diff options
author | Rich Salz <rsalz@openssl.org> | 2016-08-19 10:31:03 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-08-19 10:44:32 -0400 |
commit | a03f81f4ead24c234dc26e388d86a352685f3948 (patch) | |
tree | 52d615c7c60f258f755f4fae2a38dc9412098bcd /engines | |
parent | 66e708326524929a0e1631f8d1ef6e63c153922c (diff) |
Fix NULL-return checks in 1.0.2
RT4386: Add sanity checks for BN_new()
RT4384: Missing Sanity Checks for RSA_new_method()
RT4384: Missing Sanity Check plus potential NULL pointer deref
RT4382: Missing Sanity Check(s) for BUF_strdup()
RT4380: Missing Sanity Checks for EVP_PKEY_new()
RT4377: Prevent potential NULL pointer dereference
RT4375: Missing sanity checks for OPENSSL_malloc()
RT4374: Potential for NULL pointer dereferences
RT4371: Missing Sanity Check for malloc()
RT4370: Potential for NULL pointer dereferences
Also expand tabs, make update, typo fix (rsalz)
Minor tweak by Paul Dale.
Some minor internal review feedback.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'engines')
-rw-r--r-- | engines/ccgost/gost2001.c | 6 | ||||
-rw-r--r-- | engines/ccgost/gost2001_keyx.c | 2 | ||||
-rw-r--r-- | engines/ccgost/gost94_keyx.c | 2 | ||||
-rw-r--r-- | engines/ccgost/gost_ameth.c | 14 | ||||
-rw-r--r-- | engines/ccgost/gost_pmeth.c | 4 | ||||
-rw-r--r-- | engines/e_4758cca.c | 8 | ||||
-rw-r--r-- | engines/e_aep.c | 3 | ||||
-rw-r--r-- | engines/e_capi.c | 13 | ||||
-rw-r--r-- | engines/e_chil.c | 33 |
9 files changed, 79 insertions, 6 deletions
diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c index 9536295430..57f6ee28a8 100644 --- a/engines/ccgost/gost2001.c +++ b/engines/ccgost/gost2001.c @@ -434,6 +434,12 @@ int gost2001_compute_public(EC_KEY *ec) int gost2001_keygen(EC_KEY *ec) { BIGNUM *order = BN_new(), *d = BN_new(); + if (order == NULL || d == NULL) { + GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_MALLOC_FAILURE); + BN_free(d); + BN_free(order); + return 0; + } const EC_GROUP *group = EC_KEY_get0_group(ec); if(!group || !EC_GROUP_get_order(group, order, NULL)) { diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c index db1bdc18fd..ac7862eab5 100644 --- a/engines/ccgost/gost2001_keyx.c +++ b/engines/ccgost/gost2001_keyx.c @@ -147,6 +147,8 @@ int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, key_is_ephemeral = 1; if (out) { sec_key = EVP_PKEY_new(); + if (sec_key == NULL) + goto err; EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new()); EVP_PKEY_copy_parameters(sec_key, pubk); if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) { diff --git a/engines/ccgost/gost94_keyx.c b/engines/ccgost/gost94_keyx.c index ce57f17cbf..3532bfff3e 100644 --- a/engines/ccgost/gost94_keyx.c +++ b/engines/ccgost/gost94_keyx.c @@ -126,6 +126,8 @@ int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, key_is_ephemeral = 1; if (out) { mykey = EVP_PKEY_new(); + if (!mykey) + goto memerr; EVP_PKEY_assign(mykey, EVP_PKEY_base_id(pubk), DSA_new()); EVP_PKEY_copy_parameters(mykey, pubk); if (!gost_sign_keygen(EVP_PKEY_get0(mykey))) { diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c index b7c5354c1a..8283f192f4 100644 --- a/engines/ccgost/gost_ameth.c +++ b/engines/ccgost/gost_ameth.c @@ -617,6 +617,10 @@ static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub) return 0; } databuf = OPENSSL_malloc(octet->length); + if (databuf == NULL) { + GOSTerr(GOST_F_PUB_DECODE_GOST94, ERR_R_MALLOC_FAILURE); + return 0; + } for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { databuf[j] = octet->data[i]; } @@ -646,6 +650,8 @@ static int pub_encode_gost94(X509_PUBKEY *pub, const EVP_PKEY *pk) } data_len = BN_num_bytes(dsa->pub_key); databuf = OPENSSL_malloc(data_len); + if (databuf == NULL) + return 0; BN_bn2bin(dsa->pub_key, databuf); octet = ASN1_OCTET_STRING_new(); ASN1_STRING_set(octet, NULL, data_len); @@ -686,6 +692,10 @@ static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub) return 0; } databuf = OPENSSL_malloc(octet->length); + if (databuf == NULL) { + GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); + return 0; + } for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { databuf[j] = octet->data[i]; } @@ -760,6 +770,10 @@ static int pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk) data_len = 2 * BN_num_bytes(order); BN_free(order); databuf = OPENSSL_malloc(data_len); + if (databuf == NULL) { + GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); + return 0; + } memset(databuf, 0, data_len); store_bignum(X, databuf + data_len / 2, data_len / 2); diff --git a/engines/ccgost/gost_pmeth.c b/engines/ccgost/gost_pmeth.c index 4a79a85cfc..696829253b 100644 --- a/engines/ccgost/gost_pmeth.c +++ b/engines/ccgost/gost_pmeth.c @@ -107,6 +107,8 @@ static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_SET_IV: pctx->shared_ukm = OPENSSL_malloc((int)p1); + if (pctx->shared_ukm == NULL) + return 0; memcpy(pctx->shared_ukm, p2, (int)p1); return 