summaryrefslogtreecommitdiffstats
path: root/crypto/x509
diff options
context:
space:
mode:
authorRichard Levitte <levitte@openssl.org>2022-09-29 13:57:34 +0200
committerRichard Levitte <levitte@openssl.org>2022-10-05 14:02:03 +0200
commite077455e9e57ed4ee4676996b4a9aa11df6327a6 (patch)
treeedcb7412024f95fbc97c2c7a780f78ad05d586e3 /crypto/x509
parentAdapt CRYPTO_secure_malloc() like CRYPTO_malloc() (diff)
downloadopenssl-e077455e9e57ed4ee4676996b4a9aa11df6327a6.tar.xz
openssl-e077455e9e57ed4ee4676996b4a9aa11df6327a6.zip
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
Diffstat (limited to 'crypto/x509')
-rw-r--r--crypto/x509/by_dir.c21
-rw-r--r--crypto/x509/by_file.c2
-rw-r--r--crypto/x509/pcy_cache.c10
-rw-r--r--crypto/x509/pcy_data.c3
-rw-r--r--crypto/x509/pcy_node.c12
-rw-r--r--crypto/x509/pcy_tree.c5
-rw-r--r--crypto/x509/v3_addr.c14
-rw-r--r--crypto/x509/v3_akid.c13
-rw-r--r--crypto/x509/v3_asid.c24
-rw-r--r--crypto/x509/v3_bcons.c2
-rw-r--r--crypto/x509/v3_bitst.c4
-rw-r--r--crypto/x509/v3_conf.c31
-rw-r--r--crypto/x509/v3_cpols.c106
-rw-r--r--crypto/x509/v3_crld.c40
-rw-r--r--crypto/x509/v3_extku.c2
-rw-r--r--crypto/x509/v3_ia5.c13
-rw-r--r--crypto/x509/v3_info.c13
-rw-r--r--crypto/x509/v3_ist.c10
-rw-r--r--crypto/x509/v3_lib.c10
-rw-r--r--crypto/x509/v3_ncons.c24
-rw-r--r--crypto/x509/v3_pci.c8
-rw-r--r--crypto/x509/v3_pcons.c2
-rw-r--r--crypto/x509/v3_pmaps.c4
-rw-r--r--crypto/x509/v3_purp.c12
-rw-r--r--crypto/x509/v3_san.c16
-rw-r--r--crypto/x509/v3_skid.c2
-rw-r--r--crypto/x509/v3_sxnet.c25
-rw-r--r--crypto/x509/v3_tlsf.c4
-rw-r--r--crypto/x509/v3_utf8.c8
-rw-r--r--crypto/x509/v3_utl.c26
-rw-r--r--crypto/x509/x509_att.c34
-rw-r--r--crypto/x509/x509_cmp.c4
-rw-r--r--crypto/x509/x509_lu.c32
-rw-r--r--crypto/x509/x509_meth.c4
-rw-r--r--crypto/x509/x509_obj.c10
-rw-r--r--crypto/x509/x509_r2x.c2
-rw-r--r--crypto/x509/x509_req.c2
-rw-r--r--crypto/x509/x509_trust.c12
-rw-r--r--crypto/x509/x509_v3.c20
-rw-r--r--crypto/x509/x509_vfy.c90
-rw-r--r--crypto/x509/x509_vpm.c4
-rw-r--r--crypto/x509/x509name.c2
-rw-r--r--crypto/x509/x509spki.c5
-rw-r--r--crypto/x509/x_crl.c6
-rw-r--r--crypto/x509/x_name.c50
-rw-r--r--crypto/x509/x_pubkey.c61
-rw-r--r--crypto/x509/x_req.c2
-rw-r--r--crypto/x509/x_x509.c4
48 files changed, 422 insertions, 388 deletions
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 8d61c27d70..68b0b865d3 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -114,20 +114,18 @@ static int new_dir(X509_LOOKUP *lu)
{
BY_DIR *a = OPENSSL_malloc(sizeof(*a));
- if (a == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (a == NULL)
return 0;
- }
if ((a->buffer = BUF_MEM_new()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_BN_LIB);
goto err;
}
a->dirs = NULL;
a->lock = CRYPTO_THREAD_lock_new();
if (a->lock == NULL) {
BUF_MEM_free(a->buffer);
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
lu->method_data = a;
@@ -202,15 +200,13 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
if (ctx->dirs == NULL) {
ctx->dirs = sk_BY_DIR_ENTRY_new_null();
if (!ctx->dirs) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
return 0;
}
}
ent = OPENSSL_malloc(sizeof(*ent));
- if (ent == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (ent == NULL)
return 0;
- }
ent->dir_type = type;
ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
ent->dir = OPENSSL_strndup(ss, len);
@@ -220,7 +216,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
}
if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
by_dir_entry_free(ent);
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
return 0;
}
}
@@ -277,7 +273,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
if (!BUF_MEM_grow(b, j)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
goto finish;
}
if (type == X509_LU_CRL && ent->hashes) {
@@ -376,7 +372,6 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
hent = OPENSSL_malloc(sizeof(*hent));
if (hent == NULL) {
CRYPTO_THREAD_unlock(ctx->lock);
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
ok = 0;
goto finish;
}
@@ -385,7 +380,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
CRYPTO_THREAD_unlock(ctx->lock);
OPENSSL_free(hent);
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
ok = 0;
goto finish;
}
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 37d73ca84c..811b840ff1 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -107,7 +107,7 @@ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
}
x = X509_new_ex(libctx, propq);
if (x == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
}
diff --git a/crypto/x509/pcy_cache.c b/crypto/x509/pcy_cache.c
index 79b16c905c..e9f45a80bb 100644
--- a/crypto/x509/pcy_cache.c
+++ b/crypto/x509/pcy_cache.c
@@ -35,14 +35,14 @@ static int policy_cache_create(X509 *x,
goto bad_policy;
cache->data = sk_X509_POLICY_DATA_new(policy_data_cmp);
if (cache->data == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto just_cleanup;
}
for (i = 0; i < num; i++) {
policy = sk_POLICYINFO_value(policies, i);
data = ossl_policy_data_new(policy, NULL, crit);
if (data == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509_LIB);
goto just_cleanup;
}
/*
@@ -58,7 +58,7 @@ static int policy_cache_create(X509 *x,
ret = -1;
goto bad_policy;
} else if (!sk_X509_POLICY_DATA_push(cache->data, data)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto bad_policy;
}
data = NULL;
@@ -90,10 +90,8 @@ static int policy_cache_new(X509 *x)
if (x->policy_cache != NULL)
return 1;
cache = OPENSSL_malloc(sizeof(*cache));
- if (cache == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if (cache == NULL)
return 0;
- }
cache->anyPolicy = NULL;
cache->data = NULL;
cache->any_skip = -1;
diff --git a/crypto/x509/pcy_data.c b/crypto/x509/pcy_data.c
index 6fb8f14ba8..8e8b91a781 100644
--- a/crypto/x509/pcy_data.c
+++ b/crypto/x509/pcy_data.c
@@ -52,14 +52,13 @@ X509_POLICY_DATA *ossl_policy_data_new(POLICYINFO *policy,
ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
ASN1_OBJECT_free(id);
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
return NULL;
}
ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
if (ret->expected_policy_set == NULL) {
OPENSSL_free(ret);
ASN1_OBJECT_free(id);
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
return NULL;
}
diff --git a/crypto/x509/pcy_node.c b/crypto/x509/pcy_node.c
index 04aba646be..5bee8c2a0b 100644
--- a/crypto/x509/pcy_node.c
+++ b/crypto/x509/pcy_node.c
@@ -64,10 +64,8 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level,
X509_POLICY_NODE *node;
node = OPENSSL_zalloc(sizeof(*node));
- if (node == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if (node == NULL)
return NULL;
- }
node->data = data;
node->parent = parent;
if (level) {
@@ -80,11 +78,11 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level,
if (level->nodes == NULL)
level->nodes = ossl_policy_node_cmp_new();
if (level->nodes == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509_LIB);
goto node_error;
}
if (!sk_X509_POLICY_NODE_push(level->nodes, node)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto node_error;
}
}
@@ -94,11 +92,11 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level,
if (tree->extra_data == NULL)
tree->extra_data = sk_X509_POLICY_DATA_new_null();
if (tree->extra_data == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto node_error;
}
if (!sk_X509_POLICY_DATA_push(tree->extra_data, data)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto node_error;
}
}
diff --git a/crypto/x509/pcy_tree.c b/crypto/x509/pcy_tree.c
index fa45da5117..4b954b0776 100644
--- a/crypto/x509/pcy_tree.c
+++ b/crypto/x509/pcy_tree.c
@@ -158,10 +158,8 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
return ret;
/* If we get this far initialize the tree */
- if ((tree = OPENSSL_zalloc(sizeof(*tree))) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((tree = OPENSSL_zalloc(sizeof(*tree))) == NULL)
return X509_PCY_TREE_INTERNAL;
- }
/*
* http://tools.ietf.org/html/rfc5280#section-6.1.2, figure 3.
