[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Fri Jan 7 10:11:49 UTC 2022
The branch master has been updated
via 10481d33844218694929a7bad57314411a33ab74 (commit)
from 22778abad905536fa6c93cdc6fffc8c736dfee79 (commit)
- Log -----------------------------------------------------------------
commit 10481d33844218694929a7bad57314411a33ab74
Author: Peiwei Hu <jlu.hpw at foxmail.com>
Date: Wed Jan 5 23:17:53 2022 +0800
Fix: some patches related to error exiting
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17417)
-----------------------------------------------------------------------
Summary of changes:
apps/verify.c | 1 +
crypto/ec/ec_lib.c | 4 ++--
crypto/objects/obj_dat.c | 5 +++--
crypto/x509/v3_crld.c | 1 +
crypto/x509/v3_sxnet.c | 8 +++++---
ssl/statem/statem_clnt.c | 2 +-
test/evp_test.c | 2 +-
7 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/apps/verify.c b/apps/verify.c
index 24bbebf3f3..d504acd5b8 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -263,6 +263,7 @@ static int check(X509_STORE *ctx, const char *file,
if (x509_ctrl_string(x, opt) <= 0) {
BIO_printf(bio_err, "parameter error \"%s\"\n", opt);
ERR_print_errors(bio_err);
+ X509_free(x);
return 0;
}
}
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 3d3cf96962..2d85d4f23a 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -1710,8 +1710,8 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ENCODING);
if (ptmp != NULL
&& !ossl_ec_encoding_param2id(ptmp, &encoding_flag)) {
- ECerr(0, EC_R_INVALID_ENCODING);
- return 0;
+ ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
+ goto err;
}
if (encoding_flag == OPENSSL_EC_NAMED_CURVE) {
ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index eef80d63ce..26d2508e86 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -747,16 +747,17 @@ int OBJ_create(const char *oid, const char *sn, const char *ln)
if ((sn != NULL && OBJ_sn2nid(sn) != NID_undef)
|| (ln != NULL && OBJ_ln2nid(ln) != NID_undef)) {
ERR_raise(ERR_LIB_OBJ, OBJ_R_OID_EXISTS);
- goto err;
+ return 0;
}
/* Convert numerical OID string to an ASN1_OBJECT structure */
tmpoid = OBJ_txt2obj(oid, 1);
if (tmpoid == NULL)
- goto err;
+ return 0;
if (!ossl_obj_write_lock(1)) {
ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_WRITE_LOCK);
+ ASN1_OBJECT_free(tmpoid);
return 0;
}
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index b831f775db..0f239ca568 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -83,6 +83,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
return -1;
dnsect = X509V3_get_section(ctx, cnf->value);
if (!dnsect) {
+ X509_NAME_free(nm);
ERR_raise(ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND);
return -1;
}
diff --git a/crypto/x509/v3_sxnet.c b/crypto/x509/v3_sxnet.c
index 4b19ce07d5..9d4113386a 100644
--- a/crypto/x509/v3_sxnet.c
+++ b/crypto/x509/v3_sxnet.c
@@ -167,11 +167,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user,
goto err;
if (!ASN1_INTEGER_set(sx->version, 0))
goto err;
- *psx = sx;
} else
sx = *psx;
if (SXNET_get_id_INTEGER(sx, zone)) {
ERR_raise(ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID);
+ if (*psx == NULL)
+ SXNET_free(sx);
return 0;
}
@@ -183,13 +184,14 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user,
if (!sk_SXNETID_push(sx->ids, id))
goto err;
id->zone = zone;
+ *psx = sx;
return 1;
err:
ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
SXNETID_free(id);
- SXNET_free(sx);
- *psx = NULL;
+ if (*psx == NULL)
+ SXNET_free(sx);
return 0;
}
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index b7e40e6db8..05f915bd91 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2926,7 +2926,7 @@ static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt)
encoded_pub_len = EVP_PKEY_get1_encoded_public_key(ckey, &encoded_pub);
if (encoded_pub_len == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- EVP_PKEY_free(skey);
+ EVP_PKEY_free(ckey);
return EXT_RETURN_FAIL;
}
diff --git a/test/evp_test.c b/test/evp_test.c
index 6ae862b044..d068d6fa8e 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -2510,7 +2510,7 @@ static int rand_test_run(EVP_TEST *t)
item->pr_entropyB_len);
params[1] = OSSL_PARAM_construct_end();
if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params)))
- return 0;
+ goto err;
}
if (!TEST_true(EVP_RAND_generate
(expected->ctx, got, got_len,
More information about the openssl-commits
mailing list