From: Dr. Stephen Henson Date: Sun, 5 Dec 2004 01:04:44 +0000 (+0000) Subject: Add lots of checks for memory allocation failure, error codes to indicate X-Git-Tag: BEN_FIPS_TEST_6~20 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=da8534693cd993b51d533623ed8e88f4f8c1d00b;p=oweals%2Fopenssl.git Add lots of checks for memory allocation failure, error codes to indicate failure and freeing up memory if a failure occurs. PR:620 --- diff --git a/CHANGES b/CHANGES index 8cd6bb5bfc..f3f5e68d34 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.7e and 0.9.7f [XX xxx XXXX] + *) Add lots of checks for memory allocation failure, error codes to indicate + failure and freeing up memory if a failure occurs. + [Nauticus Networks SSL Team , Steve Henson] + *) Add new -passin argument to dgst. [Steve Henson] diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index f4ea96cd54..01ec898314 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -194,7 +194,12 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) c=(unsigned char *)OPENSSL_realloc_clean(a->data, a->length, w+1); - if (c == NULL) return(0); + if (c == NULL) + { + ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT,ERR_R_MALLOC_FAILURE); + return 0; + } + if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); a->data=c; a->length=w+1; diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 4931e222a0..7182e9fa5d 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -65,6 +65,7 @@ # include #endif +#include #include #include #include @@ -78,7 +79,11 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, unsigned char *str,*p; i=i2d(data,NULL); - if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0); + if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) + { + ASN1err(ASN1_F_ASN1_DIGEST,ERR_R_MALLOC_FAILURE); + return(0); + } p=str; i2d(data,&p); diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c index ad8f0ffd1a..03ede68d1c 100644 --- a/crypto/asn1/a_enum.c +++ b/crypto/asn1/a_enum.c @@ -156,7 +156,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); if (!new_data) { - ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); goto err; } ret->data=new_data; diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c index 8581007868..0dfd576211 100644 --- a/crypto/asn1/a_gentm.c +++ b/crypto/asn1/a_gentm.c @@ -192,8 +192,9 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str) { if (s != NULL) { - ASN1_STRING_set((ASN1_STRING *)s, - (unsigned char *)str,t.length); + if (!ASN1_STRING_set((ASN1_STRING *)s, + (unsigned char *)str,t.length)) + return 0; s->type=V_ASN1_GENERALIZEDTIME; } return(1); @@ -223,7 +224,12 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, if ((p == NULL) || ((size_t)s->length < len)) { p=OPENSSL_malloc(len); - if (p == NULL) return(NULL); + if (p == NULL) + { + ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_SET, + ERR_R_MALLOC_FAILURE); + return(NULL); + } if (s->data != NULL) OPENSSL_free(s->data); s->data=(unsigned char *)p; diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c index 0f839822ff..e24061c545 100644 --- a/crypto/asn1/a_set.c +++ b/crypto/asn1/a_set.c @@ -118,8 +118,13 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, } pStart = p; /* Catch the beg of Setblobs*/ - if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array -we will store the SET blobs */ + /* In this array we will store the SET blobs */ + rgSetBlob = (MYBLOB *)OPENSSL_malloc(sk_num(a) * sizeof(MYBLOB)); + if (rgSetBlob == NULL) + { + ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE); + return(0); + } for (i=0; itype = V_ASN1_UTCTIME; } return(1); @@ -203,7 +204,12 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) if ((p == NULL) || ((size_t)s->length < len)) { p=OPENSSL_malloc(len); - if (p == NULL) return(NULL); + if (p == NULL) + { + ASN1err(ASN1_F_ASN1_UTCTIME_SET,ERR_R_MALLOC_FAILURE); + return(NULL); + } + if (s->data != NULL) if (s->data != NULL) OPENSSL_free(s->data); s->data=(unsigned char *)p; diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 3414509f1b..6fc430da7d 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -950,16 +950,19 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_A2I_ASN1_ENUMERATED 101 #define ASN1_F_A2I_ASN1_INTEGER 102 #define ASN1_F_A2I_ASN1_STRING 103 +#define