summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorRich Salz <rsalz@openssl.org>2016-08-19 10:31:03 -0400
committerRich Salz <rsalz@openssl.org>2016-08-19 10:44:32 -0400
commita03f81f4ead24c234dc26e388d86a352685f3948 (patch)
tree52d615c7c60f258f755f4fae2a38dc9412098bcd /crypto
parent66e708326524929a0e1631f8d1ef6e63c153922c (diff)
Fix NULL-return checks in 1.0.2
RT4386: Add sanity checks for BN_new() RT4384: Missing Sanity Checks for RSA_new_method() RT4384: Missing Sanity Check plus potential NULL pointer deref RT4382: Missing Sanity Check(s) for BUF_strdup() RT4380: Missing Sanity Checks for EVP_PKEY_new() RT4377: Prevent potential NULL pointer dereference RT4375: Missing sanity checks for OPENSSL_malloc() RT4374: Potential for NULL pointer dereferences RT4371: Missing Sanity Check for malloc() RT4370: Potential for NULL pointer dereferences Also expand tabs, make update, typo fix (rsalz) Minor tweak by Paul Dale. Some minor internal review feedback. Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/asn1/asn_mime.c2
-rw-r--r--crypto/bio/bss_rtcp.c2
-rw-r--r--crypto/conf/conf_mod.c4
-rw-r--r--crypto/engine/eng_cryptodev.c6
-rw-r--r--crypto/evp/openbsd_hw.c22
-rw-r--r--crypto/evp/pmeth_gn.c5
-rw-r--r--crypto/jpake/jpake.c4
-rw-r--r--crypto/pkcs7/pk7_doit.c2
-rw-r--r--crypto/ui/ui_lib.c2
-rw-r--r--crypto/x509/by_dir.c4
-rw-r--r--crypto/x509v3/v3_alt.c2
11 files changed, 54 insertions, 1 deletions
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index 9fd5bef0fc..5170906c62 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -623,6 +623,8 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
if (bpart)
sk_BIO_push(parts, bpart);
bpart = BIO_new(BIO_s_mem());
+ if (bpart == NULL)
+ return 1;
BIO_set_mem_eof_return(bpart, 0);
} else if (eol)
BIO_write(bpart, "\r\n", 2);
diff --git a/crypto/bio/bss_rtcp.c b/crypto/bio/bss_rtcp.c
index 09f14f48dc..5c98a8234d 100644
--- a/crypto/bio/bss_rtcp.c
+++ b/crypto/bio/bss_rtcp.c
@@ -170,6 +170,8 @@ static int rtcp_new(BIO *bi)
bi->num = 0;
bi->flags = 0;
bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx));
+ if (bi->ptr == NULL)
+ return (0);
ctx = (struct rpc_ctx *)bi->ptr;
ctx->filled = 0;
ctx->pos = 0;
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 9acfca4f71..e0c9a67ff6 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -288,6 +288,10 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
tmod->dso = dso;
tmod->name = BUF_strdup(name);
+ if (tmod->name == NULL) {
+ OPENSSL_free(tmod);
+ return NULL;
+ }
tmod->init = ifunc;
tmod->finish = ffunc;
tmod->links = 0;
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index 5a2ca6d72e..65a74df236 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -935,11 +935,15 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
return (0);
}
+ dstate->mac_len = fstate->mac_len;
if (fstate->mac_len != 0) {
if (fstate->mac_data != NULL) {
dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
+ if (dstate->ac_data == NULL) {
+ printf("cryptodev_digest_init: malloc failed\n");
+ return 0;
+ }
memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
- dstate->mac_len = fstate->mac_len;
}
}
diff --git a/crypto/evp/openbsd_hw.c b/crypto/evp/openbsd_hw.c
index 75d12e2330..07decf2674 100644
--- a/crypto/evp/openbsd_hw.c
+++ b/crypto/evp/openbsd_hw.c
@@ -133,6 +133,10 @@ static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx, int cipher,
return 0;
CDATA(ctx)->key = OPENSSL_malloc(MAX_HW_KEY);
+ if (CDATA(ctx)->key == NULL {
+ err("CDATA(ctx)->key memory allocation failed");
+ return 0;
+ }
assert(ctx->cipher->iv_len <= MAX_HW_IV);
@@ -186,6 +190,11 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (((unsigned long)in & 3) || cinl != inl) {
cin = OPENSSL_malloc(cinl);
+ if (cin == NULL) {
+ err("cin - memory allocation failed");
+ abort();
+ return 0;
+ }
memcpy(cin, in, inl);
cryp.src = cin;
}
@@ -334,6 +343,11 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len)
char *dcopy;
dcopy = OPENSSL_malloc(len);
+ if (dcopy == NULL) {
+ err("dcopy - memory allocation failed");
+ abort();
+ return 0;
+ }
memcpy(dcopy, data, len);
cryp.src = dcopy;
cryp.dst = cryp.src; // FIXME!!!
