From: Dr. Stephen Henson Date: Fri, 27 Jun 2014 02:21:10 +0000 (+0100) Subject: Memory leak and NULL dereference fixes. X-Git-Tag: OpenSSL_0_9_8zb~53 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=9fb10cfe6b9f0408d9de613c5ed7bf5c2530f5e5;p=oweals%2Fopenssl.git Memory leak and NULL dereference fixes. PR#3403 (cherry picked from commit d2aea038297e0c64ca66e6844cbb37377365885e) Conflicts: apps/crl2p7.c crypto/asn1/a_utctm.c crypto/asn1/ameth_lib.c crypto/asn1/bio_asn1.c --- diff --git a/apps/apps.c b/apps/apps.c index ce8d9c9a7d..792b2540f3 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -362,6 +362,8 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) { arg->count=20; arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); + if (arg->data == NULL) + return 0; } for (i=0; icount; i++) arg->data[i]=NULL; @@ -1429,6 +1431,8 @@ char *make_config_name() len=strlen(t)+strlen(OPENSSL_CONF)+2; p=OPENSSL_malloc(len); + if (p == NULL) + return NULL; BUF_strlcpy(p,t,len); #ifndef OPENSSL_SYS_VMS BUF_strlcat(p,"/",len); diff --git a/apps/ca.c b/apps/ca.c index 651c5a648a..d6984ba8fd 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -2751,6 +2751,9 @@ char *make_revocation_str(int rev_type, char *rev_arg) revtm = X509_gmtime_adj(NULL, 0); + if (!revtm) + return NULL; + i = revtm->length + 1; if (reason) i += strlen(reason) + 1; diff --git a/apps/crl2p7.c b/apps/crl2p7.c index b2f2d121d5..f164a3ad94 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -142,7 +142,13 @@ int MAIN(int argc, char **argv) { if (--argc < 1) goto bad; if(!certflst) certflst = sk_new_null(); - sk_push(certflst,*(++argv)); + if (!certflst) + goto end; + if (!sk_push(certflst,*(++argv))) + { + sk_free(certflst); + goto end; + } } else { diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index ad8fbed907..095887f27d 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -595,6 +595,8 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) int len, state, save_state = 0; headers = sk_MIME_HEADER_new(mime_hdr_cmp); + if (!headers) + return NULL; while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { /* If whitespace at line start then continuation line */ if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME; diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index f1a5a05632..c373714b68 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct) if (!(octmp->length = i2d(obj, NULL))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); - return NULL; + goto err; } if (!(p = OPENSSL_malloc (octmp->length))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } octmp->data = p; i2d (obj, &p); return octmp; + err: + if (!oct || !*oct) + { + ASN1_STRING_free(octmp); + if (oct) + *oct = NULL; + } + return NULL; } #endif diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c index f3d9804860..1b9445973e 100644 --- a/crypto/asn1/evp_asn1.c +++ b/crypto/asn1/evp_asn1.c @@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len) ASN1_STRING *os; if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0); - if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0); + if (!M_ASN1_OCTET_STRING_set(os,data,len)) + { + M_ASN1_OCTET_STRING_free(os); + return 0; + } ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os); return(1); } diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 6f295b4e14..f9dad0e6fa 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -465,6 +465,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) l=80-2-obase; b=X509_NAME_oneline(name,NULL,0); + if (!b) + return 0; if (!*b) { OPENSSL_free(b); diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index 2721f904a6..b3687f9f1c 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, { derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); + if (!derlst) + return 0; tmpdat = OPENSSL_malloc(skcontlen); - if (!derlst || !tmpdat) + if (!tmpdat) + { + OPENSSL_free(derlst); return 0; + } } } /* If not sorting just output each item */