[openssl] openssl-3.0 update
Dr. Paul Dale
pauli at openssl.org
Tue Jan 11 02:07:58 UTC 2022
The branch openssl-3.0 has been updated
via 576cc3ecb34a8909bf549798430de95fc0fb4042 (commit)
from afaa7755aa3e577348e1267d5ad34da695292917 (commit)
- Log -----------------------------------------------------------------
commit 576cc3ecb34a8909bf549798430de95fc0fb4042
Author: Peiwei Hu <jlu.hpw at foxmail.com>
Date: Wed Jan 5 23:17:53 2022 +0800
Fix: some patches related to error exiting
Signed-off-by: Peiwei Hu <jlu.hpw at foxmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17443)
-----------------------------------------------------------------------
Summary of changes:
apps/verify.c | 1 +
crypto/ec/ec_lib.c | 4 ++--
crypto/x509/v3_crld.c | 1 +
crypto/x509/v3_sxnet.c | 8 +++++---
ssl/statem/statem_clnt.c | 2 +-
test/evp_test.c | 2 +-
6 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/apps/verify.c b/apps/verify.c
index acf80c65c4..a403f301fc 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -263,6 +263,7 @@ static int check(X509_STORE *ctx, const char *file,
if (x509_ctrl_string(x, opt) <= 0) {
BIO_printf(bio_err, "parameter error \"%s\"\n", opt);
ERR_print_errors(bio_err);
+ X509_free(x);
return 0;
}
}
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 3d3cf96962..2d85d4f23a 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -1710,8 +1710,8 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ENCODING);
if (ptmp != NULL
&& !ossl_ec_encoding_param2id(ptmp, &encoding_flag)) {
- ECerr(0, EC_R_INVALID_ENCODING);
- return 0;
+ ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
+ goto err;
}
if (encoding_flag == OPENSSL_EC_NAMED_CURVE) {
ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index bc755f5f0d..e704d419f7 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -83,6 +83,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
return -1;
dnsect = X509V3_get_section(ctx, cnf->value);
if (!dnsect) {
+ X509_NAME_free(nm);
ERR_raise(ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND);
return -1;
}
diff --git a/crypto/x509/v3_sxnet.c b/crypto/x509/v3_sxnet.c
index 3e5ae048be..4c925900dd 100644
--- a/crypto/x509/v3_sxnet.c
+++ b/crypto/x509/v3_sxnet.c
@@ -167,11 +167,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user,
goto err;
if (!ASN1_INTEGER_set(sx->version, 0))
goto err;
- *psx = sx;
} else
sx = *psx;
if (SXNET_get_id_INTEGER(sx, zone)) {
ERR_raise(ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID);
+ if (*psx == NULL)
+ SXNET_free(sx);
return 0;
}
@@ -185,13 +186,14 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user,
if (!sk_SXNETID_push(sx->ids, id))
goto err;
id->zone = zone;
+ *psx = sx;
return 1;
err:
ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
SXNETID_free(id);
- SXNET_free(sx);
- *psx = NULL;
+ if (*psx == NULL)
+ SXNET_free(sx);
return 0;
}
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 435888db21..f4e2c15600 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2926,7 +2926,7 @@ static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt)
encoded_pub_len = EVP_PKEY_get1_encoded_public_key(ckey, &encoded_pub);
if (encoded_pub_len == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- EVP_PKEY_free(skey);
+ EVP_PKEY_free(ckey);
return EXT_RETURN_FAIL;
}
diff --git a/test/evp_test.c b/test/evp_test.c
index eda8c827f9..47d4e6c878 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -2516,7 +2516,7 @@ static int rand_test_run(EVP_TEST *t)
item->pr_entropyB_len);
params[1] = OSSL_PARAM_construct_end();
if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params)))
- return 0;
+ goto err;
}
if (!TEST_true(EVP_RAND_generate
(expected->ctx, got, got_len,
More information about the openssl-commits
mailing list