From 05bbbe920422c3789c37f37231fb12832841f64f Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 11 Oct 2010 23:28:54 +0000 Subject: [PATCH] PR: 2295 Submitted by: Alexei Khlebnikov Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination. --- crypto/bn/bn_exp2.c | 3 ++- crypto/dsa/dsa_ossl.c | 3 ++- crypto/evp/enc_min.c | 1 + crypto/pkcs12/p12_key.c | 38 ++++++++++++++++++++++---------------- crypto/rsa/rsa_eay.c | 2 +- crypto/x509v3/v3_ncons.c | 1 - 6 files changed, 28 insertions(+), 20 deletions(-) diff --git a/crypto/bn/bn_exp2.c b/crypto/bn/bn_exp2.c index b3f43cec8c..bd0c34b91b 100644 --- a/crypto/bn/bn_exp2.c +++ b/crypto/bn/bn_exp2.c @@ -301,7 +301,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, r_is_one = 0; } } - BN_from_montgomery(rr,r,mont,ctx); + if (!BN_from_montgomery(rr,r,mont,ctx)) + goto err; ret=1; err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 412cf1d88b..1727760806 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -178,7 +178,8 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ if (BN_cmp(s,dsa->q) > 0) - BN_sub(s,s,dsa->q); + if (!BN_sub(s,s,dsa->q)) + goto err; if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; ret=DSA_SIG_new(); diff --git a/crypto/evp/enc_min.c b/crypto/evp/enc_min.c index 7fba38ee24..a8c176fb3e 100644 --- a/crypto/evp/enc_min.c +++ b/crypto/evp/enc_min.c @@ -279,6 +279,7 @@ skip_to_init: case EVP_CIPH_OFB_MODE: ctx->num = 0; + /* fall-through */ case EVP_CIPH_CBC_MODE: diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 5cfe7278df..03cbcd8ab3 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -110,6 +110,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, unsigned char *B, *D, *I, *p, *Ai; int Slen, Plen, Ilen, Ijlen; int i, j, u, v; + int ret = 0; BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */ EVP_MD_CTX ctx; #ifdef DEBUG_KEYGEN @@ -145,10 +146,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, I = OPENSSL_malloc (Ilen); Ij = BN_new(); Bpl1 = BN_new(); - if (!D || !Ai || !B || !I || !Ij || !Bpl1) { - PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE); - return 0; - } + if (!D || !Ai || !B || !I || !Ij || !Bpl1) + goto err; for (i = 0; i < v; i++) D[i] = id; p = I; for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen]; @@ -165,28 +164,22 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, } memcpy (out, Ai, min (n, u)); if (u >= n) { - OPENSSL_free (Ai); - OPENSSL_free (B); - OPENSSL_free (D); - OPENSSL_free (I); - BN_free (Ij); - BN_free (Bpl1); - EVP_MD_CTX_cleanup(&ctx); #ifdef DEBUG_KEYGEN fprintf(stderr, "Output KEY (length %d)\n", tmpn); h__dump(tmpout, tmpn); #endif - return 1; + ret = 1; + goto end; } n -= u; out += u; for (j = 0; j < v; j++) B[j] = Ai[j % u]; /* Work out B + 1 first then can use B as tmp space */ - BN_bin2bn (B, v, Bpl1); - BN_add_word (Bpl1, 1); + if (!BN_bin2bn (B, v, Bpl1)) goto err; + if (!BN_add_word (Bpl1, 1)) goto err; for (j = 0; j < Ilen ; j+=v) { - BN_bin2bn (I + j, v, Ij); - BN_add (Ij, Ij, Bpl1); + if (!BN_bin2bn (I + j, v, Ij)) goto err; + if (!BN_add (Ij, Ij, Bpl1)) goto err; BN_bn2bin (Ij, B); Ijlen = BN_num_bytes (Ij); /* If more than 2^(v*8) - 1 cut off MSB */ @@ -202,6 +195,19 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, } else BN_bn2bin (Ij, I + j); } } + +err: + PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE); + +end: + OPENSSL_free (Ai); + OPENSSL_free (B); + OPENSSL_free (D); + OPENSSL_free (I); + BN_free (Ij); + BN_free (Bpl1); + EVP_MD_CTX_cleanup(&ctx); + return ret; } #ifdef DEBUG_KEYGEN void h__dump (unsigned char *p, int len) diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 0ac6418449..412d0eacf7 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -673,7 +673,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, rsa->_method_mod_n)) goto err; if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12)) - BN_sub(ret, rsa->n, ret); + if (!BN_sub(ret, rsa->n, ret)) goto err; p=buf; i=BN_bn2bin(ret,p); diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c index 4e706be3e1..624fe7e23b 100644 --- a/crypto/x509v3/v3_ncons.c +++ b/crypto/x509v3/v3_ncons.c @@ -182,7 +182,6 @@ static int do_i2r_name_constraints(X509V3_EXT_METHOD *method, print_nc_ipadd(bp, tree->base->d.ip); else GENERAL_NAME_print(bp, tree->base); - tree = sk_GENERAL_SUBTREE_value(trees, i); BIO_puts(bp, "\n"); } return 1; -- 2.25.1