From: Matt Caswell <matt@openssl.org>
Date: Tue, 26 Nov 2019 17:14:08 +0000 (+0000)
Subject: Check that OPENSSL_zalloc was successful when creating EVP types
X-Git-Tag: openssl-3.0.0-alpha1~891
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=c1ff5994407bc093eca78eb2fd4f813b7ee581a2;p=oweals%2Fopenssl.git

Check that OPENSSL_zalloc was successful when creating EVP types

We were missing a NULL check in a few very similar places following an
OPENSSL_zalloc() call.

Reported-by: Ziyang Li (@Liby99)

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10526)
---

diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index aebfbaf3da..189c1c0f45 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -20,8 +20,14 @@ static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
 {
     EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH));
 
+    if (exchange == NULL) {
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
     exchange->lock = CRYPTO_THREAD_lock_new();
     if (exchange->lock == NULL) {
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         OPENSSL_free(exchange);
         return NULL;
     }
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index 1115e18ba2..638619051e 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -20,8 +20,14 @@ static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov)
 {
     EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE));
 
+    if (signature == NULL) {
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
     signature->lock = CRYPTO_THREAD_lock_new();
     if (signature->lock == NULL) {
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         OPENSSL_free(signature);
         return NULL;
     }
@@ -760,8 +766,14 @@ static EVP_ASYM_CIPHER *evp_asym_cipher_new(OSSL_PROVIDER *prov)
 {
     EVP_ASYM_CIPHER *cipher = OPENSSL_zalloc(sizeof(EVP_ASYM_CIPHER));
 
+    if (cipher == NULL) {
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
     cipher->lock = CRYPTO_THREAD_lock_new();
     if (cipher->lock == NULL) {
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         OPENSSL_free(cipher);
         return NULL;
     }