@@ -172,7 +170,6 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
*/
if ((tree->levels = OPENSSL_zalloc(sizeof(*tree->levels)*(n+1))) == NULL) {
OPENSSL_free(tree);
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
return X509_PCY_TREE_INTERNAL;
}
tree->nlevel = n+1;
diff --git a/crypto/x509/v3_addr.c b/crypto/x509/v3_addr.c
index 1697bf7895..31b439a816 100644
--- a/crypto/x509/v3_addr.c
+++ b/crypto/x509/v3_addr.c
@@ -923,7 +923,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
int i;
if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
return NULL;
}
@@ -978,10 +978,8 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
} else {
s = OPENSSL_strdup(val->value);
}
- if (s == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if (s == NULL)
goto err;
- }
/*
* Check for inheritance. Not worth additional complexity to
@@ -1021,7 +1019,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
goto err;
}
if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
goto err;
}
break;
@@ -1044,13 +1042,13 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
goto err;
}
if (!X509v3_addr_add_range(addr, afi, safi, min, max)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
goto err;
}
break;
case '\0':
if (!X509v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
goto err;
}
break;
@@ -1235,7 +1233,7 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
validation_err(X509_V_ERR_INVALID_EXTENSION);
(void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
if (ctx != NULL)
ctx->error = X509_V_ERR_OUT_OF_MEM;
ret = 0;
diff --git a/crypto/x509/v3_akid.c b/crypto/x509/v3_akid.c
index 17807c6032..de93dae70e 100644
--- a/crypto/x509/v3_akid.c
+++ b/crypto/x509/v3_akid.c
@@ -46,7 +46,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
if (akeyid->keyid) {
tmp = i2s_ASN1_OCTET_STRING(NULL, akeyid->keyid);
if (tmp == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
if (!X509V3_add_value((akeyid->issuer || akeyid->serial) ? "keyid" : NULL,
@@ -68,7 +68,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
if (akeyid->serial) {
tmp = i2s_ASN1_OCTET_STRING(NULL, akeyid->serial);
if (tmp == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
if (!X509V3_add_value("serial", tmp, &extlist)) {
@@ -204,9 +204,12 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
if (isname != NULL) {
if ((gens = sk_GENERAL_NAME_new_null()) == NULL
- || (gen = GENERAL_NAME_new()) == NULL
- || !sk_GENERAL_NAME_push(gens, gen)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ || (gen = GENERAL_NAME_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ if (!sk_GENERAL_NAME_push(gens, gen)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
}
gen->type = GEN_DIRNAME;
diff --git a/crypto/x509/v3_asid.c b/crypto/x509/v3_asid.c
index 4a362ff0e1..d1c3dd5d9f 100644
--- a/crypto/x509/v3_asid.c
+++ b/crypto/x509/v3_asid.c
@@ -301,14 +301,14 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
if ((bn == NULL && (bn = BN_new()) == NULL) ||
ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
!BN_add_word(bn, 1)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_BN_LIB);
goto done;
}
if ((a_max_plus_one =
BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) {
a_max_plus_one = orig;
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto done;
}
@@ -422,14 +422,14 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
if ((bn == NULL && (bn = BN_new()) == NULL) ||
ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
!BN_add_word(bn, 1)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_BN_LIB);
goto done;
}
if ((a_max_plus_one =
BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) {
a_max_plus_one = orig;
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto done;
}
@@ -440,10 +440,8 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
ASRange *r;
switch (a->type) {
case ASIdOrRange_id:
- if ((r = OPENSSL_malloc(sizeof(*r))) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((r = OPENSSL_malloc(sizeof(*r))) == NULL)
goto done;
- }
r->min = a_min;
r->max = b_max;
a->type = ASIdOrRange_range;
@@ -517,7 +515,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
int i;
if ((asid = ASIdentifiers_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
return NULL;
}
@@ -578,21 +576,19 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
*/
if (!is_range) {
if (!X509V3_get_value_int(val, &min)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
goto err;
}
} else {
char *s = OPENSSL_strdup(val->value);
- if (s == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if (s == NULL)
goto err;
- }
s[i1] = '\0';
min = s2i_ASN1_INTEGER(NULL, s);
max = s2i_ASN1_INTEGER(NULL, s + i2);
OPENSSL_free(s);
if (min == NULL || max == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
goto err;
}
if (ASN1_INTEGER_cmp(min, max) > 0) {
@@ -601,7 +597,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
}
}
if (!X509v3_asid_add_id_or_range(asid, which, min, max)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
goto err;
}
min = max = NULL;
diff --git a/crypto/x509/v3_bcons.c b/crypto/x509/v3_bcons.c
index 6e7a165f26..17962ed43f 100644
--- a/crypto/x509/v3_bcons.c
+++ b/crypto/x509/v3_bcons.c
@@ -61,7 +61,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
int i;
if ((bcons = BASIC_CONSTRAINTS_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
diff --git a/crypto/x509/v3_bitst.c b/crypto/x509/v3_bitst.c
index b53c5ba3ec..d41c95b513 100644
--- a/crypto/x509/v3_bitst.c
+++ b/crypto/x509/v3_bitst.c
@@ -64,7 +64,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
int i;
BIT_STRING_BITNAME *bnam;
if ((bs = ASN1_BIT_STRING_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
@@ -73,7 +73,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
if (strcmp(bnam->sname, val->name) == 0
|| strcmp(bnam->lname, val->name) == 0) {
if (!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ASN1_BIT_STRING_free(bs);
return NULL;
}
diff --git a/crypto/x509/v3_conf.c b/crypto/x509/v3_conf.c
index 8201ba0d86..c575a43459 100644
--- a/crypto/x509/v3_conf.c
+++ b/crypto/x509/v3_conf.c
@@ -148,34 +148,41 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
ext_der = NULL;
ext_len =
ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it));
- if (ext_len < 0)
- goto merr;
+ if (ext_len < 0) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
} else {
unsigned char *p;
ext_len = method->i2d(ext_struc, NULL);
- if (ext_len <= 0)
- goto merr;
+ if (ext_len <= 0) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
if ((ext_der = OPENSSL_malloc(ext_len)) == NULL)
- goto merr;
+ goto err;
p = ext_der;
method->i2d(ext_struc, &p);
}
- if ((ext_oct = ASN1_OCTET_STRING_new()) == NULL)
- goto merr;
+ if ((ext_oct = ASN1_OCTET_STRING_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
ext_oct->data = ext_der;
ext_der = NULL;
ext_oct->length = ext_len;
ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
- if (!ext)
- goto merr;
+ if (!ext) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
+ goto err;
+ }
ASN1_OCTET_STRING_free(ext_oct);
return ext;
- merr:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ err:
OPENSSL_free(ext_der);
ASN1_OCTET_STRING_free(ext_oct);
return NULL;
@@ -256,7 +263,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, const char *value,
}
if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
diff --git a/crypto/x509/v3_cpols.c b/crypto/x509/v3_cpols.c
index 65fab71406..ae602ea2cd 100644
--- a/crypto/x509/v3_cpols.c
+++ b/crypto/x509/v3_cpols.c
@@ -105,7 +105,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
pols = sk_POLICYINFO_new_reserve(NULL, num);
if (pols == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
}
@@ -144,14 +144,14 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
pol = POLICYINFO_new();
if (pol == NULL) {
ASN1_OBJECT_free(pobj);
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
pol->policyid = pobj;
}
if (!sk_POLICYINFO_push(pols, pol)) {
POLICYINFO_free(pol);
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
}
}
@@ -171,8 +171,10 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
POLICYINFO *pol;
POLICYQUALINFO *qual;
- if ((pol = POLICYINFO_new()) == NULL)
- goto merr;
+ if ((pol = POLICYINFO_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
cnf = sk_CONF_VALUE_value(polstrs, i);
if (strcmp(cnf->name, "policyIdentifier") == 0) {
@@ -188,19 +190,27 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
} else if (!ossl_v3_name_cmp(cnf->name, "CPS")) {
if (pol->qualifiers == NULL)
pol->qualifiers = sk_POLICYQUALINFO_new_null();
- if ((qual = POLICYQUALINFO_new()) == NULL)
- goto merr;
