From 036ee3706352970a15300b5cd4bf0b2cb370e12a Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 28 Apr 2020 08:41:20 +0200 Subject: [PATCH] EVP: Fix evp_keymgmt_util_copy() for to->keymgmt == NULL evp_keymgmt_util_copy() didn't treat the case to->keymgmt correctly. The proper change is to use from->keymgmt when to->keymgmt is NULL. Fixes coverity #1462553 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/11668) --- crypto/evp/keymgmt_lib.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c index 3493ceb3cb..54805d741d 100644 --- a/crypto/evp/keymgmt_lib.c +++ b/crypto/evp/keymgmt_lib.c @@ -346,10 +346,19 @@ int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection) if (from == NULL || from->keydata == NULL) return 0; + /* + * If |to| is unassigned, ensure it gets the same KEYMGMT as |from|, + * Note that the final setting of KEYMGMT is done further down, with + * EVP_PKEY_set_type_by_keymgmt(); we don't want to do that prematurely. + */ + if (to_keymgmt == NULL) + to_keymgmt = from->keymgmt; + if (to_keymgmt == from->keymgmt && to_keymgmt->copy != NULL) { /* Make sure there's somewhere to copy to */ if (to_keydata == NULL - && (to_keydata = evp_keymgmt_newdata(to_keymgmt)) == NULL) { + && ((to_keydata = alloc_keydata = evp_keymgmt_newdata(to_keymgmt)) + == NULL)) { ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); return 0; } @@ -375,10 +384,11 @@ int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection) } /* - * In this case to_keydata was previously unallocated, try_import() + * In case to_keydata was previously unallocated, try_import() * may have created it for us. */ - to_keydata = import_data.keydata; + if (to_keydata == NULL) + to_keydata = alloc_keydata = import_data.keydata; } else { ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES); return 0; -- 2.25.1