ASN1_F_ASN1_BIT_STRING_SET_BIT 176 #define ASN1_F_ASN1_CHECK_TLEN 104 #define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 #define ASN1_F_ASN1_COLLECT 106 #define ASN1_F_ASN1_D2I_BIO 107 #define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 #define ASN1_F_ASN1_D2I_FP 109 +#define ASN1_F_ASN1_DIGEST 177 #define ASN1_F_ASN1_DO_ADB 110 #define ASN1_F_ASN1_DUP 111 #define ASN1_F_ASN1_ENUMERATED_SET 112 #define ASN1_F_ASN1_ENUMERATED_TO_BN 113 +#define ASN1_F_ASN1_GENERALIZEDTIME_SET 178 #define ASN1_F_ASN1_GET_OBJECT 114 #define ASN1_F_ASN1_HEADER_NEW 115 #define ASN1_F_ASN1_I2D_BIO 116 @@ -975,6 +978,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_ASN1_SEQ_PACK 126 #define ASN1_F_ASN1_SEQ_UNPACK 127 #define ASN1_F_ASN1_SIGN 128 +#define ASN1_F_ASN1_STRING_SET 179 #define ASN1_F_ASN1_STRING_TABLE_ADD 129 #define ASN1_F_ASN1_STRING_TYPE_NEW 130 #define ASN1_F_ASN1_TEMPLATE_D2I 131 @@ -984,6 +988,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 #define ASN1_F_ASN1_UNPACK_STRING 136 +#define ASN1_F_ASN1_UTCTIME_SET 180 #define ASN1_F_ASN1_VERIFY 137 #define ASN1_F_BN_TO_ASN1_ENUMERATED 138 #define ASN1_F_BN_TO_ASN1_INTEGER 139 @@ -1007,6 +1012,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_D2I_X509_CINF 157 #define ASN1_F_D2I_X509_NAME 158 #define ASN1_F_D2I_X509_PKEY 159 +#define ASN1_F_I2D_ASN1_SET 181 #define ASN1_F_I2D_ASN1_TIME 160 #define ASN1_F_I2D_DSA_PUBKEY 161 #define ASN1_F_I2D_NETSCAPE_RSA 162 diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index 094ec06fda..3b57c8fbae 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -1,6 +1,6 @@ /* crypto/asn1/asn1_err.c */ /* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,16 +70,19 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"}, {ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"}, {ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"}, +{ERR_PACK(0,ASN1_F_ASN1_BIT_STRING_SET_BIT,0), "ASN1_BIT_STRING_set_bit"}, {ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"}, {ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"}, {ERR_PACK(0,ASN1_F_ASN1_COLLECT,0), "ASN1_COLLECT"}, {ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"}, {ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"}, {ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"}, +{ERR_PACK(0,ASN1_F_ASN1_DIGEST,0), "ASN1_digest"}, {ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"}, {ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"}, {ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"}, {ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"}, +{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_SET,0), "ASN1_GENERALIZEDTIME_set"}, {ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"}, {ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"}, {ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"}, @@ -95,6 +98,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"}, {ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"}, {ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"}, +{ERR_PACK(0,ASN1_F_ASN1_STRING_SET,0), "ASN1_STRING_set"}, {ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"}, {ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"}, {ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, @@ -104,6 +108,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, {ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, +{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_SET,0), "ASN1_UTCTIME_set"}, {ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"}, {ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"}, {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, @@ -127,6 +132,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, {ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, {ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, +{ERR_PACK(0,ASN1_F_I2D_ASN1_SET,0), "i2d_ASN1_SET"}, {ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"}, {ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"}, {ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"}, diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index a74f1368d3..97b9b35f4b 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -349,6 +349,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) if (str->data == NULL) { + ASN1err(ASN1_F_ASN1_STRING_SET,ERR_R_MALLOC_FAILURE); str->data=c; return(0); } diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c index 3506005a71..f92ce6cb5d 100644 --- a/crypto/asn1/evp_asn1.c +++ b/crypto/asn1/evp_asn1.c @@ -115,7 +115,11 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data, if ((osp=ASN1_STRING_new()) == NULL) return(0); /* Grow the 'string' */ - ASN1_STRING_set(osp,NULL,size); + if (!ASN1_STRING_set(osp,NULL,size)) + { + ASN1_STRING_free(osp); + return(0); + } M_ASN1_STRING_length_set(osp, size); p=M_ASN1_STRING_data(osp); diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index 891150638e..ec788267e0 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -76,47 +76,55 @@ IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen) { - PBEPARAM *pbe; + PBEPARAM *pbe=NULL; ASN1_OBJECT *al; X509_ALGOR *algor; - ASN1_TYPE *astype; + ASN1_TYPE *astype=NULL; if (!(pbe = PBEPARAM_new ())) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } if(iter <= 0) iter = PKCS5_DEFAULT_ITER; - ASN1_INTEGER_set (pbe->iter, iter); + if (!ASN1_INTEGER_set(pbe->iter, iter)) { + ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); + goto err; + } if (!saltlen) saltlen = PKCS5_SALT_LEN; if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } pbe->salt->length = saltlen; if (salt) memcpy (pbe->salt->data, salt, saltlen); else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0) - return NULL; + goto err; if (!(astype = ASN1_TYPE_new())) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } astype->type = V_ASN1_SEQUENCE; if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } PBEPARAM_free (pbe); + pbe = NULL; al = OBJ_nid2obj(alg); /* never need to free al */ if (!(algor = X509_ALGOR_new())) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } ASN1_OBJECT_free(algor->algorithm); algor->algorithm = al; algor->parameter = astype; return (algor); +err: + if (pbe != NULL) PBEPARAM_free(pbe); + if (astype != NULL) ASN1_TYPE_free(astype); + return NULL; } diff --git a/crypto/asn1/t_bitst.c b/crypto/asn1/t_bitst.c index 8ee789f082..397332d9b8 100644 --- a/crypto/asn1/t_bitst.c +++ b/crypto/asn1/t_bitst.c @@ -84,7 +84,10 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, int bitnum; bitnum = ASN1_BIT_STRING_num_asc(name, tbl); if(bitnum < 0) return 0; - if(bs) ASN1_BIT_STRING_set_bit(bs, bitnum, value); + if(bs) { + if(!ASN1_BIT_STRING_set_bit(bs, bitnum, value)) + return 0; + } return 1; } diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index d958540120..61e8d54f9c 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -80,8 +80,7 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { - int ok=0; - X509_PUBKEY *pk; + X509_PUBKEY *pk=NULL; X509_ALGOR *a; ASN1_OBJECT *o; unsigned char *s,*p = NULL; @@ -104,7 +103,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) (a->parameter->type != V_ASN1_NULL)) { ASN1_TYPE_free(a->parameter); - a->parameter=ASN1_TYPE_new(); + if (!(a->parameter=ASN1_TYPE_new())) + { + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); + goto err; + } a->parameter->type=V_ASN1_NULL; } } @@ -118,14 +121,34 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) dsa=pkey->pkey.dsa; dsa->write_params=0; ASN1_TYPE_free(a->parameter); - i=i2d_DSAparams(dsa,NULL); - if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err; + if ((i=i2d_DSAparams(dsa,NULL)) <= 0) + goto err; + if (!(p=(unsigned char *)OPENSSL_malloc(i))) + { + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); + goto err; + } pp=p; i2d_DSAparams(dsa,&pp); - a->parameter=ASN1_TYPE_new(); + if (!(a->parameter=ASN1_TYPE_new())) + { + OPENSSL_free(p); + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); + goto err; + } a->parameter->type=V_ASN1_SEQUENCE; - a->parameter->value.sequence=ASN1_STRING_new(); - ASN1_STRING_set(a->parameter->value.sequence,p,i); + if (!