From 80afb40ae34594b23d3c2cbeb8f653aac4634eca Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 13 Sep 2009 11:27:27 +0000 Subject: [PATCH] Submitted by: Julia Lawall The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(), CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix so the return code is checked correctly. --- CHANGES | 10 ++++++++++ apps/ts.c | 2 +- crypto/cms/cms_ess.c | 4 ++-- crypto/cryptlib.c | 2 +- crypto/engine/eng_ctrl.c | 8 ++++---- crypto/rsa/rsa_pss.c | 2 +- ssl/d1_enc.c | 2 +- ssl/s3_clnt.c | 2 +- 8 files changed, 21 insertions(+), 11 deletions(-) diff --git a/CHANGES b/CHANGES index 17fd386345..fab83ce003 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.8k and 1.0 [xx XXX xxxx] + *) The function EVP_PKEY_sign() returns <=0 on error: check return code + correctly. + [Julia Lawall ] + *) Update verify callback code in apps/s_cb.c and apps/verify.c, it needlessly dereferenced structures, used obsolete functions and didn't handle all updated verify codes correctly. @@ -819,6 +823,12 @@ Changes between 0.9.8k and 0.9.8l [xx XXX xxxx] + *) The functions ENGINE_ctrl(), OPENSSL_isservice(), + CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error + fixes for a few places where the return code is not checked + correctly. + [Julia Lawall ] + *) Add --strict-warnings option to Configure script to include devteam warnings in other configurations. [Steve Henson] diff --git a/apps/ts.c b/apps/ts.c index d73b4eb5ad..bedb602fd5 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -649,7 +649,7 @@ static ASN1_INTEGER *create_nonce(int bits) /* Generating random byte sequence. */ if (len > (int)sizeof(buf)) goto err; - if (!RAND_bytes(buf, len)) goto err; + if (RAND_bytes(buf, len) <= 0) goto err; /* Find the first non-zero byte and creating ASN1_INTEGER object. */ for (i = 0; i < len && !buf[i]; ++i); diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c index deb67ddde5..90c0b82fb5 100644 --- a/crypto/cms/cms_ess.c +++ b/crypto/cms/cms_ess.c @@ -344,7 +344,7 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms) /* Get original receipt request details */ - if (!CMS_get1_ReceiptRequest(osi, &rr)) + if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) { CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST); goto err; @@ -385,7 +385,7 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si) /* Get original receipt request details */ - if (!CMS_get1_ReceiptRequest(si, &rr)) + if (CMS_get1_ReceiptRequest(si, &rr) <= 0) { CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST); goto err; diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 41be45d620..9a39d7e171 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -847,7 +847,7 @@ void OPENSSL_showfatal (const char *fmta,...) #if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 /* this -------------v--- guards NT-specific calls */ - if (GetVersion() < 0x80000000 && OPENSSL_isservice()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0) { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); const TCHAR *pmsg=buf; ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c index 95b6b455aa..5ce25d92ec 100644 --- a/crypto/engine/eng_ctrl.c +++ b/crypto/engine/eng_ctrl.c @@ -280,7 +280,7 @@ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, } /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if (ENGINE_ctrl(e, num, i, p, f)) + if (ENGINE_ctrl(e, num, i, p, f) > 0) return 1; return 0; } @@ -345,7 +345,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, * usage of these commands is consistent across applications and * that certain applications don't understand it one way, and * others another. */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL)) + if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; } @@ -360,7 +360,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, if(flags & ENGINE_CMD_FLAG_STRING) { /* Same explanation as above */ - if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL)) + if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) return 1; return 0; } @@ -383,7 +383,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, } /* Force the result of the control command to 0 or 1, for the reasons * mentioned before. */ - if(ENGINE_ctrl(e, num, l, NULL, NULL)) + if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0) return 1; return 0; } diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index 775c36114f..ac211e2ffe 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -222,7 +222,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, ERR_R_MALLOC_FAILURE); goto err; } - if (!RAND_bytes(salt, sLen)) + if (RAND_bytes(salt, sLen) <= 0) goto err; } maskedDBLen = emLen - hLen - 1; diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c index 7f3e57fc1e..8fa57347a9 100644 --- a/ssl/d1_enc.c +++ b/ssl/d1_enc.c @@ -155,7 +155,7 @@ int dtls1_enc(SSL *s, int send) __FILE__, __LINE__); else if ( EVP_CIPHER_block_size(ds->cipher) > 1) { - if (!RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher))) + if (RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)) <= 0) return -1; } } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 861ce30138..a62ffd5eb3 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -2707,7 +2707,7 @@ int ssl3_send_client_verify(SSL *s) s->method->ssl3_enc->cert_verify_mac(s, NID_id_GostR3411_94, data); - if (!EVP_PKEY_sign(pctx,signbuf,&sigsize,data,32)) { + if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) { SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR); goto err; -- 2.25.1