diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-06-27 04:21:10 +0200 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-06-27 15:35:07 +0200 |
commit | d2aea038297e0c64ca66e6844cbb37377365885e (patch) | |
tree | 13e11f5b4a91e0dc5316bb7c6fb7203c313be84b /crypto/asn1 | |
parent | Make sure BN_sqr can never return a negative value. (diff) | |
download | openssl-d2aea038297e0c64ca66e6844cbb37377365885e.tar.xz openssl-d2aea038297e0c64ca66e6844cbb37377365885e.zip |
Memory leak and NULL dereference fixes.
PR#3403
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/a_utctm.c | 19 | ||||
-rw-r--r-- | crypto/asn1/ameth_lib.c | 7 | ||||
-rw-r--r-- | crypto/asn1/asn_mime.c | 2 | ||||
-rw-r--r-- | crypto/asn1/asn_pack.c | 12 | ||||
-rw-r--r-- | crypto/asn1/bio_asn1.c | 3 | ||||
-rw-r--r-- | crypto/asn1/evp_asn1.c | 6 | ||||
-rw-r--r-- | crypto/asn1/t_x509.c | 2 | ||||
-rw-r--r-- | crypto/asn1/tasn_enc.c | 7 |
8 files changed, 48 insertions, 10 deletions
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c index 2da5f255c6..468123cc6f 100644 --- a/crypto/asn1/a_utctm.c +++ b/crypto/asn1/a_utctm.c @@ -240,24 +240,29 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, struct tm *ts; struct tm data; size_t len = 20; + int free_s = 0; if (s == NULL) + { + free_s = 1; s=M_ASN1_UTCTIME_new(); + } if (s == NULL) - return(NULL); + goto err; + ts=OPENSSL_gmtime(&t, &data); if (ts == NULL) - return(NULL); + goto err; if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) - return NULL; + goto err; } if((ts->tm_year < 50) || (ts->tm_year >= 150)) - return NULL; + goto err; p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) @@ -266,7 +271,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, if (p == NULL) { ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); - return(NULL); + goto err; } if (s->data != NULL) OPENSSL_free(s->data); @@ -281,6 +286,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, ebcdic2ascii(s->data, s->data, s->length); #endif return(s); + err: + if (free_s && s) + M_ASN1_UTCTIME_free(s); + return NULL; } diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index f317204d9c..7df3076e3f 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -262,7 +262,12 @@ int EVP_PKEY_asn1_add_alias(int to, int from) if (!ameth) return 0; ameth->pkey_base_id = to; - return EVP_PKEY_asn1_add0(ameth); + if (!EVP_PKEY_asn1_add0(ameth)) + { + EVP_PKEY_asn1_free(ameth); + return 0; + } + return 1; } int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags, diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 120889350c..116c3e7c60 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -683,6 +683,8 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) int len, state, save_state = 0; headers = sk_MIME_HEADER_new(mime_hdr_cmp); + if (!headers) + return NULL; while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { /* If whitespace at line start then continuation line */ if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME; diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index ad738217d7..00dbf5ad3c 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct) if (!(octmp->length = i2d(obj, NULL))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); - return NULL; + goto err; } if (!(p = OPENSSL_malloc (octmp->length))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } octmp->data = p; i2d (obj, &p); return octmp; + err: + if (!oct || !*oct) + { + ASN1_STRING_free(octmp); + if (oct) + *oct = NULL; + } + return NULL; } #endif diff --git a/crypto/asn1/bio_asn1.c b/crypto/asn1/bio_asn1.c index dc7efd551c..bca4eebf6d 100644 --- a/crypto/asn1/bio_asn1.c +++ b/crypto/asn1/bio_asn1.c @@ -154,7 +154,10 @@ static int asn1_bio_new(BIO *b) if (!ctx) return 0; if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) + { + OPENSSL_free(ctx); return 0; + } b->init = 1; b->ptr = (char *)ctx; b->flags = 0; diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c index f3d9804860..1b9445973e 100644 --- a/crypto/asn1/evp_asn1.c +++ b/crypto/asn1/evp_asn1.c @@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len) ASN1_STRING *os; if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0); - if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0); + if (!M_ASN1_OCTET_STRING_set(os,data,len)) + { + M_ASN1_OCTET_STRING_free(os); + return 0; + } ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os); return(1); } diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 8eb0b79a91..111ea5aaac 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -493,6 +493,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) l=80-2-obase; b=X509_NAME_oneline(name,NULL,0); + if (!b) + return 0; if (!*b) { OPENSSL_free(b); diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index 936ad1f767..1390e5e6ae 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, { derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); + if (!derlst) + return 0; tmpdat = OPENSSL_malloc(skcontlen); - if (!derlst || !tmpdat) + if (!tmpdat) + { + OPENSSL_free(derlst); return 0; + } } } /* If not sorting just output each item */ |