- if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
- goto merr;
+ if ((qual = POLICYQUALINFO_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_cps)) == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_INTERNAL_ERROR);
goto err;
}
- if ((qual->d.cpsuri = ASN1_IA5STRING_new()) == NULL)
- goto merr;
+ if ((qual->d.cpsuri = ASN1_IA5STRING_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
- strlen(cnf->value)))
- goto merr;
+ strlen(cnf->value))) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
} else if (!ossl_v3_name_cmp(cnf->name, "userNotice")) {
STACK_OF(CONF_VALUE) *unot;
if (*cnf->value != '@') {
@@ -221,8 +231,10 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
goto err;
if (pol->qualifiers == NULL)
pol->qualifiers = sk_POLICYQUALINFO_new_null();
- if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
- goto merr;
+ if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
} else {
ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_OPTION);
X509V3_conf_err(cnf);
@@ -236,9 +248,6 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
return pol;
- merr:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
-
err:
POLICYINFO_free(pol);
return NULL;
@@ -287,14 +296,18 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
POLICYQUALINFO *qual;
char *value = NULL;
- if ((qual = POLICYQUALINFO_new()) == NULL)
- goto merr;
+ if ((qual = POLICYQUALINFO_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice)) == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_INTERNAL_ERROR);
goto err;
}
- if ((not = USERNOTICE_new()) == NULL)
- goto merr;
+ if ((not = USERNOTICE_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
qual->d.usernotice = not;
for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
cnf = sk_CONF_VALUE_value(unot, i);
@@ -302,19 +315,25 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
value = cnf->value;
if (strcmp(cnf->name, "explicitText") == 0) {
tag = displaytext_str2tag(value, &tag_len);
- if ((not->exptext = ASN1_STRING_type_new(tag)) == NULL)
- goto merr;
+ if ((not->exptext = ASN1_STRING_type_new(tag)) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
if (tag_len != 0)
value += tag_len + 1;
len = strlen(value);
- if (!ASN1_STRING_set(not->exptext, value, len))
- goto merr;
+ if (!ASN1_STRING_set(not->exptext, value, len)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
} else if (strcmp(cnf->name, "organization") == 0) {
NOTICEREF *nref;
if (!not->noticeref) {
- if ((nref = NOTICEREF_new()) == NULL)
- goto merr;
+ if ((nref = NOTICEREF_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
not->noticeref = nref;
} else
nref = not->noticeref;
@@ -323,15 +342,19 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
else
nref->organization->type = V_ASN1_VISIBLESTRING;
if (!ASN1_STRING_set(nref->organization, cnf->value,
- strlen(cnf->value)))
- goto merr;
+ strlen(cnf->value))) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
} else if (strcmp(cnf->name, "noticeNumbers") == 0) {
NOTICEREF *nref;
STACK_OF(CONF_VALUE) *nos;
if (!not->noticeref) {
- if ((nref = NOTICEREF_new()) == NULL)
- goto merr;
+ if ((nref = NOTICEREF_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
not->noticeref = nref;
} else
nref = not->noticeref;
@@ -361,9 +384,6 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
return qual;
- merr:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
-
err:
POLICYQUALINFO_free(qual);
return NULL;
@@ -380,19 +400,15 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
cnf = sk_CONF_VALUE_value(nos, i);
if ((aint = s2i_ASN1_INTEGER(NULL, cnf->name)) == NULL) {
ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_NUMBER);
- goto err;
+ return 0;
+ }
+ if (!sk_ASN1_INTEGER_push(nnums, aint)) {
+ ASN1_INTEGER_free(aint);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
+ return 0;
}
- if (!sk_ASN1_INTEGER_push(nnums, aint))
- goto merr;
}
return 1;
-
- merr:
- ASN1_INTEGER_free(aint);
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
-
- err:
- return 0;
}
static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index b4ac457f22..08df3faf86 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -244,8 +244,10 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method,
int i;
crld = sk_DIST_POINT_new_reserve(NULL, num);
- if (crld == NULL)
- goto merr;
+ if (crld == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
for (i = 0; i < num; i++) {
DIST_POINT *point;
@@ -263,16 +265,24 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method,
} else {
if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
goto err;
- if ((gens = GENERAL_NAMES_new()) == NULL)
- goto merr;
- if (!sk_GENERAL_NAME_push(gens, gen))
- goto merr;
+ if ((gens = GENERAL_NAMES_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ if (!sk_GENERAL_NAME_push(gens, gen)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
gen = NULL;
- if ((point = DIST_POINT_new()) == NULL)
- goto merr;
+ if ((point = DIST_POINT_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
sk_DIST_POINT_push(crld, point); /* no failure as it was reserved */
- if ((point->distpoint = DIST_POINT_NAME_new()) == NULL)
- goto merr;
+ if ((point->distpoint = DIST_POINT_NAME_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
point->distpoint->name.fullname = gens;
point->distpoint->type = 0;
gens = NULL;
@@ -280,8 +290,6 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method,
}
return crld;
- merr:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
err:
GENERAL_NAME_free(gen);
GENERAL_NAMES_free(gens);
@@ -364,8 +372,10 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
char *name, *val;
int i, ret;
idp = ISSUING_DIST_POINT_new();
- if (idp == NULL)
- goto merr;
+ if (idp == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
cnf = sk_CONF_VALUE_value(nval, i);
name = cnf->name;
@@ -398,8 +408,6 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
}
return idp;
- merr:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
err:
ISSUING_DIST_POINT_free(idp);
return NULL;
diff --git a/crypto/x509/v3_extku.c b/crypto/x509/v3_extku.c
index 4f2a86bdcb..22c951e251 100644
--- a/crypto/x509/v3_extku.c
+++ b/crypto/x509/v3_extku.c
@@ -79,7 +79,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
extku = sk_ASN1_OBJECT_new_reserve(NULL, num);
if (extku == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
sk_ASN1_OBJECT_free(extku);
return NULL;
}
diff --git a/crypto/x509/v3_ia5.c b/crypto/x509/v3_ia5.c
index 6722b6c01f..7b79935872 100644
--- a/crypto/x509/v3_ia5.c
+++ b/crypto/x509/v3_ia5.c
@@ -31,10 +31,8 @@ char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
if (ia5 == NULL || ia5->length <= 0)
return NULL;
- if ((tmp = OPENSSL_malloc(ia5->length + 1)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((tmp = OPENSSL_malloc(ia5->length + 1)) == NULL)
return NULL;
- }
memcpy(tmp, ia5->data, ia5->length);
tmp[ia5->length] = 0;
return tmp;
@@ -48,8 +46,10 @@ ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_NULL_ARGUMENT);
return NULL;
}
- if ((ia5 = ASN1_IA5STRING_new()) == NULL)
- goto err;
+ if ((ia5 = ASN1_IA5STRING_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ return NULL;
+ }
if (!ASN1_STRING_set((ASN1_STRING *)ia5, str, strlen(str))) {
ASN1_IA5STRING_free(ia5);
return NULL;
@@ -58,7 +58,4 @@ ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
ebcdic2ascii(ia5->data, ia5->data, ia5->length);
#endif /* CHARSET_EBCDIC */
return ia5;
- err:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
- return NULL;
}
diff --git a/crypto/x509/v3_info.c b/crypto/x509/v3_info.c
index 5f21ce11e7..7e4d9313d8 100644
--- a/crypto/x509/v3_info.c
+++ b/crypto/x509/v3_info.c
@@ -73,8 +73,10 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
tmp = i2v_GENERAL_NAME(method, desc->location, tret);
- if (tmp == NULL)
+ if (tmp == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
+ }
tret = tmp;
vtmp = sk_CONF_VALUE_value(tret, i);
i2t_ASN1_OBJECT(objtmp, sizeof(objtmp), desc->method);
@@ -91,7 +93,6 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
return tret;
err:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
if (ret == NULL && tret != NULL)
sk_CONF_VALUE_pop_free(tret, X509V3_conf_free);
return NULL;
@@ -111,13 +112,13 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
char *objtmp, *ptmp;
if ((ainfo = sk_ACCESS_DESCRIPTION_new_reserve(NULL, num)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
return NULL;
}
for (i = 0; i < num; i++) {
cnf = sk_CONF_VALUE_value(nval, i);
if ((acc = ACCESS_DESCRIPTION_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