(a->parameter->value.sequence=ASN1_STRING_new())) + { + OPENSSL_free(p); + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); + goto err; + } + if (!ASN1_STRING_set(a->parameter->value.sequence,p,i)) + { + OPENSSL_free(p); + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); + goto err; + } OPENSSL_free(p); } else @@ -143,7 +166,12 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } p=s; i2d_PublicKey(pkey,&p); - if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; + if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) + { + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); + goto err; + } + /* Set number of unused bits to zero */ /* Set number of unused bits to zero */ pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; @@ -159,12 +187,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) X509_PUBKEY_free(*x); *x=pk; - pk=NULL; - ok=1; + return 1; err: if (pk != NULL) X509_PUBKEY_free(pk); - return(ok); + return 0; } EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index c9ebdbaabe..b79b1b60da 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -273,7 +273,7 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) BN_init(&Ri); R= &(mont->RR); /* grab RR as a temp */ - BN_copy(&(mont->N),mod); /* Set N */ + if (!BN_copy(&(mont->N),mod)) goto err; /* Set N */ mont->N.neg = 0; #ifdef MONT_WORD diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index eb481ec661..47a69932a5 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -235,7 +235,11 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) return NULL; } p8->broken = broken; - ASN1_INTEGER_set (p8->version, 0); + if (!ASN1_INTEGER_set(p8->version, 0)) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + PKCS8_PRIV_KEY_INFO_free (p8); + return NULL; + } if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); PKCS8_PRIV_KEY_INFO_free (p8); @@ -303,29 +307,35 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) #ifndef OPENSSL_NO_DSA static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) { - ASN1_STRING *params; - ASN1_INTEGER *prkey; - ASN1_TYPE *ttmp; - STACK_OF(ASN1_TYPE) *ndsa; - unsigned char *p, *q; + ASN1_STRING *params = NULL; + ASN1_INTEGER *prkey = NULL; + ASN1_TYPE *ttmp = NULL; + STACK_OF(ASN1_TYPE) *ndsa = NULL; + unsigned char *p = NULL, *q; int len; p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); len = i2d_DSAparams (pkey->pkey.dsa, NULL); if (!(p = OPENSSL_malloc(len))) { EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free (p8); - return 0; + goto err; } q = p; i2d_DSAparams (pkey->pkey.dsa, &q); - params = ASN1_STRING_new(); - ASN1_STRING_set(params, p, len); + if (!(params = ASN1_STRING_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } + if (!ASN1_STRING_set(params, p, len)) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } OPENSSL_free(p); + p = NULL; /* Get private key into integer */ if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); - return 0; + goto err; } switch(p8->broken) { @@ -336,12 +346,13 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER, &p8->pkey->value.octet_string)) { EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - M_ASN1_INTEGER_free (prkey); - return 0; + goto err; } M_ASN1_INTEGER_free (prkey); + prkey = NULL; p8->pkeyalg->parameter->value.sequence = params; + params = NULL; p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; break; @@ -349,32 +360,51 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) case PKCS8_NS_DB: p8->pkeyalg->parameter->value.sequence = params; + params = NULL; p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; - ndsa = sk_ASN1_TYPE_new_null(); - ttmp = ASN1_TYPE_new(); - if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) { + if (!(ndsa = sk_ASN1_TYPE_new_null())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } + if (!(ttmp = ASN1_TYPE_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } + if (!(ttmp->value.integer = + BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) { EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); - PKCS8_PRIV_KEY_INFO_free(p8); - return 0; + goto err; } ttmp->type = V_ASN1_INTEGER; - sk_ASN1_TYPE_push(ndsa, ttmp); + if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } - ttmp = ASN1_TYPE_new(); + if (!(ttmp = ASN1_TYPE_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } ttmp->value.integer = prkey; + prkey = NULL; ttmp->type = V_ASN1_INTEGER; - sk_ASN1_TYPE_push(ndsa, ttmp); + if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } + ttmp = NULL; - p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); + if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, &p8->pkey->value.octet_string->data, &p8->pkey->value.octet_string->length)) { EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - M_ASN1_INTEGER_free(prkey); - return 0; + goto err; } sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); break; @@ -382,31 +412,57 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) case PKCS8_EMBEDDED_PARAM: p8->pkeyalg->parameter->type = V_ASN1_NULL; - ndsa = sk_ASN1_TYPE_new_null(); - ttmp = ASN1_TYPE_new(); + if (!