From b3c31a6572bd7b89f469deb3c78f85f6e303df47 Mon Sep 17 00:00:00 2001 From: Bernd Edlinger Date: Sun, 19 Mar 2017 16:14:33 +0100 Subject: Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/2988) --- crypto/ex_data.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'crypto') diff --git a/crypto/ex_data.c b/crypto/ex_data.c index 84b65551c6..4a3201a953 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -124,7 +124,7 @@ static int dummy_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, void *from_d, int idx, long argl, void *argp) { - return 0; + return 1; } int CRYPTO_free_ex_index(int class_index, int idx) @@ -254,10 +254,11 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from) { int mx, j, i; - char *ptr; + void *ptr; EX_CALLBACK *stack[10]; EX_CALLBACK **storage = NULL; EX_CALLBACKS *ip; + int toret = 0; if (from->sk == NULL) /* Nothing to copy over */ @@ -280,21 +281,28 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, } CRYPTO_THREAD_unlock(ex_data_lock); - if (mx > 0 && storage == NULL) { + if (mx == 0) + return 1; + if (storage == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_DUP_EX_DATA, ERR_R_MALLOC_FAILURE); return 0; } + if (!CRYPTO_set_ex_data(to, mx - 1, NULL)) + goto err; for (i = 0; i < mx; i++) { ptr = CRYPTO_get_ex_data(from, i); if (storage[i] && storage[i]->dup_func) - storage[i]->dup_func(to, from, &ptr, i, - storage[i]->argl, storage[i]->argp); + if (!storage[i]->dup_func(to, from, &ptr, i, + storage[i]->argl, storage[i]->argp)) + goto err; CRYPTO_set_ex_data(to, i, ptr); } + toret = 1; + err: if (storage != stack) OPENSSL_free(storage); - return 1; + return toret; } -- cgit v1.2.3