diff options
author | x2018 <xkernel.wang@foxmail.com> | 2021-11-29 17:09:36 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-01-03 12:00:20 +0100 |
commit | e09648323645031c16fdd9eb3e900e2db259e0d0 (patch) | |
tree | 2aa9d21acbc72fe63ee727cf5fb3dd9ec3363aee /providers | |
parent | b247bb52b83ce096ab572af5d9525880e142f426 (diff) |
Check the return value of ossl_bio_new_from_core_bio()
There are missing checks of its return value in 8 different spots.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17154)
(cherry picked from commit 352a0bcaab8eda18cce786d2871e8d4ec6f9cbfe)
Diffstat (limited to 'providers')
7 files changed, 33 insertions, 8 deletions
diff --git a/providers/implementations/encode_decode/decode_epki2pki.c b/providers/implementations/encode_decode/decode_epki2pki.c index 66f4ff659d..a997629aaa 100644 --- a/providers/implementations/encode_decode/decode_epki2pki.c +++ b/providers/implementations/encode_decode/decode_epki2pki.c @@ -68,8 +68,12 @@ static int epki2pki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, PKCS8_PRIV_KEY_INFO *p8inf = NULL; const X509_ALGOR *alg = NULL; BIO *in = ossl_bio_new_from_core_bio(ctx->provctx, cin); - int ok = (asn1_d2i_read_bio(in, &mem) >= 0); + int ok = 0; + if (in == NULL) + return 0; + + ok = (asn1_d2i_read_bio(in, &mem) >= 0); BIO_free(in); /* We return "empty handed". This is not an error. */ diff --git a/providers/implementations/encode_decode/decode_msblob2key.c b/providers/implementations/encode_decode/decode_msblob2key.c index 0508e68b32..0445721171 100644 --- a/providers/implementations/encode_decode/decode_msblob2key.c +++ b/providers/implementations/encode_decode/decode_msblob2key.c @@ -93,6 +93,9 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, void *key = NULL; int ok = 0; + if (in == NULL) + return 0; + if (BIO_read(in, hdr_buf, 16) != 16) { ERR_raise(ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT); goto next; diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c index 6c537d26ae..1d5d30968f 100644 --- a/providers/implementations/encode_decode/decode_pem2der.c +++ b/providers/implementations/encode_decode/decode_pem2der.c @@ -33,7 +33,11 @@ static int read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin, unsigned char **data, long *len) { BIO *in = ossl_bio_new_from_core_bio(provctx, cin); - int ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0); + int ok; + + if (in == NULL) + return 0; + ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0); BIO_free(in); return ok; diff --git a/providers/implementations/encode_decode/decode_pvk2key.c b/providers/implementations/encode_decode/decode_pvk2key.c index 32206fe84d..7169aef2f4 100644 --- a/providers/implementations/encode_decode/decode_pvk2key.c +++ b/providers/implementations/encode_decode/decode_pvk2key.c @@ -88,6 +88,9 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, void *key = NULL; int ok = 0; + if (in == NULL) + return 0; + ctx->selection = selection; if ((selection == 0 diff --git a/providers/implementations/encode_decode/encode_key2blob.c b/providers/implementations/encode_decode/encode_key2blob.c index 19a7d171db..d4cc2e7cdc 100644 --- a/providers/implementations/encode_decode/encode_key2blob.c +++ b/providers/implementations/encode_decode/encode_key2blob.c @@ -30,7 +30,11 @@ static int write_blob(void *provctx, OSSL_CORE_BIO *cout, void *data, int len) { BIO *out = ossl_bio_new_from_core_bio(provctx, cout); - int ret = BIO_write(out, data, len); + int ret; + + if (out == NULL) + return 0; + ret = BIO_write(out, data, len); BIO_free(out); return ret; diff --git a/providers/implementations/encode_decode/encode_key2ms.c b/providers/implementations/encode_decode/encode_key2ms.c index 81528fefb6..15077954a4 100644 --- a/providers/implementations/encode_decode/encode_key2ms.c +++ b/providers/implementations/encode_decode/encode_key2ms.c @@ -39,8 +39,11 @@ static int write_msblob(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout, EVP_PKEY *pkey, int ispub) { BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout); - int ret = - ispub ? i2b_PublicKey_bio(out, pkey) : i2b_PrivateKey_bio(out, pkey); + int ret; + + if (out == NULL) + return 0; + ret = ispub ? i2b_PublicKey_bio(out, pkey) : i2b_PrivateKey_bio(out, pkey); BIO_free(out); return ret; @@ -50,14 +53,15 @@ static int write_pvk(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout, EVP_PKEY *pkey) { BIO *out = NULL; - int ret = 0; + int ret; OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); out = ossl_bio_new_from_core_bio(ctx->provctx, cout); + if (out == NULL) + return 0; ret = i2b_PVK_bio_ex(out, pkey, ctx->pvk_encr_level, ossl_pw_pvk_password, &ctx->pwdata, libctx, NULL); BIO_free(out); - return ret; } diff --git a/providers/implementations/encode_decode/endecoder_common.c b/providers/implementations/encode_decode/endecoder_common.c index 7071bcc23a..337847b661 100644 --- a/providers/implementations/encode_decode/endecoder_common.c +++ b/providers/implementations/encode_decode/endecoder_common.c @@ -89,8 +89,11 @@ int ossl_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, unsigned char **data, { BUF_MEM *mem = NULL; BIO *in = ossl_bio_new_from_core_bio(provctx, cin); - int ok = (asn1_d2i_read_bio(in, &mem) >= 0); + int ok; + if (in == NULL) + return 0; + ok = (asn1_d2i_read_bio(in, &mem) >= 0); if (ok) { *data = (unsigned char *)mem->data; *len = (long)mem->length; |