diff options
author | Pauli <ppzgs1@gmail.com> | 2021-03-19 09:30:07 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-03-26 08:46:02 +1000 |
commit | 3352a4f6fade5da0d0dfa9e7c9c9c261598c4bac (patch) | |
tree | bb44b66168b6b6add96e86ad0eaf399a82ef5cf8 /test/bad_dtls_test.c | |
parent | f47865156a7b26c3ee4b6479f821588eaa53fddf (diff) |
test: fix coverity 1451550: unchecked return value
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14615)
Diffstat (limited to 'test/bad_dtls_test.c')
-rw-r--r-- | test/bad_dtls_test.c | 44 |
1 files changed, 26 insertions, 18 deletions
diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c index 52333e860c..d60daa447f 100644 --- a/test/bad_dtls_test.c +++ b/test/bad_dtls_test.c @@ -283,11 +283,12 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, unsigned char lenbytes[2]; EVP_MAC *hmac; EVP_MAC_CTX *ctx; - EVP_CIPHER_CTX *enc_ctx; + EVP_CIPHER_CTX *enc_ctx = NULL; unsigned char iv[16]; unsigned char pad; unsigned char *enc; OSSL_PARAM params[2]; + int ret = 0; seq[0] = (seqnr >> 40) & 0xff; seq[1] = (seqnr >> 32) & 0xff; @@ -305,23 +306,26 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, memcpy(enc, msg, len); /* Append HMAC to data */ - hmac = EVP_MAC_fetch(NULL, "HMAC", NULL); + if ((hmac = EVP_MAC_fetch(NULL, "HMAC", NULL)) == NULL) + return 0; ctx = EVP_MAC_CTX_new(hmac); EVP_MAC_free(hmac); + if (ctx == NULL) + return 0; params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "SHA1", 0); params[1] = OSSL_PARAM_construct_end(); - EVP_MAC_init(ctx, mac_key, 20, params); - EVP_MAC_update(ctx, epoch, 2); - EVP_MAC_update(ctx, seq, 6); - EVP_MAC_update(ctx, &type, 1); - EVP_MAC_update(ctx, ver, 2); /* Version */ lenbytes[0] = (unsigned char)(len >> 8); lenbytes[1] = (unsigned char)(len); - EVP_MAC_update(ctx, lenbytes, 2); /* Length */ - EVP_MAC_update(ctx, enc, len); /* Finally the data itself */ - EVP_MAC_final(ctx, enc + len, NULL, SHA_DIGEST_LENGTH); - EVP_MAC_CTX_free(ctx); + if (!EVP_MAC_init(ctx, mac_key, 20, params) + || !EVP_MAC_update(ctx, epoch, 2) + || !EVP_MAC_update(ctx, seq, 6) + || !EVP_MAC_update(ctx, &type, 1) + || !EVP_MAC_update(ctx, ver, 2) /* Version */ + || !EVP_MAC_update(ctx, lenbytes, 2) /* Length */ + || !EVP_MAC_update(ctx, enc, len) /* Finally the data itself */ + || !EVP_MAC_final(ctx, enc + len, NULL, SHA_DIGEST_LENGTH)) + goto end; /* Append padding bytes */ len += SHA_DIGEST_LENGTH; @@ -330,11 +334,12 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, } while (len % 16); /* Generate IV, and encrypt */ - RAND_bytes(iv, sizeof(iv)); - enc_ctx = EVP_CIPHER_CTX_new(); - EVP_CipherInit_ex(enc_ctx, EVP_aes_128_cbc(), NULL, enc_key, iv, 1); - EVP_Cipher(enc_ctx, enc, enc, len); - EVP_CIPHER_CTX_free(enc_ctx); + if (!TEST_true(RAND_bytes(iv, sizeof(iv))) + || !TEST_ptr(enc_ctx = EVP_CIPHER_CTX_new()) + || !TEST_true(EVP_CipherInit_ex(enc_ctx, EVP_aes_128_cbc(), NULL, + enc_key, iv, 1)) + || !TEST_int_ge(EVP_Cipher(enc_ctx, enc, enc, len), 0)) + goto end; /* Finally write header (from fragmented variables), IV and encrypted record */ BIO_write(rbio, &type, 1); @@ -347,9 +352,12 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, BIO_write(rbio, iv, sizeof(iv)); BIO_write(rbio, enc, len); - + ret = 1; + end: + EVP_MAC_CTX_free(ctx); + EVP_CIPHER_CTX_free(enc_ctx); OPENSSL_free(enc); - return 1; + return ret; } static int send_finished(SSL *s, BIO *rbio) |