From e5a5e3f3db5832f7ba4eff8016bad00f37dada58 Mon Sep 17 00:00:00 2001 From: FdaSilvaYY Date: Sun, 14 Feb 2016 10:42:29 +0100 Subject: [PATCH] Add checks on CRYPTO_set_ex_data return value Fix possible leak in danetest.c Reviewed-by: Rich Salz Reviewed-by: Matt Caswell --- crypto/engine/eng_dyn.c | 11 +++++++---- test/danetest.c | 8 +++++--- util/indent.pro | 3 --- 3 files changed, 12 insertions(+), 10 deletions(-) diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c index af9942c082..718599f6d9 100644 --- a/crypto/engine/eng_dyn.c +++ b/crypto/engine/eng_dyn.c @@ -154,6 +154,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr, static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) { dynamic_data_ctx *c = OPENSSL_zalloc(sizeof(*c)); + int ret = 1; if (c == NULL) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); @@ -173,9 +174,11 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) dynamic_ex_data_idx)) == NULL) { /* Good, we're the first */ - ENGINE_set_ex_data(e, dynamic_ex_data_idx, c); - *ctx = c; - c = NULL; + ret = ENGINE_set_ex_data(e, dynamic_ex_data_idx, c); + if (ret) { + *ctx = c; + c = NULL; + } } CRYPTO_THREAD_unlock(global_engine_lock); /* @@ -185,7 +188,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) if (c) sk_OPENSSL_STRING_free(c->dirs); OPENSSL_free(c); - return 1; + return ret; } /* diff --git a/test/danetest.c b/test/danetest.c index d914c45d05..d473b12689 100644 --- a/test/danetest.c +++ b/test/danetest.c @@ -74,7 +74,7 @@ static void print_errors(void) static int verify_chain(SSL *ssl, STACK_OF(X509) *chain) { - int ret; + int ret = -1; X509_STORE_CTX *store_ctx; SSL_CTX *ssl_ctx = SSL_get_SSL_CTX(ssl); X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx); @@ -85,8 +85,9 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain) return -1; if (!X509_STORE_CTX_init(store_ctx, store, cert, chain)) - return 0; - X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl); + goto end; + if (!X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl)) + goto end; X509_STORE_CTX_set_default(store_ctx, SSL_is_server(ssl) ? "ssl_client" : "ssl_server"); @@ -101,6 +102,7 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain) SSL_set_verify_result(ssl, X509_STORE_CTX_get_error(store_ctx)); X509_STORE_CTX_cleanup(store_ctx); +end: X509_STORE_CTX_free(store_ctx); return (ret); diff --git a/util/indent.pro b/util/indent.pro index b7958e31aa..71997cb41b 100644 --- a/util/indent.pro +++ b/util/indent.pro @@ -187,11 +187,8 @@ -T CRYPTO_EX_DATA_FUNCS -T CRYPTO_EX_DATA_IMPL -T CRYPTO_EX_dup --T CRYPTO_EX_dup --T CRYPTO_EX_free -T CRYPTO_EX_free -T CRYPTO_EX_new --T CRYPTO_EX_new -T CRYPTO_MEM_LEAK_CB -T CRYPTO_THREADID -T CRYPTO_dynlock_value -- 2.25.1