sk_ACCESS_DESCRIPTION_push(ainfo, acc); /* Cannot fail due to reserve */
@@ -130,10 +131,8 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
ctmp.value = cnf->value;
if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
goto err;
- if ((objtmp = OPENSSL_strndup(cnf->name, ptmp - cnf->name)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((objtmp = OPENSSL_strndup(cnf->name, ptmp - cnf->name)) == NULL)
goto err;
- }
acc->method = OBJ_txt2obj(objtmp, 0);
if (!acc->method) {
ERR_raise_data(ERR_LIB_X509V3, X509V3_R_BAD_OBJECT,
diff --git a/crypto/x509/v3_ist.c b/crypto/x509/v3_ist.c
index 71bb76c48e..cb3a68cf40 100644
--- a/crypto/x509/v3_ist.c
+++ b/crypto/x509/v3_ist.c
@@ -39,7 +39,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
int i;
if (ist == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
for (i = 0; i < sk_CONF_VALUE_num(nval); ++i) {
@@ -51,7 +51,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
if (strcmp(cnf->name, "signTool") == 0) {
ist->signTool = ASN1_UTF8STRING_new();
if (ist->signTool == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ISSUER_SIGN_TOOL_free(ist);
return NULL;
}
@@ -59,7 +59,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
} else if (strcmp(cnf->name, "cATool") == 0) {
ist->cATool = ASN1_UTF8STRING_new();
if (ist->cATool == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ISSUER_SIGN_TOOL_free(ist);
return NULL;
}
@@ -67,7 +67,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
} else if (strcmp(cnf->name, "signToolCert") == 0) {
ist->signToolCert = ASN1_UTF8STRING_new();
if (ist->signToolCert == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ISSUER_SIGN_TOOL_free(ist);
return NULL;
}
@@ -75,7 +75,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
} else if (strcmp(cnf->name, "cAToolCert") == 0) {
ist->cAToolCert = ASN1_UTF8STRING_new();
if (ist->cAToolCert == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ISSUER_SIGN_TOOL_free(ist);
return NULL;
}
diff --git a/crypto/x509/v3_lib.c b/crypto/x509/v3_lib.c
index 5c05b56d9c..ced105adfa 100644
--- a/crypto/x509/v3_lib.c
+++ b/crypto/x509/v3_lib.c
@@ -26,11 +26,11 @@ int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
{
if (ext_list == NULL
&& (ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
return 0;
}
if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
return 0;
}
return 1;
@@ -92,10 +92,8 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from)
ERR_raise(ERR_LIB_X509V3, X509V3_R_EXTENSION_NOT_FOUND);
return 0;
}
- if ((tmpext = OPENSSL_malloc(sizeof(*tmpext))) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((tmpext = OPENSSL_malloc(sizeof(*tmpext))) == NULL)
return 0;
- }
*tmpext = *ext;
tmpext->ext_nid = nid_to;
tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
@@ -291,7 +289,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
return 1;
m_fail:
- /* ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); */
+ /* ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); */
if (ret != *x)
sk_X509_EXTENSION_free(ret);
X509_EXTENSION_free(ext);
diff --git a/crypto/x509/v3_ncons.c b/crypto/x509/v3_ncons.c
index 7ffb88c4c0..2860c788a7 100644
--- a/crypto/x509/v3_ncons.c
+++ b/crypto/x509/v3_ncons.c
@@ -134,8 +134,10 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
GENERAL_SUBTREE *sub = NULL;
ncons = NAME_CONSTRAINTS_new();
- if (ncons == NULL)
- goto memerr;
+ if (ncons == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
val = sk_CONF_VALUE_value(nval, i);
if (HAS_PREFIX(val->name, "permitted") && val->name[9]) {
@@ -150,21 +152,25 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
}
tval.value = val->value;
sub = GENERAL_SUBTREE_new();
- if (sub == NULL)
- goto memerr;
- if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1))
+ if (sub == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
goto err;
+ }
if (*ptree == NULL)
*ptree = sk_GENERAL_SUBTREE_new_null();
- if (*ptree == NULL || !sk_GENERAL_SUBTREE_push(*ptree, sub))
- goto memerr;
+ if (*ptree == NULL || !sk_GENERAL_SUBTREE_push(*ptree, sub)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
sub = NULL;
}
return ncons;
- memerr:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
err:
NAME_CONSTRAINTS_free(ncons);
GENERAL_SUBTREE_free(sub);
diff --git a/crypto/x509/v3_pci.c b/crypto/x509/v3_pci.c
index 79fe76d042..8b8b6e3ab8 100644
--- a/crypto/x509/v3_pci.c
+++ b/crypto/x509/v3_pci.c
@@ -119,7 +119,7 @@ static int process_pci_value(CONF_VALUE *val,
if (*policy == NULL) {
*policy = ASN1_OCTET_STRING_new();
if (*policy == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
X509V3_conf_err(val);
return 0;
}
@@ -151,7 +151,6 @@ static int process_pci_value(CONF_VALUE *val,
OPENSSL_free((*policy)->data);
(*policy)->data = NULL;
(*policy)->length = 0;
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
X509V3_conf_err(val);
goto err;
}
@@ -177,7 +176,6 @@ static int process_pci_value(CONF_VALUE *val,
OPENSSL_free((*policy)->data);
(*policy)->data = NULL;
(*policy)->length = 0;
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
X509V3_conf_err(val);
BIO_free_all(b);
goto err;
@@ -213,7 +211,6 @@ static int process_pci_value(CONF_VALUE *val,
OPENSSL_free((*policy)->data);
(*policy)->data = NULL;
(*policy)->length = 0;
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
X509V3_conf_err(val);
goto err;
}
@@ -223,7 +220,6 @@ static int process_pci_value(CONF_VALUE *val,
goto err;
}
if (!tmp_data) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
X509V3_conf_err(val);
goto err;
}
@@ -297,7 +293,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
pci = PROXY_CERT_INFO_EXTENSION_new();
if (pci == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
diff --git a/crypto/x509/v3_pcons.c b/crypto/x509/v3_pcons.c
index 128365f572..72c2364b05 100644
--- a/crypto/x509/v3_pcons.c
+++ b/crypto/x509/v3_pcons.c
@@ -61,7 +61,7 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
int i;
if ((pcons = POLICY_CONSTRAINTS_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
diff --git a/crypto/x509/v3_pmaps.c b/crypto/x509/v3_pmaps.c
index 2094e96711..e5d7dddc0a 100644
--- a/crypto/x509/v3_pmaps.c
+++ b/crypto/x509/v3_pmaps.c
@@ -73,7 +73,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
int i;
if ((pmaps = sk_POLICY_MAPPING_new_reserve(NULL, num)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
return NULL;
}
@@ -93,7 +93,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
}
pmap = POLICY_MAPPING_new();
if (pmap == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
pmap->issuerDomainPolicy = obj1;
diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c
index cac539b1e4..d3a66267ee 100644
--- a/crypto/x509/v3_purp.c
+++ b/crypto/x509/v3_purp.c
@@ -171,10 +171,8 @@ int X509_PURPOSE_add(int id, int trust, int flags,
idx = X509_PURPOSE_get_by_id(id);
/* Need a new entry */
if (idx == -1) {
- if ((ptmp = OPENSSL_malloc(sizeof(*ptmp))) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((ptmp = OPENSSL_malloc(sizeof(*ptmp))) == NULL)
return 0;
- }
ptmp->flags = X509_PURPOSE_DYNAMIC;
} else {
ptmp = X509_PURPOSE_get0(idx);
@@ -188,10 +186,8 @@ int X509_PURPOSE_add(int id, int trust, int flags,
/* Dup supplied name */
ptmp->name = OPENSSL_strdup(name);
ptmp->sname = OPENSSL_strdup(sname);
- if (ptmp->name == NULL || ptmp->sname == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if (ptmp->name == NULL || ptmp->sname == NULL)
goto err;
- }
/* Keep the dynamic flag of existing entry */
ptmp->flags &= X509_PURPOSE_DYNAMIC;
/* Set all other flags */
@@ -206,11 +202,11 @@ int X509_PURPOSE_add(int id, int trust, int flags,
if (idx == -1) {
if (xptable == NULL
&& (xptable = sk_X509_PURPOSE_new(xp_cmp)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
}
if (!sk_X509_PURPOSE_push(xptable, ptmp)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
}
}
diff --git a/crypto/x509/v3_san.c b/crypto/x509/v3_san.c
index c081f02e19..7798505eec 100644
--- a/crypto/x509/v3_san.c
+++ b/crypto/x509/v3_san.c
@@ -307,7 +307,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
int i;
if (gens == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
sk_GENERAL_NAME_free(gens);
return NULL;
}
@@ -358,7 +358,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
num = sk_GENERAL_NAME_num(ialt);
if (!sk_GENERAL_NAME_reserve(gens, num)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
}
@@ -386,7 +386,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
gens = sk_GENERAL_NAME_new_reserve(NULL, num);
if (gens == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
sk_GENERAL_NAME_free(gens);
return NULL;
}
@@ -449,14 +449,14 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
