diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-09-07 17:44:38 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-09-07 17:44:38 +1000 |
commit | 309e73dfe067b3b774ef6f57bf665f41373a81ca (patch) | |
tree | 8871e64a5bbf0383be950bfd55d613832a3f4b51 | |
parent | 56456c3404b0ec27f93816d951ff7a58827481f0 (diff) |
Coverity Fixes
x_algor.c: Explicit null dereferenced
cms_sd.c: Resource leak
ts_rsp_sign.c Resource Leak
extensions_srvr.c: Resourse Leak
v3_alt.c: Resourse Leak
pcy_data.c: Resource Leak
cms_lib.c: Resource Leak
drbg_lib.c: Unchecked return code
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12531)
-rw-r--r-- | crypto/asn1/x_algor.c | 12 | ||||
-rw-r--r-- | crypto/cms/cms_lib.c | 3 | ||||
-rw-r--r-- | crypto/cms/cms_sd.c | 4 | ||||
-rw-r--r-- | crypto/rand/drbg_lib.c | 8 | ||||
-rw-r--r-- | crypto/ts/ts_rsp_sign.c | 2 | ||||
-rw-r--r-- | crypto/x509v3/pcy_data.c | 1 | ||||
-rw-r--r-- | crypto/x509v3/v3_alt.c | 1 | ||||
-rw-r--r-- | ssl/statem/extensions_srvr.c | 2 |
8 files changed, 23 insertions, 10 deletions
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index e13daf849b..2046d8f3cf 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -110,13 +110,17 @@ int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src) if ((dest->algorithm = OBJ_dup(src->algorithm)) == NULL) return 0; - if (src->parameter) + if (src->parameter) { + dest->parameter = ASN1_TYPE_new(); + if (dest->parameter == NULL) + return 0; + /* Assuming this is also correct for a BOOL. * set does copy as a side effect. */ if (ASN1_TYPE_set1(dest->parameter, - src->parameter->type, src->parameter->value.ptr) == 0) - return 0; - + src->parameter->type, src->parameter->value.ptr) == 0) + return 0; + } return 1; } diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index 57afba4361..cdd794e211 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -92,12 +92,13 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont) default: CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE); - return NULL; + goto err; } if (cmsbio) return BIO_push(cmsbio, cont); +err: if (!icont) BIO_free(cont); return NULL; diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 29ba4c1b13..6030f07181 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -897,8 +897,10 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, ASN1_INTEGER *key = NULL; if (keysize > 0) { key = ASN1_INTEGER_new(); - if (key == NULL || !ASN1_INTEGER_set(key, keysize)) + if (key == NULL || !ASN1_INTEGER_set(key, keysize)) { + ASN1_INTEGER_free(key); return 0; + } } alg = X509_ALGOR_new(); if (alg == NULL) { diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c index faf0590c6c..73fd4394a3 100644 --- a/crypto/rand/drbg_lib.c +++ b/crypto/rand/drbg_lib.c @@ -330,7 +330,7 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg, drbg->reseed_next_counter = tsan_load(&drbg->reseed_prop_counter); if (drbg->reseed_next_counter) { drbg->reseed_next_counter++; - if(!drbg->reseed_next_counter) + if (!drbg->reseed_next_counter) drbg->reseed_next_counter = 1; } @@ -432,7 +432,7 @@ int RAND_DRBG_reseed(RAND_DRBG *drbg, drbg->reseed_next_counter = tsan_load(&drbg->reseed_prop_counter); if (drbg->reseed_next_counter) { drbg->reseed_next_counter++; - if(!drbg->reseed_next_counter) + if (!drbg->reseed_next_counter) drbg->reseed_next_counter = 1; } @@ -554,7 +554,9 @@ int rand_drbg_restart(RAND_DRBG *drbg, drbg->meth->reseed(drbg, adin, adinlen, NULL, 0); } else if (reseeded == 0) { /* do a full reseeding if it has not been done yet above */ - RAND_DRBG_reseed(drbg, NULL, 0, 0); + if (!RAND_DRBG_reseed(drbg, NULL, 0, 0)) { + RANDerr(RAND_F_RAND_DRBG_RESTART, RAND_R_RESEED_ERROR); + } } } diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c index 041a187da6..342582f024 100644 --- a/crypto/ts/ts_rsp_sign.c +++ b/crypto/ts/ts_rsp_sign.c @@ -57,12 +57,14 @@ static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data) goto err; if (!ASN1_INTEGER_set(serial, 1)) goto err; + return serial; err: TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE); TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, "Error during serial number generation."); + ASN1_INTEGER_free(serial); return NULL; } diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c index 0735059513..62db3b48e2 100644 --- a/crypto/x509v3/pcy_data.c +++ b/crypto/x509v3/pcy_data.c @@ -52,6 +52,7 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE); + ASN1_OBJECT_free(id); return NULL; } ret->expected_policy_set = sk_ASN1_OBJECT_new_null(); diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c index 7ac2911b91..0bcee334a8 100644 --- a/crypto/x509v3/v3_alt.c +++ b/crypto/x509v3/v3_alt.c @@ -275,6 +275,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens) num = sk_GENERAL_NAME_num(ialt); if (!sk_GENERAL_NAME_reserve(gens, num)) { X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE); + sk_GENERAL_NAME_free(ialt); goto err; } diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 3b07c6b940..3c7395c0eb 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1151,7 +1151,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, if (sesstmp == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, ERR_R_INTERNAL_ERROR); - return 0; + goto err; } SSL_SESSION_free(sess); sess = sesstmp; |