(ndsa = sk_ASN1_TYPE_new_null())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } + if (!(ttmp = ASN1_TYPE_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } ttmp->value.sequence = params; + params = NULL; ttmp->type = V_ASN1_SEQUENCE; - sk_ASN1_TYPE_push(ndsa, ttmp); + if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } - ttmp = ASN1_TYPE_new(); + if (!(ttmp = ASN1_TYPE_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } ttmp->value.integer = prkey; + prkey = NULL; ttmp->type = V_ASN1_INTEGER; - sk_ASN1_TYPE_push(ndsa, ttmp); + if (!sk_ASN1_TYPE_push(ndsa, ttmp)) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } + ttmp = NULL; - p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); + if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) { + EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); + goto err; + } if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, &p8->pkey->value.octet_string->data, &p8->pkey->value.octet_string->length)) { EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - M_ASN1_INTEGER_free (prkey); - return 0; + goto err; } sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); break; } return 1; +err: + if (p != NULL) OPENSSL_free(p); + if (params != NULL) ASN1_STRING_free(params); + if (prkey != NULL) M_ASN1_INTEGER_free(prkey); + if (ttmp != NULL) ASN1_TYPE_free(ttmp); + if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); + return 0; } #endif diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index b4453b4a98..28c9370ca3 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -2,6 +2,7 @@ #include #include +#include #include #include #include @@ -80,7 +81,11 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), MemCheck_off(); name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS)); MemCheck_on(); - if (!name_funcs) return(0); + if (!name_funcs) + { + OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX,ERR_R_MALLOC_FAILURE); + return(0); + } name_funcs->hash_func = lh_strhash; name_funcs->cmp_func = OPENSSL_strcmp; name_funcs->free_func = 0; /* NULL is often declared to diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 4534dc0985..f549d078ef 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -236,13 +236,13 @@ int OBJ_add_object(const ASN1_OBJECT *obj) if (added == NULL) if (!init_added()) return(0); if ((o=OBJ_dup(obj)) == NULL) goto err; - if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err; + if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; if ((o->length != 0) && (obj->data != NULL)) - ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); + if (!(ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; if (o->sn != NULL) - ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); + if (!(ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; if (o->ln != NULL) - ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); + if (!(ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; for (i=ADDED_DATA; i<=ADDED_NID; i++) { @@ -260,6 +260,8 @@ int OBJ_add_object(const ASN1_OBJECT *obj) ASN1_OBJECT_FLAG_DYNAMIC_DATA); return(o->nid); +err2: + OBJerr(OBJ_F_OBJ_ADD_OBJECT,ERR_R_MALLOC_FAILURE); err: for (i=ADDED_DATA; i<=ADDED_NID; i++) if (ao[i] != NULL) OPENSSL_free(ao[i]); @@ -648,7 +650,7 @@ int OBJ_create(const char *oid, const char *sn, const char *ln) if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL) { - OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE); + OBJerr(OBJ_F_OBJ_CREATE,ERR_R_MALLOC_FAILURE); return(0); } i=a2d_ASN1_OBJECT(buf,i,oid,-1); diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c index 80ab6855af..2b5f43e3cc 100644 --- a/crypto/objects/obj_err.c +++ b/crypto/objects/obj_err.c @@ -1,6 +1,6 @@ /* crypto/objects/obj_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -66,8 +66,10 @@ #ifndef OPENSSL_NO_ERR static ERR_STRING_DATA