[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Thu Mar 25 22:44:56 UTC 2021
The branch master has been updated
via 3c4c8dd84ac18345a44120bb28f7fc85e33da093 (commit)
via 26d5244253f94b6bd0fa41d4a222c827d8c5b3fe (commit)
via fbe286a36efffacc846c9134c4f000f2a49355a0 (commit)
via 993237a8b678a888c05bc88d6c872be74696b768 (commit)
from 8f4cddbc903a402abb9f39c2e220ee3858188655 (commit)
- Log -----------------------------------------------------------------
commit 3c4c8dd84ac18345a44120bb28f7fc85e33da093
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Mar 19 13:05:16 2021 +1000
encoder: fix coverity 1473235: null dereference
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14618)
commit 26d5244253f94b6bd0fa41d4a222c827d8c5b3fe
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Mar 19 10:23:12 2021 +1000
apps: fix coverity 1470781: explicit null dereference
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14618)
commit fbe286a36efffacc846c9134c4f000f2a49355a0
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Mar 19 10:19:18 2021 +1000
sm2: fix coverity 1467503: explicit null dereference
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14618)
commit 993237a8b678a888c05bc88d6c872be74696b768
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Mar 19 10:17:11 2021 +1000
rsa: fix coverity 1463571: explicit null dereference
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14618)
-----------------------------------------------------------------------
Summary of changes:
apps/gendsa.c | 8 ++++----
crypto/encode_decode/encoder_pkey.c | 2 +-
providers/implementations/keymgmt/rsa_kmgmt.c | 11 +++++------
providers/implementations/signature/sm2sig.c | 2 +-
4 files changed, 11 insertions(+), 12 deletions(-)
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 13ac69d37d..482191d8bf 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -60,8 +60,7 @@ int gendsa_main(int argc, char **argv)
char *dsaparams = NULL, *ciphername = NULL;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
OPTION_CHOICE o;
- int ret = 1, private = 0, verbose = 0;
- const BIGNUM *p = NULL;
+ int ret = 1, private = 0, verbose = 0, nbits;
prog = opt_init(argc, argv, gendsa_options);
while ((o = opt_next()) != OPT_EOF) {
@@ -126,7 +125,8 @@ int gendsa_main(int argc, char **argv)
if (out == NULL)
goto end2;
- if (EVP_PKEY_bits(pkey) > OPENSSL_DSA_MAX_MODULUS_BITS)
+ nbits = EVP_PKEY_bits(pkey);
+ if (nbits > OPENSSL_DSA_MAX_MODULUS_BITS)
BIO_printf(bio_err,
"Warning: It is not recommended to use more than %d bit for DSA keys.\n"
" Your key size is %d! Larger key size may behave not as expected.\n",
@@ -144,7 +144,7 @@ int gendsa_main(int argc, char **argv)
goto end;
}
if (verbose)
- BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(p));
+ BIO_printf(bio_err, "Generating DSA key, %d bits\n", nbits);
if (EVP_PKEY_keygen(ctx, &pkey) <= 0) {
BIO_printf(bio_err, "unable to generate key\n");
goto end;
diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c
index fc5a391420..713aa44131 100644
--- a/crypto/encode_decode/encoder_pkey.c
+++ b/crypto/encode_decode/encoder_pkey.c
@@ -261,7 +261,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx,
}
}
- if (OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0) {
+ if (data != NULL && OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0) {
if (!OSSL_ENCODER_CTX_set_construct(ctx, encoder_construct_pkey)
|| !OSSL_ENCODER_CTX_set_construct_data(ctx, data)
|| !OSSL_ENCODER_CTX_set_cleanup(ctx, encoder_destruct_pkey))
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
index 394f3836dd..eac3843884 100644
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -435,16 +435,15 @@ static void *gen_init(void *provctx, int selection, int rsa_type,
|| !BN_set_word(gctx->pub_exp, RSA_F4)) {
BN_free(gctx->pub_exp);
OPENSSL_free(gctx);
- gctx = NULL;
- } else {
- gctx->nbits = 2048;
- gctx->primes = RSA_DEFAULT_PRIME_NUM;
- gctx->rsa_type = rsa_type;
+ return NULL;
}
+ gctx->nbits = 2048;
+ gctx->primes = RSA_DEFAULT_PRIME_NUM;
+ gctx->rsa_type = rsa_type;
}
if (!rsa_gen_set_params(gctx, params)) {
OPENSSL_free(gctx);
- gctx = NULL;
+ return NULL;
}
return gctx;
}
diff --git a/providers/implementations/signature/sm2sig.c b/providers/implementations/signature/sm2sig.c
index 6fb0ff919b..9016aefc02 100644
--- a/providers/implementations/signature/sm2sig.c
+++ b/providers/implementations/signature/sm2sig.c
@@ -105,8 +105,8 @@ static void *sm2sig_newctx(void *provctx, const char *propq)
ctx->libctx = PROV_LIBCTX_OF(provctx);
if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) {
OPENSSL_free(ctx);
- ctx = NULL;
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ return NULL;
}
/* don't allow to change MD, and in fact there is no such need */
ctx->flag_allow_md = 0;
More information about the openssl-commits
mailing list