr_buf[16], *buf = NULL;
unsigned int bitlen, magic, length;
- int isdss;
+ int isdss = -1;
void *key = NULL;
EVP_PKEY *pkey = NULL;
diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c
index 524ec52cf0..52333e860c 100644
--- a/test/bad_dtls_test.c
+++ b/test/bad_dtls_test.c
@@ -122,7 +122,8 @@ static int validate_client_hello(BIO *wbio)
int cookie_found = 0;
unsigned int u = 0;
- len = BIO_get_mem_data(wbio, (char **)&data);
+ if ((len = BIO_get_mem_data(wbio, (char **)&data)) < 0)
+ return 0;
if (!PACKET_buf_init(&pkt, data, len))
return 0;
@@ -391,6 +392,9 @@ static int validate_ccs(BIO *wbio)
unsigned int u;
len = BIO_get_mem_data(wbio, (char **)&data);
+ if (len < 0)
+ return 0;
+
if (!PACKET_buf_init(&pkt, data, len))
return 0;
diff --git a/test/clienthellotest.c b/test/clienthellotest.c
index 6d7fb49965..04ff4184ae 100644
--- a/test/clienthellotest.c
+++ b/test/clienthellotest.c
@@ -185,8 +185,8 @@ static int test_client_hello(int currtest)
goto end;
}
- len = BIO_get_mem_data(wbio, (char **)&data);
- if (!TEST_true(PACKET_buf_init(&pkt, data, len))
+ if (!TEST_long_ge(len = BIO_get_mem_data(wbio, (char **)&data), 0)
+ || !TEST_true(PACKET_buf_init(&pkt, data, len))
/* Skip the record header */
|| !PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH))
goto end;
diff --git a/test/endecoder_legacy_test.c b/test/endecoder_legacy_test.c
index c72d15bdaa..999b791d63 100644
--- a/test/endecoder_legacy_test.c
+++ b/test/endecoder_legacy_test.c
@@ -289,8 +289,9 @@ static int test_membio_str_eq(BIO *bio_provided, BIO *bio_legacy)
long len_provided = BIO_get_mem_data(bio_provided, &str_provided);
long len_legacy = BIO_get_mem_data(bio_legacy, &str_legacy);
- return TEST_strn2_eq(str_provided, len_provided,
- str_legacy, len_legacy);
+ return TEST_long_ge(len_provided, 0)
+ && TEST_strn2_eq(str_provided, len_provided,
+ str_legacy, len_legacy);
}
static int test_protected_PEM(const char *keytype, int evp_type,
diff --git a/test/servername_test.c b/test/servername_test.c
index ddf0417bc6..b417f8bcac 100644
--- a/test/servername_test.c
+++ b/test/servername_test.c
@@ -52,8 +52,8 @@ static int get_sni_from_client_hello(BIO *bio, char **sni)
memset(&pkt4, 0, sizeof(pkt4));
memset(&pkt5, 0, sizeof(pkt5));
- len = BIO_get_mem_data(bio, (char **)&data);
- if (!TEST_true(PACKET_buf_init(&pkt, data, len))
+ if (!TEST_long_ge(len = BIO_get_mem_data(bio, (char **)&data), 0)
+ || !TEST_true(PACKET_buf_init(&pkt, data, len))
/* Skip the record header */
|| !PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH)
/* Skip the handshake message header */
diff --git a/test/sslapitest.c b/test/sslapitest.c
index edaadb170f..3e5d532bf4 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -5960,7 +5960,8 @@ static int get_MFL_from_client_hello(BIO *bio, int *mfl_codemfl_code)
memset(&pkt2, 0, sizeof(pkt2));
memset(&pkt3, 0, sizeof(pkt3));
- if (!TEST_true( PACKET_buf_init( &pkt, data, len ) )
+ if (!TEST_long_gt(len, 0)
+ || !TEST_true( PACKET_buf_init( &pkt, data, len ) )
/* Skip the record header */
|| !PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH)
/* Skip the handshake message header */
More information about the openssl-commits
mailing list