@@ -364,6 +378,10 @@ static int dev_crypto_md5_update(EVP_MD_CTX *ctx, const void *data,
return do_digest(md_data->sess.ses, md_data->md, data, len);
md_data->data = OPENSSL_realloc(md_data->data, md_data->len + len);
+ if (md_data->data == NULL) {
+ err("DEV_CRYPTO_MD5_UPDATE: unable to allocate memory");
+ abort();
+ }
memcpy(md_data->data + md_data->len, data, len);
md_data->len += len;
@@ -397,6 +415,10 @@ static int dev_crypto_md5_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
assert(from->digest->flags & EVP_MD_FLAG_ONESHOT);
to_md->data = OPENSSL_malloc(from_md->len);
+ if (to_md->data == NULL) {
+ err("DEV_CRYPTO_MD5_COPY: unable to allocate memory");
+ abort();
+ }
memcpy(to_md->data, from_md->data, from_md->len);
return 1;
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index 6a4d3573ff..6d7b5d7242 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -154,6 +154,11 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
if (*ppkey == NULL)
return -1;
+ if (*ppkey == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_KEYGEN, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+
ret = ctx->pmeth->keygen(ctx, *ppkey);
if (ret <= 0) {
EVP_PKEY_free(*ppkey);
diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c
index ebc0975575..1815735325 100644
--- a/crypto/jpake/jpake.c
+++ b/crypto/jpake/jpake.c
@@ -116,6 +116,8 @@ JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
const BIGNUM *secret)
{
JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+ if (ctx == NULL)
+ return NULL;
JPAKE_CTX_init(ctx, name, peer_name, p, g, q, secret);
@@ -151,6 +153,8 @@ static void hashbn(SHA_CTX *sha, const BIGNUM *bn)
size_t l = BN_num_bytes(bn);
unsigned char *bin = OPENSSL_malloc(l);
+ if (bin == NULL)
+ return NULL;
hashlength(sha, l);
BN_bn2bin(bn, bin);
SHA1_Update(sha, bin, l);
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 1ab6d5ae71..6cf8253bc2 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -642,6 +642,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
} else {
# if 0
bio = BIO_new(BIO_s_mem());
+ if (bio == NULL)
+ goto err;
/*
* We need to set this so that when we have read all the data, the
* encrypt BIO, if present, will read EOF and encode the last few
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 2f580352ce..d25b4f37bd 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -413,6 +413,8 @@ char *UI_construct_prompt(UI *ui, const char *object_desc,
len += sizeof(prompt3) - 1;
prompt = (char *)OPENSSL_malloc(len + 1);
+ if (prompt == NULL)
+ return NULL;
BUF_strlcpy(prompt, prompt1, len + 1);
BUF_strlcat(prompt, object_desc, len + 1);
if (object_name) {
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 9ee8f8d859..bbc3189381 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -401,6 +401,10 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
}
if (!hent) {
hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
+ if (hent == NULL) {
+ X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
+ goto finish;
+ }
hent->hash = h;
hent->suffix = k;
if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 22ec202846..7f1e71dd1a 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -573,6 +573,8 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
return 0;
objlen = p - value;
objtmp = OPENSSL_malloc(objlen + 1);
+ if (objtmp == NULL)
+ return 0;
strncpy(objtmp, value, objlen);
objtmp[objlen] = 0;
gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-12 07:14:25 +0000