i--;
}
if (email == NULL || (gen = GENERAL_NAME_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
gen->d.ia5 = email;
email = NULL;
gen->type = GEN_EMAIL;
if (!sk_GENERAL_NAME_push(gens, gen)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
}
gen = NULL;
@@ -482,7 +482,7 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
gens = sk_GENERAL_NAME_new_reserve(NULL, num);
if (gens == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
sk_GENERAL_NAME_free(gens);
return NULL;
}
@@ -523,7 +523,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
else {
gen = GENERAL_NAME_new();
if (gen == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
}
@@ -581,7 +581,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
if ((gen->d.ia5 = ASN1_IA5STRING_new()) == NULL ||
!ASN1_STRING_set(gen->d.ia5, (unsigned char *)value,
strlen(value))) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
}
diff --git a/crypto/x509/v3_skid.c b/crypto/x509/v3_skid.c
index 18223f2ef4..8657f4cdf2 100644
--- a/crypto/x509/v3_skid.c
+++ b/crypto/x509/v3_skid.c
@@ -37,7 +37,7 @@ ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
long length;
if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
diff --git a/crypto/x509/v3_sxnet.c b/crypto/x509/v3_sxnet.c
index 5ac3bab354..8540f10d1e 100644
--- a/crypto/x509/v3_sxnet.c
+++ b/crypto/x509/v3_sxnet.c
@@ -135,7 +135,7 @@ int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, const char *user,
if ((izone = ASN1_INTEGER_new()) == NULL
|| !ASN1_INTEGER_set(izone, lzone)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ASN1_INTEGER_free(izone);
return 0;
}
@@ -165,10 +165,14 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user,
return 0;
}
if (*psx == NULL) {
- if ((sx = SXNET_new()) == NULL)
+ if ((sx = SXNET_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
- if (!ASN1_INTEGER_set(sx->version, 0))
+ }
+ if (!ASN1_INTEGER_set(sx->version, 0)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
+ }
} else
sx = *psx;
if (SXNET_get_id_INTEGER(sx, zone)) {
@@ -178,19 +182,24 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user,
return 0;
}
- if ((id = SXNETID_new()) == NULL)
+ if ((id = SXNETID_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
+ }
- if (!ASN1_OCTET_STRING_set(id->user, (const unsigned char *)user, userlen))
+ if (!ASN1_OCTET_STRING_set(id->user, (const unsigned char *)user, userlen)){
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
- if (!sk_SXNETID_push(sx->ids, id))
+ }
+ if (!sk_SXNETID_push(sx->ids, id)) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
+ }
id->zone = zone;
*psx = sx;
return 1;
err:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
SXNETID_free(id);
if (*psx == NULL)
SXNET_free(sx);
@@ -218,7 +227,7 @@ ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
if ((izone = ASN1_INTEGER_new()) == NULL
|| !ASN1_INTEGER_set(izone, lzone)) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ASN1_INTEGER_free(izone);
return NULL;
}
diff --git a/crypto/x509/v3_tlsf.c b/crypto/x509/v3_tlsf.c
index a1446bc074..85dea65f35 100644
--- a/crypto/x509/v3_tlsf.c
+++ b/crypto/x509/v3_tlsf.c
@@ -96,7 +96,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
long tlsextid;
if ((tlsf = sk_ASN1_INTEGER_new_null()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
return NULL;
}
@@ -125,7 +125,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
if ((ai = ASN1_INTEGER_new()) == NULL
|| !ASN1_INTEGER_set(ai, tlsextid)
|| sk_ASN1_INTEGER_push(tlsf, ai) <= 0) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
goto err;
}
/* So it doesn't get purged if an error occurs next time around */
diff --git a/crypto/x509/v3_utf8.c b/crypto/x509/v3_utf8.c
index 51cfbf01cf..22345c3a65 100644
--- a/crypto/x509/v3_utf8.c
+++ b/crypto/x509/v3_utf8.c
@@ -35,10 +35,8 @@ char *i2s_ASN1_UTF8STRING(X509V3_EXT_METHOD *method,
ERR_raise(ERR_LIB_X509V3, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
- if ((tmp = OPENSSL_malloc(utf8->length + 1)) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((tmp = OPENSSL_malloc(utf8->length + 1)) == NULL)
return NULL;
- }
memcpy(tmp, utf8->data, utf8->length);
tmp[utf8->length] = 0;
return tmp;
@@ -53,11 +51,11 @@ ASN1_UTF8STRING *s2i_ASN1_UTF8STRING(X509V3_EXT_METHOD *method,
return NULL;
}
if ((utf8 = ASN1_UTF8STRING_new()) == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
return NULL;
}
if (!ASN1_STRING_set((ASN1_STRING *)utf8, str, strlen(str))) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
ASN1_UTF8STRING_free(utf8);
return NULL;
}
diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c
index 4ef0d20f29..1a18174995 100644
--- a/crypto/x509/v3_utl.c
+++ b/crypto/x509/v3_utl.c
@@ -56,8 +56,10 @@ static int x509v3_add_len_value(const char *name, const char *value,
}
if ((vtmp = OPENSSL_malloc(sizeof(*vtmp))) == NULL)
goto err;
- if (sk_allocated && (*extlist = sk_CONF_VALUE_new_null()) == NULL)
+ if (sk_allocated && (*extlist = sk_CONF_VALUE_new_null()) == NULL) {
+ ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
goto err;
+ }
vtmp->section = NULL;
vtmp->name = tname;
vtmp->value = tvalue;
@@ -65,7 +67,6 @@ static int x509v3_add_len_value(const char *name, const char *value,
goto err;
return 1;
err:
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
if (sk_allocated) {
sk_CONF_VALUE_free(*extlist);
*extlist = NULL;
@@ -146,7 +147,6 @@ static char *bignum_to_string(const BIGNUM *bn)
len = strlen(tmp) + 3;
ret = OPENSSL_malloc(len);
if (ret == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
OPENSSL_free(tmp);
return NULL;
}
@@ -170,9 +170,10 @@ char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a)
if (!a)
return NULL;
- if ((bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) == NULL
- || (strtmp = bignum_to_string(bntmp)) == NULL)
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) == NULL)
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ else if ((strtmp = bignum_to_string(bntmp)) == NULL)
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
BN_free(bntmp);
return strtmp;
}
@@ -184,9 +185,10 @@ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, const ASN1_INTEGER *a)
if (!a)
return NULL;
- if ((bntmp = ASN1_INTEGER_to_BN(a, NULL)) == NULL
- || (strtmp = bignum_to_string(bntmp)) == NULL)
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if ((bntmp = ASN1_INTEGER_to_BN(a, NULL)) == NULL)
+ ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
+ else if ((strtmp = bignum_to_string(bntmp)) == NULL)
+ ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB);
BN_free(bntmp);
return strtmp;
}
@@ -204,7 +206,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, const char *value)
}
bn = BN_new();
if (bn == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509V3, ERR_R_BN_LIB);
return NULL;
}
if (value[0] == '-') {
@@ -320,10 +322,8 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
/* We are going to modify the line so copy it first */
linebuf = OPENSSL_strdup(line);
- if (linebuf == NULL) {
- ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
+ if (linebuf == NULL)
goto err;
- }
state = HDR_NAME;
ntmp = NULL;
/* Go through all characters */
diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
index 9e6434187c..1fc99f7cad 100644
--- a/crypto/x509/x509_att.c
+++ b/crypto/x509/x509_att.c
@@ -95,22 +95,24 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
}
if (*x == NULL) {
- if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
+ if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL) {
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
+ }
} else {
sk = *x;
}
if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL)
- goto err2;
- if (!sk_X509_ATTRIBUTE_push(sk, new_attr))
goto err;
+ if (!sk_X509_ATTRIBUTE_push(sk, new_attr)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
if (*x == NULL)
*x = sk;
return sk;
err:
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
- err2:
X509_ATTRIBUTE_free(new_attr);
if (*x == NULL)
sk_X509_ATTRIBUTE_free(sk);
@@ -223,7 +225,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
if (attr == NULL || *attr == NULL) {
if ((ret = X509_ATTRIBUTE_new()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
return NULL;
}
} else {
@@ -293,10 +295,11 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
}
atype = stmp->type;
} else if (len != -1) {
- if ((stmp = ASN1_STRING_type_new(attrtype)) == NULL)
- goto err;
- if (!ASN1_STRING_set(stmp, data, len))
+ if ((stmp = ASN1_STRING_type_new(attrtype)) == NULL
+ || !ASN1_STRING_set(stmp, data, len)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
+ }
atype = attrtype;