OBJ_str_functs[]= { +{ERR_PACK(0,OBJ_F_OBJ_ADD_OBJECT,0), "OBJ_add_object"}, {ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"}, {ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"}, +{ERR_PACK(0,OBJ_F_OBJ_NAME_NEW_INDEX,0), "OBJ_NAME_new_index"}, {ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"}, {ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"}, {ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"}, diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h index de10532813..f859d859b8 100644 --- a/crypto/objects/objects.h +++ b/crypto/objects/objects.h @@ -1026,8 +1026,10 @@ void ERR_load_OBJ_strings(void); /* Error codes for the OBJ functions. */ /* Function codes. */ +#define OBJ_F_OBJ_ADD_OBJECT 105 #define OBJ_F_OBJ_CREATE 100 #define OBJ_F_OBJ_DUP 101 +#define OBJ_F_OBJ_NAME_NEW_INDEX 106 #define OBJ_F_OBJ_NID2LN 102 #define OBJ_F_OBJ_NID2OBJ 103 #define OBJ_F_OBJ_NID2SN 104 diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 7785039b99..deb5b6083f 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -301,7 +301,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, if ((dsize=i2d(x,NULL)) < 0) { - PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); + PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_ASN1_LIB); dsize=0; goto err; } diff --git a/crypto/pkcs12/p12_init.c b/crypto/pkcs12/p12_init.c index eb837a78cf..5276b12669 100644 --- a/crypto/pkcs12/p12_init.c +++ b/crypto/pkcs12/p12_init.c @@ -76,15 +76,17 @@ PKCS12 *PKCS12_init (int mode) if (!(pkcs12->authsafes->d.data = M_ASN1_OCTET_STRING_new())) { PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } break; default: - PKCS12err(PKCS12_F_PKCS12_INIT,PKCS12_R_UNSUPPORTED_PKCS12_MODE); - PKCS12_free(pkcs12); - return NULL; - break; + PKCS12err(PKCS12_F_PKCS12_INIT, + PKCS12_R_UNSUPPORTED_PKCS12_MODE); + goto err; } return pkcs12; +err: + if (pkcs12 != NULL) PKCS12_free(pkcs12); + return NULL; } diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c index 885087ad00..2b31999e11 100644 --- a/crypto/pkcs12/p12_kiss.c +++ b/crypto/pkcs12/p12_kiss.c @@ -249,14 +249,26 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate ) return 1; if (!(x509 = PKCS12_certbag2x509(bag))) return 0; - if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length); + if(ckid) + { + if (!X509_keyid_set1(x509, ckid->data, ckid->length)) + { + X509_free(x509); + return 0; + } + } if(fname) { - int len; + int len, r; unsigned char *data; len = ASN1_STRING_to_UTF8(&data, fname); if(len > 0) { - X509_alias_set1(x509, data, len); + r = X509_alias_set1(x509, data, len); OPENSSL_free(data); + if (!r) + { + X509_free(x509); + return 0; + } } } diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 0fb67f74b8..4886b9b289 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -148,7 +148,10 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } - ASN1_INTEGER_set(p12->mac->iter, iter); + if (!ASN1_INTEGER_set(p12->mac->iter, iter)) { + PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); + return 0; + } } if (!saltlen) saltlen = PKCS12_SALT_LEN; p12->mac->salt->length = saltlen; diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index b78e22819c..4ac29ae14d 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -239,7 +239,13 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) OPENSSL_free(tmp); goto err; } - M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); + if (!M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj)) + { + PKCS7err(PKCS7_F_PKCS7_DATAINIT, + ERR_R_MALLOC_FAILURE); + OPENSSL_free(tmp); + goto err; + } } OPENSSL_free(tmp); OPENSSL_cleanse(key, keylen); @@ -520,12 +526,20 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) case NID_pkcs7_signedAndEnveloped: /* XXXXXXXXXXXXXXXX */ si_sk=p7->d.signed_and_enveloped->signer_info; - os=M_ASN1_OCTET_STRING_new(); + if (!(os=M_ASN1_OCTET_STRING_new())) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE); + goto err; + } p7->d.signed_and_enveloped->enc_data->enc_data=os; break; case NID_pkcs7_enveloped: /* XXXXXXXXXXXXXXXX */ - os=M_ASN1_OCTET_STRING_new(); + if (!(os=M_ASN1_OCTET_STRING_new())) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE); + goto err; + } p7->d.enveloped->enc_data->enc_data=os; break; case NID_pkcs7_signed: @@ -599,7 +613,12 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) { - sign_time=X509_gmtime_adj(NULL,0); + if (!