diff options
| author | Matt Caswell <matt@openssl.org> | 2015-02-26 16:28:59 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-03-25 12:41:28 +0000 |
| commit | 8f8e4e4f5253085ab673bb74094c3e492c56af44 (patch) | |
| tree | 1fb6e32d1f10e7ca77521df3a25f887bf083f7a8 /ssl | |
| parent | a20718fa2c0a45e6acb975cf6c0438c3ebd45b13 (diff) | |
Fix RAND_(pseudo_)?_bytes returns
Ensure all calls to RAND_bytes and RAND_pseudo_bytes have their return
value checked correctly
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/d1_both.c | 14 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 5 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 18 | ||||
| -rw-r--r-- | ssl/tls_srp.c | 3 |
4 files changed, 30 insertions, 10 deletions
diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 21048003bc..d4150cb58d 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -1420,7 +1420,10 @@ int dtls1_process_heartbeat(SSL *s) memcpy(bp, pl, payload); bp += payload; /* Random padding */ - RAND_pseudo_bytes(bp, padding); + if(RAND_pseudo_bytes(bp, padding) < 0) { + OPENSSL_free(buffer); + return -1; + } r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length); @@ -1454,7 +1457,7 @@ int dtls1_process_heartbeat(SSL *s) int dtls1_heartbeat(SSL *s) { unsigned char *buf, *p; - int ret; + int ret = -1; unsigned int payload = 18; /* Sequence number + random bytes */ unsigned int padding = 16; /* Use minimum padding */ @@ -1502,10 +1505,12 @@ int dtls1_heartbeat(SSL *s) /* Sequence number */ s2n(s->tlsext_hb_seq, p); /* 16 random bytes */ - RAND_pseudo_bytes(p, 16); + if(RAND_pseudo_bytes(p, 16) < 0) + goto err; p += 16; /* Random padding */ - RAND_pseudo_bytes(p, padding); + if(RAND_pseudo_bytes(p, padding) < 0) + goto err; ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding); if (ret >= 0) { @@ -1518,6 +1523,7 @@ int dtls1_heartbeat(SSL *s) s->tlsext_hb_pending = 1; } +err: OPENSSL_free(buf); return ret; diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 91053d59ea..c7f3f1d3cc 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -2847,7 +2847,10 @@ int ssl3_send_client_key_exchange(SSL *s) EVP_PKEY_encrypt_init(pkey_ctx); /* Generate session key */ - RAND_bytes(premaster_secret, 32); + if(RAND_bytes(premaster_secret, 32) <= 0) { + EVP_PKEY_CTX_free(pkey_ctx); + goto err; + } /* * If we have client certificate, use its secret as peer key */ diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 3e01b6af6a..5568df660c 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3849,7 +3849,10 @@ int tls1_process_heartbeat(SSL *s) memcpy(bp, pl, payload); bp += payload; /* Random padding */ - RAND_pseudo_bytes(bp, padding); + if(RAND_pseudo_bytes(bp, padding) < 0) { + OPENSSL_free(buffer); + return -1; + } r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding); @@ -3884,7 +3887,7 @@ int tls1_process_heartbeat(SSL *s) int tls1_heartbeat(SSL *s) { unsigned char *buf, *p; - int ret; + int ret = -1; unsigned int payload = 18; /* Sequence number + random bytes */ unsigned int padding = 16; /* Use minimum padding */ @@ -3932,10 +3935,16 @@ int tls1_heartbeat(SSL *s) /* Sequence number */ s2n(s->tlsext_hb_seq, p); /* 16 random bytes */ - RAND_pseudo_bytes(p, 16); + if(RAND_pseudo_bytes(p, 16) < 0) { + SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR); + goto err; + } p += 16; /* Random padding */ - RAND_pseudo_bytes(p, padding); + if(RAND_pseudo_bytes(p, padding) < 0) { + SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR); + goto err; + } ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding); if (ret >= 0) { @@ -3947,6 +3956,7 @@ int tls1_heartbeat(SSL *s) s->tlsext_hb_pending = 1; } +err: OPENSSL_free(buf); return ret; diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index d36cfa0a5c..6bdf7f32f8 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -454,7 +454,8 @@ int SRP_Calc_A_param(SSL *s) { unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH]; - RAND_bytes(rnd, sizeof(rnd)); + if(RAND_bytes(rnd, sizeof(rnd)) <= 0) + return -1; s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a); OPENSSL_cleanse(rnd, sizeof(rnd)); |