}
/*
@@ -308,20 +311,25 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
ASN1_STRING_free(stmp);
return 1;
}
- if ((ttmp = ASN1_TYPE_new()) == NULL)
+ if ((ttmp = ASN1_TYPE_new()) == NULL) {
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
+ }
if (len == -1 && (attrtype & MBSTRING_FLAG) == 0) {
- if (!ASN1_TYPE_set1(ttmp, attrtype, data))
+ if (!ASN1_TYPE_set1(ttmp, attrtype, data)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
+ }
} else {
ASN1_TYPE_set(ttmp, atype, stmp);
stmp = NULL;
}
- if (!sk_ASN1_TYPE_push(attr->set, ttmp))
+ if (!sk_ASN1_TYPE_push(attr->set, ttmp)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
+ }
return 1;
err:
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
ASN1_TYPE_free(ttmp);
ASN1_STRING_free(stmp);
return 0;
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 18f9fba764..6fc2fd719e 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -184,7 +184,7 @@ int X509_cmp(const X509 *a, const X509 *b)
int ossl_x509_add_cert_new(STACK_OF(X509) **p_sk, X509 *cert, int flags)
{
if (*p_sk == NULL && (*p_sk = sk_X509_new_null()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
return 0;
}
return X509_add_cert(*p_sk, cert, flags);
@@ -216,7 +216,7 @@ int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags)
}
if (!sk_X509_insert(sk, cert,
(flags & X509_ADD_FLAG_PREPEND) != 0 ? 0 : -1)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
return 0;
}
if ((flags & X509_ADD_FLAG_UP_REF) != 0)
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 40f1d23b73..1f31b56e0b 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -19,10 +19,8 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
{
X509_LOOKUP *ret = OPENSSL_zalloc(sizeof(*ret));
- if (ret == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (ret == NULL)
return NULL;
- }
ret->method = method;
if (method->new_item != NULL && method->new_item(ret) == 0) {
@@ -180,32 +178,30 @@ X509_STORE *X509_STORE_new(void)
{
X509_STORE *ret = OPENSSL_zalloc(sizeof(*ret));
- if (ret == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (ret == NULL)
return NULL;
- }
if ((ret->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
ret->cache = 1;
if ((ret->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
goto err;
}
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
ret->lock = CRYPTO_THREAD_lock_new();
if (ret->lock == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
ret->references = 1;
@@ -276,15 +272,15 @@ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *xs, X509_LOOKUP_METHOD *m)
/* a new one */
lu = X509_LOOKUP_new(m);
if (lu == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
return NULL;
}
lu->store_ctx = xs;
if (sk_X509_LOOKUP_push(xs->get_cert_methods, lu))
return lu;
- /* malloc failed */
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ /* sk_X509_LOOKUP_push() failed */
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
X509_LOOKUP_free(lu);
return NULL;
}
@@ -413,7 +409,7 @@ static int x509_store_add(X509_STORE *store, void *x, int crl)
int X509_STORE_add_cert(X509_STORE *xs, X509 *x)
{
if (!x509_store_add(xs, x, 0)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
return 0;
}
return 1;
@@ -422,7 +418,7 @@ int X509_STORE_add_cert(X509_STORE *xs, X509 *x)
int X509_STORE_add_crl(X509_STORE *xs, X509_CRL *x)
{
if (!x509_store_add(xs, x, 1)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
return 0;
}
return 1;
@@ -464,10 +460,8 @@ X509_OBJECT *X509_OBJECT_new(void)
{
X509_OBJECT *ret = OPENSSL_zalloc(sizeof(*ret));
- if (ret == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (ret == NULL)
return NULL;
- }
ret->type = X509_LU_NONE;
return ret;
}
diff --git a/crypto/x509/x509_meth.c b/crypto/x509/x509_meth.c
index a8eedd9b59..305fe4c6d3 100644
--- a/crypto/x509/x509_meth.c
+++ b/crypto/x509/x509_meth.c
@@ -23,10 +23,8 @@ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name)
if (method != NULL) {
method->name = OPENSSL_strdup(name);
- if (method->name == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (method->name == NULL)
goto err;
- }
}
return method;
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index 12c6d6f78b..2af7203b01 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -41,9 +41,9 @@ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
if (buf == NULL) {
if ((b = BUF_MEM_new()) == NULL)
- goto err;
+ goto buferr;
if (!BUF_MEM_grow(b, 200))
- goto err;
+ goto buferr;
b->data[0] = '\0';
len = 200;
} else if (len == 0) {
@@ -124,7 +124,7 @@ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
}
if (b != NULL) {
if (!BUF_MEM_grow(b, l + 1))
- goto err;
+ goto buferr;
p = &(b->data[lold]);
} else if (l > len) {
break;
@@ -179,8 +179,8 @@ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
if (i == 0)
*p = '\0';
return p;
- err:
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ buferr:
+ ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
end:
BUF_MEM_free(b);
return NULL;
diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index c7f6181c44..a6ea8e36a0 100644
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -25,7 +25,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
EVP_PKEY *pubkey = NULL;
if ((ret = X509_new()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
return NULL;
}
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index 94fa856795..2a7836c23e 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -28,7 +28,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
ret = X509_REQ_new_ex(x->libctx, x->propq);
if (ret == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
}
diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c
index da29526d27..656b3b8440 100644
--- a/crypto/x509/x509_trust.c
+++ b/crypto/x509/x509_trust.c
@@ -136,10 +136,8 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
idx = X509_TRUST_get_by_id(id);
/* Need a new entry */
if (idx < 0) {
- if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL)
return 0;
- }
trtmp->flags = X509_TRUST_DYNAMIC;
} else
trtmp = X509_TRUST_get0(idx);
@@ -148,10 +146,8 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
if (trtmp->flags & X509_TRUST_DYNAMIC_NAME)
OPENSSL_free(trtmp->name);
/* dup supplied name */
- if ((trtmp->name = OPENSSL_strdup(name)) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if ((trtmp->name = OPENSSL_strdup(name)) == NULL)
goto err;
- }
/* Keep the dynamic flag of existing entry */
trtmp->flags &= X509_TRUST_DYNAMIC;
/* Set all other flags */
@@ -166,11 +162,11 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
if (idx < 0) {
if (trtable == NULL
&& (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
if (!sk_X509_TRUST_push(trtable, trtmp)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
}
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
index 262061a20f..e9f256cee2 100644
--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -102,12 +102,14 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
if (x == NULL) {
ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
- goto err2;
+ goto err;
}
if (*x == NULL) {
- if ((sk = sk_X509_EXTENSION_new_null()) == NULL)
+ if ((sk = sk_X509_EXTENSION_new_null()) == NULL) {
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
+ }
} else
sk = *x;
@@ -117,16 +119,18 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
else if (loc < 0)
loc = n;
- if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)
- goto err2;
- if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))
+ if ((new_ex = X509_EXTENSION_dup(ex)) == NULL) {
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
+ }
+ if (!sk_X509_EXTENSION_insert(sk, new_ex, loc)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
if (*x == NULL)
*x = sk;
return sk;
err:
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
- err2:
X509_EXTENSION_free(new_ex);
if (x != NULL && *x == NULL)
sk_X509_EXTENSION_free(sk);
@@ -159,7 +163,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
if ((ex == NULL) || (*ex == NULL)) {
if ((ret = X509_EXTENSION_new()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
return NULL;
}
} else
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index d9158bd795..cc1f606167 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -714,7 +714,7 @@ static int check_name_constraints(X509_STORE_CTX *ctx)
*/
tmpsubject = X509_NAME_dup(tmpsubject);
if (tmpsubject == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
ctx->error = X509_V_ERR_OUT_OF_MEM;
return -1;
}
@@ -1655,15 +1655,19 @@ static int check_policy(X509_STORE_CTX *ctx)
* was verified via a bare public key, and pop it off right after the
* X509_policy_check() call.