(sign_time=X509_gmtime_adj(NULL,0))) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN, + ERR_R_MALLOC_FAILURE); + goto err; + } PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, V_ASN1_UTCTIME,sign_time); @@ -608,8 +627,19 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) /* Add digest */ md_tmp=EVP_MD_CTX_md(&ctx_tmp); EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len); - digest=M_ASN1_OCTET_STRING_new(); - M_ASN1_OCTET_STRING_set(digest,md_data,md_len); + if (!(digest=M_ASN1_OCTET_STRING_new())) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN, + ERR_R_MALLOC_FAILURE); + goto err; + } + if (!M_ASN1_OCTET_STRING_set(digest,md_data, + md_len)) + { + PKCS7err(PKCS7_F_PKCS7_DATASIGN, + ERR_R_MALLOC_FAILURE); + goto err; + } PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest, V_ASN1_OCTET_STRING,digest); diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 985b07245c..6cf7cad17c 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -164,7 +164,12 @@ int PKCS7_set_type(PKCS7 *p7, int type) p7->type=obj; if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL) goto err; - ASN1_INTEGER_set(p7->d.sign->version,1); + if (!ASN1_INTEGER_set(p7->d.sign->version,1)) + { + PKCS7_SIGNED_free(p7->d.sign); + p7->d.sign=NULL; + goto err; + } break; case NID_pkcs7_data: p7->type=obj; @@ -176,6 +181,9 @@ int PKCS7_set_type(PKCS7 *p7, int type) if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) == NULL) goto err; ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1); + if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1)) + goto err; + break; p7->d.signed_and_enveloped->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data); break; @@ -183,7 +191,8 @@ int PKCS7_set_type(PKCS7 *p7, int type) p7->type=obj; if ((p7->d.enveloped=PKCS7_ENVELOPE_new()) == NULL) goto err; - ASN1_INTEGER_set(p7->d.enveloped->version,0); + if (!ASN1_INTEGER_set(p7->d.enveloped->version,0)) + goto err; p7->d.enveloped->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data); break; @@ -191,7 +200,8 @@ int PKCS7_set_type(PKCS7 *p7, int type) p7->type=obj; if ((p7->d.encrypted=PKCS7_ENCRYPT_new()) == NULL) goto err; - ASN1_INTEGER_set(p7->d.encrypted->version,0); + if (!ASN1_INTEGER_set(p7->d.encrypted->version,0)) + goto err; p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data); break; @@ -318,15 +328,18 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, if (pkey->type == EVP_PKEY_DSA) is_dsa = 1; else is_dsa = 0; /* We now need to add another PKCS7_SIGNER_INFO entry */ - ASN1_INTEGER_set(p7i->version,1); - X509_NAME_set(&p7i->issuer_and_serial->issuer, - X509_get_issuer_name(x509)); + if (!ASN1_INTEGER_set(p7i->version,1)) + goto err; + if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, + X509_get_issuer_name(x509))) + goto err; /* because ASN1_INTEGER_set is used to set a 'long' we will do * things the ugly way. */ M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); - p7i->issuer_and_serial->serial= - M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); + if (!(p7i->issuer_and_serial->serial= + M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) + goto err; /* lets keep the pkey around for a while */ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); @@ -423,16 +436,20 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) { - ASN1_INTEGER_set(p7i->version,0); - X509_NAME_set(&p7i->issuer_and_serial->issuer, - X509_get_issuer_name(x509)); + if (!ASN1_INTEGER_set(p7i->version,0)) + return 0; + if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, + X509_get_issuer_name(x509))) + return 0; M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); - p7i->issuer_and_serial->serial= - M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); + if (!(p7i->issuer_and_serial->serial= + M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) + return 0; X509_ALGOR_free(p7i->key_enc_algor); - p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor); + if (!