summaryrefslogtreecommitdiffstats
path: root/crypto/asn1
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2014-06-27 04:21:10 +0200
committerDr. Stephen Henson <steve@openssl.org>2014-06-27 15:35:07 +0200
commitd2aea038297e0c64ca66e6844cbb37377365885e (patch)
tree13e11f5b4a91e0dc5316bb7c6fb7203c313be84b /crypto/asn1
parentMake sure BN_sqr can never return a negative value. (diff)
downloadopenssl-d2aea038297e0c64ca66e6844cbb37377365885e.tar.xz
openssl-d2aea038297e0c64ca66e6844cbb37377365885e.zip
Memory leak and NULL dereference fixes.
PR#3403
Diffstat (limited to 'crypto/asn1')
-rw-r--r--crypto/asn1/a_utctm.c19
-rw-r--r--crypto/asn1/ameth_lib.c7
-rw-r--r--crypto/asn1/asn_mime.c2
-rw-r--r--crypto/asn1/asn_pack.c12
-rw-r--r--crypto/asn1/bio_asn1.c3
-rw-r--r--crypto/asn1/evp_asn1.c6
-rw-r--r--crypto/asn1/t_x509.c2
-rw-r--r--crypto/asn1/tasn_enc.c7
8 files changed, 48 insertions, 10 deletions
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index 2da5f255c6..468123cc6f 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -240,24 +240,29 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
struct tm *ts;
struct tm data;
size_t len = 20;
+ int free_s = 0;
if (s == NULL)
+ {
+ free_s = 1;
s=M_ASN1_UTCTIME_new();
+ }
if (s == NULL)
- return(NULL);
+ goto err;
+
ts=OPENSSL_gmtime(&t, &data);
if (ts == NULL)
- return(NULL);
+ goto err;
if (offset_day || offset_sec)
{
if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
- return NULL;
+ goto err;
}
if((ts->tm_year < 50) || (ts->tm_year >= 150))
- return NULL;
+ goto err;
p=(char *)s->data;
if ((p == NULL) || ((size_t)s->length < len))
@@ -266,7 +271,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
if (p == NULL)
{
ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE);
- return(NULL);
+ goto err;
}
if (s->data != NULL)
OPENSSL_free(s->data);
@@ -281,6 +286,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
ebcdic2ascii(s->data, s->data, s->length);
#endif
return(s);
+ err:
+ if (free_s && s)
+ M_ASN1_UTCTIME_free(s);
+ return NULL;
}
diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
index f317204d9c..7df3076e3f 100644
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -262,7 +262,12 @@ int EVP_PKEY_asn1_add_alias(int to, int from)
if (!ameth)
return 0;
ameth->pkey_base_id = to;
- return EVP_PKEY_asn1_add0(ameth);
+ if (!EVP_PKEY_asn1_add0(ameth))
+ {
+ EVP_PKEY_asn1_free(ameth);
+ return 0;
+ }
+ return 1;
}
int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags,
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index 120889350c..116c3e7c60 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -683,6 +683,8 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
int len, state, save_state = 0;
headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+ if (!headers)
+ return NULL;
while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
/* If whitespace at line start then continuation line */
if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c
index ad738217d7..00dbf5ad3c 100644
--- a/crypto/asn1/asn_pack.c
+++ b/crypto/asn1/asn_pack.c
@@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
if (!(octmp->length = i2d(obj, NULL))) {
ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
- return NULL;
+ goto err;
}
if (!(p = OPENSSL_malloc (octmp->length))) {
ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
+ goto err;
}
octmp->data = p;
i2d (obj, &p);
return octmp;
+ err:
+ if (!oct || !*oct)
+ {
+ ASN1_STRING_free(octmp);
+ if (oct)
+ *oct = NULL;
+ }
+ return NULL;
}
#endif
diff --git a/crypto/asn1/bio_asn1.c b/crypto/asn1/bio_asn1.c
index dc7efd551c..bca4eebf6d 100644
--- a/crypto/asn1/bio_asn1.c
+++ b/crypto/asn1/bio_asn1.c
@@ -154,7 +154,10 @@ static int asn1_bio_new(BIO *b)
if (!ctx)
return 0;
if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE))
+ {
+ OPENSSL_free(ctx);
return 0;
+ }
b->init = 1;
b->ptr = (char *)ctx;
b->flags = 0;
diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c
index f3d9804860..1b9445973e 100644
--- a/crypto/asn1/evp_asn1.c
+++ b/crypto/asn1/evp_asn1.c
@@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
ASN1_STRING *os;
if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0);
- if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0);
+ if (!M_ASN1_OCTET_STRING_set(os,data,len))
+ {
+ M_ASN1_OCTET_STRING_free(os);
+ return 0;
+ }
ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os);
return(1);
}
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index 8eb0b79a91..111ea5aaac 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -493,6 +493,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
l=80-2-obase;
b=X509_NAME_oneline(name,NULL,0);
+ if (!b)
+ return 0;
if (!*b)
{
OPENSSL_free(b);
diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
index 936ad1f767..1390e5e6ae 100644
--- a/crypto/asn1/tasn_enc.c
+++ b/crypto/asn1/tasn_enc.c
@@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
{
derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
* sizeof(*derlst));
+ if (!derlst)
+ return 0;
tmpdat = OPENSSL_malloc(skcontlen);
- if (!derlst || !tmpdat)
+ if (!tmpdat)
+ {
+ OPENSSL_free(derlst);
return 0;
+ }
}
}
/* If not sorting just output each item */