Fix a crash in EVP_CIPHER_CTX_cleanup due to cipher_data may be NULL

or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed. If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL, aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2562) (cherry picked from commit 273a0218e65f1737cdbb0ef65a5ddebd601e6bef)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-02-06 13:37:42 +0100
committer: Matt Caswell <matt@openssl.org> 2017-02-07 09:16:14 +0000
commit: f8b21b98e96096eac702b814900100be922c6534 (patch)
tree: d077aebdfe11440386055942522f0d13c222d394 /crypto/evp
parent: 85342b7d4ffa26fb0316c9cb5574a0d0bedc8a1e (diff)
2 files changed, 10 insertions, 1 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 619c6f85cb..17822f20ef 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1268,6 +1268,8 @@ BLOCK_CIPHER_generic_pack(NID_aes, 128, 0)
 static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
 {
     EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,c);
+    if (gctx == NULL)
+        return 0;
     OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
     if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(c))
         OPENSSL_free(gctx->iv);
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index bb6dd67c8c..bce2b5720c 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -125,6 +125,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         if (ctx->cipher->ctx_size) {
             ctx->cipher_data = OPENSSL_zalloc(ctx->cipher->ctx_size);
             if (ctx->cipher_data == NULL) {
+                ctx->cipher = NULL;
                 EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
                 return 0;
             }
@@ -136,6 +137,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
         if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
             if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
+                ctx->cipher = NULL;
                 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
                 return 0;
             }
@@ -616,6 +618,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
     if (in->cipher_data && in->cipher->ctx_size) {
         out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
         if (out->cipher_data == NULL) {
+            out->cipher = NULL;
             EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
             return 0;
         }
@@ -623,6 +626,10 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
     }
 
     if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
-        return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
+        if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out)) {
+            out->cipher = NULL;
+            EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INITIALIZATION_ERROR);
+            return 0;
+        }
     return 1;
 }
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-02-06 13:37:42 +0100
committer	Matt Caswell <matt@openssl.org>	2017-02-07 09:16:14 +0000
commit	f8b21b98e96096eac702b814900100be922c6534 (patch)
tree	d077aebdfe11440386055942522f0d13c222d394 /crypto/evp
parent	85342b7d4ffa26fb0316c9cb5574a0d0bedc8a1e (diff)