diff options
| author | Pauli <paul.dale@oracle.com> | 2020-06-29 00:39:42 +0200 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-07-05 05:20:09 +0200 |
| commit | 2f142901ca7f729a20444a541ec1cb8516954056 (patch) | |
| tree | f2c2dc319406270b99aad427e3a086a96d11bd06 /providers/implementations/rands/drbg_ctr.c | |
| parent | coverity 1464984: Null pointer dereferences (diff) | |
| download | openssl-2f142901ca7f729a20444a541ec1cb8516954056.tar.xz openssl-2f142901ca7f729a20444a541ec1cb8516954056.zip | |
coverity 1464983: null pointer dereference
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12309)
Diffstat (limited to '')
| -rw-r--r-- | providers/implementations/rands/drbg_ctr.c | 68 |
1 files changed, 35 insertions, 33 deletions
diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index f481b1bb27..48fb7ebd3d 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -530,9 +530,13 @@ static int drbg_ctr_init_lengths(PROV_DRBG *drbg) static int drbg_ctr_init(PROV_DRBG *drbg) { PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; - const size_t keylen = EVP_CIPHER_key_length(ctr->cipher_ctr); + size_t keylen; - ctr->keylen = keylen; + if (ctr->cipher_ctr == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CIPHER); + return 0; + } + ctr->keylen = keylen = EVP_CIPHER_key_length(ctr->cipher_ctr); if (ctr->ctx_ecb == NULL) ctr->ctx_ecb = EVP_CIPHER_CTX_new(); if (ctr->ctx_ctr == NULL) @@ -542,39 +546,37 @@ static int drbg_ctr_init(PROV_DRBG *drbg) goto err; } - if (ctr->cipher_ctr != NULL) { - if (!EVP_CipherInit_ex(ctr->ctx_ecb, - ctr->cipher_ecb, NULL, NULL, NULL, 1) - || !EVP_CipherInit_ex(ctr->ctx_ctr, - ctr->cipher_ctr, NULL, NULL, NULL, 1)) { - ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_INITIALISE_CIPHERS); - goto err; - } + if (!EVP_CipherInit_ex(ctr->ctx_ecb, + ctr->cipher_ecb, NULL, NULL, NULL, 1) + || !EVP_CipherInit_ex(ctr->ctx_ctr, + ctr->cipher_ctr, NULL, NULL, NULL, 1)) { + ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_INITIALISE_CIPHERS); + goto err; + } - drbg->strength = keylen * 8; - drbg->seedlen = keylen + 16; + drbg->strength = keylen * 8; + drbg->seedlen = keylen + 16; - if (ctr->use_df) { - /* df initialisation */ - static const unsigned char df_key[32] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f - }; - - if (ctr->ctx_df == NULL) - ctr->ctx_df = EVP_CIPHER_CTX_new(); - if (ctr->ctx_df == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - goto err; - } - /* Set key schedule for df_key */ - if (!EVP_CipherInit_ex(ctr->ctx_df, - ctr->cipher_ecb, NULL, df_key, NULL, 1)) { - ERR_raise(ERR_LIB_PROV, PROV_R_DERIVATION_FUNCTION_INIT_FAILED); - goto err; - } + if (ctr->use_df) { + /* df initialisation */ + static const unsigned char df_key[32] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f + }; + + if (ctr->ctx_df == NULL) + ctr->ctx_df = EVP_CIPHER_CTX_new(); + if (ctr->ctx_df == NULL) { + ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + goto err; + } + /* Set key schedule for df_key */ + if (!EVP_CipherInit_ex(ctr->ctx_df, + ctr->cipher_ecb, NULL, df_key, NULL, 1)) { + ERR_raise(ERR_LIB_PROV, PROV_R_DERIVATION_FUNCTION_INIT_FAILED); + goto err; } } return drbg_ctr_init_lengths(drbg); |