1; case EVP_PKEY_CTRL_PEER_KEY: @@ -533,6 +535,8 @@ static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) return 0; } keydata = OPENSSL_malloc(32); + if (keydata == NULL) + return 0; memcpy(keydata, data->key, 32); EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata); return 1; diff --git a/engines/e_4758cca.c b/engines/e_4758cca.c index 5f771986cf..60ba4abcdf 100644 --- a/engines/e_4758cca.c +++ b/engines/e_4758cca.c @@ -463,6 +463,10 @@ static EVP_PKEY *ibm_4758_load_privkey(ENGINE *e, const char *key_id, (*(long *)keyToken) = keyTokenLength; rtmp = RSA_new_method(e); + if (rtmp == NULL) { + CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; + } RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); @@ -535,6 +539,10 @@ static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *e, const char *key_id, (*(long *)keyToken) = keyTokenLength; rtmp = RSA_new_method(e); + if (rtmp == NULL) { + CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE); + goto err; + } RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); diff --git a/engines/e_aep.c b/engines/e_aep.c index 9bfda76a92..4e97d29497 100644 --- a/engines/e_aep.c +++ b/engines/e_aep.c @@ -1137,7 +1137,8 @@ static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize, /* * Expand the result bn so that it can hold our big num. Size is in bits */ - bn_expand(bn, (int)(BigNumSize << 3)); + if (bn_expand(bn, (int)(BigNumSize << 3)) == NULL) + return AEP_R_HOST_MEMORY; # ifdef SIXTY_FOUR_BIT_LONG bn->top = BigNumSize >> 3; diff --git a/engines/e_capi.c b/engines/e_capi.c index 6e524633f3..8c08872bfd 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -1106,6 +1106,10 @@ static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype, name = alloca(len); else name = OPENSSL_malloc(len); + if (name == NULL) { + CAPIerr(CAPI_F_CAPI_GET_PROVNAME, ERR_R_MALLOC_FAILURE); + return 0; + } if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len)) { err = GetLastError(); if (err == ERROR_NO_MORE_ITEMS) @@ -1286,6 +1290,10 @@ char *capi_cert_get_fname(CAPI_CTX * ctx, PCCERT_CONTEXT cert) (cert, CERT_FRIENDLY_NAME_PROP_ID, NULL, &dlen)) return NULL; wfname = OPENSSL_malloc(dlen); + if (wfname == NULL) { + CAPIerr(CAPI_F_CAPI_CERT_GET_FNAME, ERR_R_MALLOC_FAILURE); + return NULL; + } if (CertGetCertificateContextProperty (cert, CERT_FRIENDLY_NAME_PROP_ID, wfname, &dlen)) { char *fname = wide_to_asc(wfname); @@ -1436,6 +1444,11 @@ static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const TCHAR *contname, CAPI_KEY *key; DWORD dwFlags = 0; key = OPENSSL_malloc(sizeof(CAPI_KEY)); + if (key == NULL) { + CAPIerr(CAPI_F_CAPI_GET_KEY, ERR_R_MALLOC_FAILURE); + capi_addlasterror(); + goto err; + } if (sizeof(TCHAR) == sizeof(char)) CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", contname, provname, ptype); diff --git a/engines/e_chil.c b/engines/e_chil.c index 5e725f5fb1..d5e4cb67c4 100644 --- a/engines/e_chil.c +++ b/engines/e_chil.c @@ -810,9 +810,17 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, # endif # ifndef OPENSSL_NO_RSA rtmp = RSA_new_method(eng); + if (rtmp == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; + } RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr); rtmp->e = BN_new(); rtmp->n = BN_new(); + if (rtmp->e == NULL || rtmp->n == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; + } rtmp->flags |= RSA_FLAG_EXT_PKEY; MPI2BN(rtmp->e, e); MPI2BN(rtmp->n, n); @@ -823,8 +831,14 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, goto err; } - bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)); - bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)); + if (bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)) == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; + } + if (bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)) == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; + } MPI2BN(rtmp->e, e); MPI2BN(rtmp->n, n); @@ -923,7 +937,10 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, goto err; } /* Prepare the params */ - bn_expand2(r, m->top); /* Check for error !! */ + if (bn_expand2(r, m->top) == NULL) { /* Check for error !! */ + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; + } BN2MPI(m_a, a); BN2MPI(m_p, p); BN2MPI(m_n, m); @@ -989,7 +1006,10 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, } /* Prepare the params */ - bn_expand2(r, rsa->n->top); /* Check for error !! */ + if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */ + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; + } BN2MPI(m_a, I); MPI2BN(r, m_r); @@ -1026,7 +1046,10 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, } /* Prepare the params */ - bn_expand2(r, rsa->n->top); /* Check for error !! */ + if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */ + HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; + } BN2MPI(m_a, I); BN2MPI(m_p, rsa->p); BN2MPI(m_q, rsa->q); |