(p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor))) + return 0; CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); p7i->cert=x509; diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index f462716a57..24fc94835e 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -139,8 +139,11 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, ret=1; err: if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); - OPENSSL_cleanse(s,(unsigned int)siglen); - OPENSSL_free(s); + if (s != NULL) + { + OPENSSL_cleanse(s,(unsigned int)siglen); + OPENSSL_free(s); + } return(ret); } diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 8a1e642183..cee09eccb1 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -169,7 +169,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, } if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); - return(0); + goto err; } i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); @@ -222,8 +222,11 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, } err: if (sig != NULL) X509_SIG_free(sig); - OPENSSL_cleanse(s,(unsigned int)siglen); - OPENSSL_free(s); + if (s != NULL) + { + OPENSSL_cleanse(s,(unsigned int)siglen); + OPENSSL_free(s); + } return(ret); } diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index db051033d9..fb8a78dabe 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -92,8 +92,10 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) X509_set_subject_name(ret,X509_NAME_dup(xn)); X509_set_issuer_name(ret,X509_NAME_dup(xn)); - X509_gmtime_adj(xi->validity->notBefore,0); - X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days); + if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL) + goto err; + if (X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days) == NULL) + goto err; X509_set_pubkey(ret,X509_REQ_get_pubkey(r)); diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 028139bb03..8c61ea0cba 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -914,7 +914,8 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) atm.length=sizeof(buff2); atm.data=(unsigned char *)buff2; - X509_time_adj(&atm,-offset*60, cmp_time); + if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL) + return 0; if (ctm->type == V_ASN1_UTCTIME) { diff --git a/crypto/x509v3/v3_bitst.c b/crypto/x509v3/v3_bitst.c index 16cf125562..274965306d 100644 --- a/crypto/x509v3/v3_bitst.c +++ b/crypto/x509v3/v3_bitst.c @@ -124,7 +124,12 @@ static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, for(bnam = method->usr_data; bnam->lname; bnam++) { if(!strcmp(bnam->sname, val->name) || !strcmp(bnam->lname, val->name) ) { - ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1); + if(!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) { + X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, + ERR_R_MALLOC_FAILURE); + M_ASN1_BIT_STRING_free(bs); + return NULL; + } break; } } diff --git a/crypto/x509v3/v3_ia5.c b/crypto/x509v3/v3_ia5.c index f9414456de..9683afa47c 100644 --- a/crypto/x509v3/v3_ia5.c +++ b/crypto/x509v3/v3_ia5.c @@ -82,7 +82,10 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { char *tmp; if(!ia5 || !ia5->length) return NULL; - if (!(tmp = OPENSSL_malloc(ia5->length + 1))) return NULL; + if(!(tmp = OPENSSL_malloc(ia5->length + 1))) { + X509V3err(X509V3_F_I2S_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); + return NULL; + } memcpy(tmp, ia5->data, ia5->length); tmp[ia5->length] = 0; return tmp; diff --git a/crypto/x509v3/v3err.c b/crypto/x509v3/v3err.c index 6458e95bb9..000ddbc388 100644 --- a/crypto/x509v3/v3err.c +++ b/crypto/x509v3/v3err.c @@ -1,6 +1,6 @@ /* crypto/x509v3/v3err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -72,6 +72,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"}, {ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"}, {ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"}, +{ERR_PACK(0,X509V3_F_I2S_ASN1_IA5STRING,0), "I2S_ASN1_IA5STRING"}, {ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"}, {ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0), "I2V_AUTHORITY_INFO_ACCESS"}, {ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"}, diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index d0f559eae0..f220ca5e3e 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -565,6 +565,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_DO_EXT_I2D 135 #define X509V3_F_HEX_TO_STRING 111 #define X509V3_F_I2S_ASN1_ENUMERATED 121 +#define X509V3_F_I2S_ASN1_IA5STRING 142 #define X509V3_F_I2S_ASN1_INTEGER 120 #define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 #define X509V3_F_NOTICE_SECTION 132