*/
- if (ctx->bare_ta_signed && !sk_X509_push(ctx->chain, NULL))
+ if (ctx->bare_ta_signed && !sk_X509_push(ctx->chain, NULL)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto memerr;
+ }
ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
ctx->param->policies, ctx->param->flags);
if (ctx->bare_ta_signed)
(void)sk_X509_pop(ctx->chain);
- if (ret == X509_PCY_TREE_INTERNAL)
+ if (ret == X509_PCY_TREE_INTERNAL) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
goto memerr;
+ }
/* Invalid or inconsistent extensions */
if (ret == X509_PCY_TREE_INVALID) {
int i;
@@ -1702,7 +1706,6 @@ static int check_policy(X509_STORE_CTX *ctx)
return 1;
memerr:
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
ctx->error = X509_V_ERR_OUT_OF_MEM;
return -1;
}
@@ -2068,20 +2071,30 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
}
/* Create new CRL */
crl = X509_CRL_new_ex(base->libctx, base->propq);
- if (crl == NULL || !X509_CRL_set_version(crl, X509_CRL_VERSION_2))
- goto memerr;
+ if (crl == NULL || !X509_CRL_set_version(crl, X509_CRL_VERSION_2)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
+ }
/* Set issuer name */
- if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer)))
- goto memerr;
+ if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer))) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
+ }
- if (!X509_CRL_set1_lastUpdate(crl, X509_CRL_get0_lastUpdate(newer)))
- goto memerr;
- if (!X509_CRL_set1_nextUpdate(crl, X509_CRL_get0_nextUpdate(newer)))
- goto memerr;
+ if (!X509_CRL_set1_lastUpdate(crl, X509_CRL_get0_lastUpdate(newer))) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
+ }
+ if (!X509_CRL_set1_nextUpdate(crl, X509_CRL_get0_nextUpdate(newer))) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
+ }
/* Set base CRL number: must be critical */
- if (!X509_CRL_add1_ext_i2d(crl, NID_delta_crl, base->crl_number, 1, 0))
- goto memerr;
+ if (!X509_CRL_add1_ext_i2d(crl, NID_delta_crl, base->crl_number, 1, 0)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
+ }
/*
* Copy extensions across from newest CRL to delta: this will set CRL
@@ -2090,8 +2103,10 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
for (i = 0; i < X509_CRL_get_ext_count(newer); i++) {
X509_EXTENSION *ext = X509_CRL_get_ext(newer, i);
- if (!X509_CRL_add_ext(crl, ext, -1))
- goto memerr;
+ if (!X509_CRL_add_ext(crl, ext, -1)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
+ }
}
/* Go through revoked entries, copying as needed */
@@ -2108,22 +2123,26 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
*/
if (!X509_CRL_get0_by_serial(base, &rvtmp, &rvn->serialNumber)) {
rvtmp = X509_REVOKED_dup(rvn);
- if (rvtmp == NULL)
- goto memerr;
+ if (rvtmp == NULL) {
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
+ goto err;
+ }
if (!X509_CRL_add0_revoked(crl, rvtmp)) {
X509_REVOKED_free(rvtmp);
- goto memerr;
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
}
}
}
- if (skey != NULL && md != NULL && !X509_CRL_sign(crl, skey, md))
- goto memerr;
+ if (skey != NULL && md != NULL && !X509_CRL_sign(crl, skey, md)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ goto err;
+ }
return crl;
- memerr:
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ err:
X509_CRL_free(crl);
return NULL;
}
@@ -2289,17 +2308,14 @@ X509_STORE_CTX *X509_STORE_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
{
X509_STORE_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
- if (ctx == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (ctx == NULL)
return NULL;
- }
ctx->libctx = libctx;
if (propq != NULL) {
ctx->propq = OPENSSL_strdup(propq);
if (ctx->propq == NULL) {
OPENSSL_free(ctx);
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
return NULL;
}
}
@@ -2419,7 +2435,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
ctx->param = X509_VERIFY_PARAM_new();
if (ctx->param == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
}
@@ -2447,7 +2463,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
&ctx->ex_data))
return 1;
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
err:
/*
@@ -2677,7 +2693,7 @@ static unsigned char *dane_i2d(X509 *cert, uint8_t selector,
}
if (len < 0 || buf == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
return NULL;
}
@@ -3034,24 +3050,30 @@ static int build_chain(X509_STORE_CTX *ctx)
}
/* Initialize empty untrusted stack. */
- if ((sk_untrusted = sk_X509_new_null()) == NULL)
+ if ((sk_untrusted = sk_X509_new_null()) == NULL) {
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto memerr;
+ }
/*
* If we got any "Cert(0) Full(0)" trust anchors from DNS, *prepend* them
* to our working copy of the untrusted certificate stack.
*/
if (DANETLS_ENABLED(dane) && dane->certs != NULL
- && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT))
+ && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
goto memerr;
+ }
/*
* Shallow-copy the stack of untrusted certificates (with TLS, this is
* typically the content of the peer's certificate message) so we can make
* multiple passes over it, while free to remove elements as we go.
*/
- if (!X509_add_certs(sk_untrusted, ctx->untrusted, X509_ADD_FLAG_DEFAULT))
+ if (!X509_add_certs(sk_untrusted, ctx->untrusted, X509_ADD_FLAG_DEFAULT)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
goto memerr;
+ }
/*
* Still absurdly large, but arithmetically safe, a lower hard upper bound
@@ -3163,6 +3185,7 @@ static int build_chain(X509_STORE_CTX *ctx)
/* Grow the chain by trusted issuer */
if (!sk_X509_push(ctx->chain, issuer)) {
X509_free(issuer);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto memerr;
}
if ((self_signed = X509_self_signed(issuer, 0)) < 0)
@@ -3330,7 +3353,6 @@ static int build_chain(X509_STORE_CTX *ctx)
return -1;
memerr:
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
ctx->error = X509_V_ERR_OUT_OF_MEM;
sk_X509_free(sk_untrusted);
return -1;
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index 101f2dfe94..28d11dedfa 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -84,10 +84,8 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
X509_VERIFY_PARAM *param;
param = OPENSSL_zalloc(sizeof(*param));
- if (param == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (param == NULL)
return NULL;
- }
param->trust = X509_TRUST_DEFAULT;
/* param->inh_flags = X509_VP_FLAG_DEFAULT; */
param->depth = -1;
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index 690e2799ff..de29f9713a 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -222,7 +222,7 @@ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc,
goto err;
new_name->set = set;
if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
if (inc) {
diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c
index 1d66697db0..142eeb79bd 100644
--- a/crypto/x509/x509spki.c
+++ b/crypto/x509/x509spki.c
@@ -35,10 +35,8 @@ NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len)
NETSCAPE_SPKI *spki;
if (len <= 0)
len = strlen(str);
- if ((spki_der = OPENSSL_malloc(len + 1)) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if ((spki_der = OPENSSL_malloc(len + 1)) == NULL)
return NULL;
- }
spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
if (spki_len < 0) {
ERR_raise(ERR_LIB_X509, X509_R_BASE64_DECODE_ERROR);
@@ -65,7 +63,6 @@ char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
der_spki = OPENSSL_malloc(der_len);
b64_str = OPENSSL_malloc(der_len * 2);
if (der_spki == NULL || b64_str == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
OPENSSL_free(der_spki);
OPENSSL_free(b64_str);
return NULL;
diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index a19b0528b7..d021a6ff88 100644
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -366,7 +366,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
if (inf->revoked == NULL)
inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
if (inf->revoked == NULL || !sk_X509_REVOKED_push(inf->revoked, rev)) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB);
return 0;
}
inf->enc.modified = 1;
@@ -490,10 +490,8 @@ X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
{
X509_CRL_METHOD *m = OPENSSL_malloc(sizeof(*m));
- if (m == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (m == NULL)
return NULL;
- }
m->crl_init = crl_init;
m->crl_free = crl_free;
m->crl_lookup = crl_lookup;
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index bed2d049b4..98d03cf120 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -92,17 +92,20 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
X509_NAME *ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL)
- goto memerr;
- if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
- goto memerr;
- if ((ret->bytes = BUF_MEM_new()) == NULL)
- goto memerr;
+ return 0;
+ if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL) {
+ ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB);
+ goto err;
+ }
+ if ((ret->bytes = BUF_MEM_new()) == NULL) {
+ ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB);
+ goto err;
+ }
ret->modified = 1;
*val = (ASN1_VALUE *)ret;
return 1;
- memerr:
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ err:
if (ret) {
sk_X509_NAME_ENTRY_free(ret->entries);
OPENSSL_free(ret);
@@ -246,26 +249,28 @@ static int x509_name_encode(X509_NAME *a)
intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
if (!intname.s)
- goto memerr;
+ goto cerr;
for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
entry = sk_X509_NAME_ENTRY_value(a->entries, i);
if (entry->set != set) {
entries = sk_X509_NAME_ENTRY_new_null();
if (!entries)
- goto memerr;
+ goto cerr;
if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) {
sk_X509_NAME_ENTRY_free(entries);
- goto memerr;
+ goto cerr;
}
set = entry->set;
}
if (!sk_X509_NAME_ENTRY_push(entries, entry))
- goto memerr;
+ goto cerr;
}
len = ASN1_item_ex_i2d(&intname.a, NULL,
ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
- if (!BUF_MEM_grow(a->bytes, len))
- goto memerr;
+ if (!BUF_MEM_grow(a->bytes, len)) {
+ ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB);
+ goto err;
+ }
p = (unsigned char *)a->bytes->data;
ASN1_item_ex_i2d(&intname.a,
&p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
@@ -273,10 +278,11 @@ static int x509_name_encode(X509_NAME *a)
local_sk_X509_NAME_ENTRY_free);
a->modified = 0;
return len;
- memerr:
+ cerr:
+ ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB);
+ err:
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
local_sk_X509_NAME_ENTRY_free);
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
return -1;
}
@@ -318,7 +324,7 @@ static int x509_name_canon(X509_NAME *a)
}
intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
if (intname == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
@@ -329,25 +335,25 @@ static int x509_name_canon(X509_NAME *a)
goto err;
if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) {
sk_X509_NAME_ENTRY_free(entries);
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
set = entry->set;
}
tmpentry = X509_NAME_ENTRY_new();
if (tmpentry == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto err;
}
tmpentry->object = OBJ_dup(entry->object);
if (tmpentry->object == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_OBJ_LIB);
goto err;
}
if (!asn1_string_canon(tmpentry->value, entry->value))
goto err;
if (!sk_X509_NAME_ENTRY_push(entries, tmpentry)) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
goto err;
}
tmpentry = NULL;
@@ -360,10 +366,8 @@ static int x509_name_canon(X509_NAME *a)
a->canon_enclen = len;
p = OPENSSL_malloc(a->canon_enclen);
- if (p == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (p == NULL)
goto err;
- }
a->canon_enc = p;
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index c8d76f882e..89184fc910 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -112,12 +112,13 @@ static int x509_pubkey_ex_new_ex(ASN1_VALUE **pval, const ASN1_ITEM *it,
{
X509_PUBKEY *ret;
- if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL
- || !x509_pubkey_ex_populate((ASN1_VALUE **)&ret, NULL)
+ if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
+ return 0;
+ if (!x509_pubkey_ex_populate((ASN1_VALUE **)&ret, NULL)
|| !x509_pubkey_set0_libctx(ret, libctx, propq)) {
x509_pubkey_ex_free((ASN1_VALUE **)&ret, NULL);
ret = NULL;
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB);
} else {
*pval = (ASN1_VALUE *)ret;
}
@@ -141,7 +142,7 @@ static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval,
if (*pval == NULL && !x509_pubkey_ex_new_ex(pval, it, libctx, propq))
return 0;
if (!x509_pubkey_ex_populate(pval, NULL)) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB);
return 0;
}
@@ -190,10 +191,8 @@ static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval,
*/
if (aclass != V_ASN1_UNIVERSAL) {
tmpbuf = OPENSSL_memdup(in_saved, publen);
- if (tmpbuf == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ if (tmpbuf == NULL)
return 0;
- }
in_saved = tmpbuf;
*tmpbuf = V_ASN1_CONSTRUCTED | V_ASN1_SEQUENCE;
}
@@ -284,16 +283,22 @@ X509_PUBKEY *X509_PUBKEY_dup(const X509_PUBKEY *a)
{
X509_PUBKEY *pubkey = OPENSSL_zalloc(sizeof(*pubkey));
- if (pubkey == NULL
- || !x509_pubkey_set0_libctx(pubkey, a->libctx, a->propq)
- || (pubkey->algor = X509_ALGOR_dup(a->algor)) == NULL
- || (pubkey->public_key = ASN1_BIT_STRING_new()) == NULL
- || !ASN1_BIT_STRING_set(pubkey->public_key,
- a->public_key->data,
- a->public_key->length)) {
+ if (pubkey == NULL)
+ return NULL;
+ if (!x509_pubkey_set0_libctx(pubkey, a->libctx, a->propq)) {
+ ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB);
+ x509_pubkey_ex_free((ASN1_VALUE **)&pubkey,
+ ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
+ return NULL;
+ }
+ if ((pubkey->algor = X509_ALGOR_dup(a->algor)) == NULL
+ || (pubkey->public_key = ASN1_BIT_STRING_new()) == NULL
+ || !ASN1_BIT_STRING_set(pubkey->public_key,
+ a->public_key->data,
+ a->public_key->length)) {
x509_pubkey_ex_free((ASN1_VALUE **)&pubkey,
ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL));
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
return NULL;
}
@@ -325,7 +330,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
if (pkey->ameth != NULL) {
if ((pk = X509_PUBKEY_new()) == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
goto error;
}
if (pkey->ameth->pub_encode != NULL) {
@@ -416,7 +421,7 @@ static int x509_pubkey_decode(EVP_PKEY **ppkey, const X509_PUBKEY *key)
pkey = EVP_PKEY_new();
if (pkey == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_EVP_LIB);
return -1;
}
@@ -499,10 +504,8 @@ static EVP_PKEY *d2i_PUBKEY_int(EVP_PKEY **a,
*/
if (libctx != NULL || propq != NULL || force_legacy) {
xpk2 = OPENSSL_zalloc(sizeof(*xpk2));
- if (xpk2 == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (xpk2 == NULL)
return NULL;
- }
if (!x509_pubkey_set0_libctx(xpk2, libctx, propq))
goto end;
xpk2->flag_force_legacy = !!force_legacy;
@@ -628,7 +631,7 @@ int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp)
return 0;
pktmp = EVP_PKEY_new();
if (pktmp == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign_RSA(pktmp, (RSA *)a);
@@ -670,7 +673,7 @@ int ossl_i2d_DH_PUBKEY(const DH *a, unsigned char **pp)
return 0;
pktmp = EVP_PKEY_new();
if (pktmp == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign_DH(pktmp, (DH *)a);
@@ -711,7 +714,7 @@ int ossl_i2d_DHx_PUBKEY(const DH *a, unsigned char **pp)
return 0;
pktmp = EVP_PKEY_new();
if (pktmp == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign(pktmp, EVP_PKEY_DHX, (DH *)a);
@@ -753,7 +756,7 @@ int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp)
return 0;
pktmp = EVP_PKEY_new();
if (pktmp == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign_DSA(pktmp, (DSA *)a);
@@ -798,7 +801,7 @@ int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp)
if (a == NULL)
return 0;
if ((pktmp = EVP_PKEY_new()) == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign_EC_KEY(pktmp, (EC_KEY *)a);
@@ -839,7 +842,7 @@ int ossl_i2d_ED25519_PUBKEY(const ECX_KEY *a, unsigned char **pp)
if (a == NULL)
return 0;
if ((pktmp = EVP_PKEY_new()) == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED25519, (ECX_KEY *)a);
@@ -881,7 +884,7 @@ int ossl_i2d_ED448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
if (a == NULL)
return 0;
if ((pktmp = EVP_PKEY_new()) == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED448, (ECX_KEY *)a);
@@ -923,7 +926,7 @@ int ossl_i2d_X25519_PUBKEY(const ECX_KEY *a, unsigned char **pp)
if (a == NULL)
return 0;
if ((pktmp = EVP_PKEY_new()) == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign(pktmp, EVP_PKEY_X25519, (ECX_KEY *)a);
@@ -965,7 +968,7 @@ int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
if (a == NULL)
return 0;
if ((pktmp = EVP_PKEY_new()) == NULL) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
return -1;
}
(void)EVP_PKEY_assign(pktmp, EVP_PKEY_X448, (ECX_KEY *)a);
diff --git a/crypto/x509/x_req.c b/crypto/x509/x_req.c
index 293d4be713..a8faac1706 100644
--- a/crypto/x509/x_req.c
+++ b/crypto/x509/x_req.c
@@ -74,7 +74,7 @@ static int req_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
if (pkey != NULL) {
pkey = EVP_PKEY_dup(pkey);
if (pkey == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_X509, ERR_R_EVP_LIB);
return 0;
}
if (!X509_PUBKEY_set(&ret->req_info.pubkey, pkey)) {
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 010578b19a..8d831dbe21 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -272,10 +272,8 @@ int i2d_X509_AUX(const X509 *a, unsigned char **pp)
/* Allocate requisite combined storage */
*pp = tmp = OPENSSL_malloc(length);
- if (tmp == NULL) {
- ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
+ if (tmp == NULL)
return -1;
- }
/* Encode, but keep *pp at the originally malloced pointer */
length = i2d_x509_aux_internal(a, &tmp);
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 22:19:26 +0100