The branch master has been updated
via 7de2b9c4afd90359e47d81a5fa70bcb8506fbf91 (commit)
from 77579510aa40aa769ceafc7a0c856381800e79c2 (commit)
- Log -----------------------------------------------------------------
commit 7de2b9c4afd90359e47d81a5fa70bcb8506fbf91
Author: Rich Salz <rs...@openssl.org>
Date: Thu Apr 5 15:13:55 2018 -0400
Set error code if alloc returns NULL
Reviewed-by: Richard Levitte <levi...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5886)
-----------------------------------------------------------------------
Summary of changes:
crypto/cmac/cmac.c | 6 ++++--
crypto/cpt_err.c | 10 ++++++++++
crypto/err/openssl.txt | 8 +++++++-
crypto/hmac/hm_pmeth.c | 6 ++++--
crypto/modes/ocb128.c | 11 +++++++----
crypto/poly1305/poly1305_pmeth.c | 6 ++++--
crypto/siphash/siphash_pmeth.c | 6 ++++--
crypto/threads_none.c | 7 +++++--
crypto/threads_pthread.c | 14 ++++++++++----
crypto/threads_win.c | 7 +++++--
include/openssl/conferr.h | 2 +-
include/openssl/cryptoerr.h | 6 ++++++
12 files changed, 67 insertions(+), 22 deletions(-)
diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index 46e3cb7..0c59659 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -12,6 +12,7 @@
#include <string.h>
#include "internal/cryptlib.h"
#include <openssl/cmac.h>
+#include <openssl/err.h>
struct CMAC_CTX_st {
/* Cipher context to use */
@@ -46,9 +47,10 @@ CMAC_CTX *CMAC_CTX_new(void)
{
CMAC_CTX *ctx;
- ctx = OPENSSL_malloc(sizeof(*ctx));
- if (ctx == NULL)
+ if ((ctx = OPENSSL_malloc(sizeof(*ctx))) == NULL) {
+ CRYPTOerr(CRYPTO_F_CMAC_CTX_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
+ }
ctx->cctx = EVP_CIPHER_CTX_new();
if (ctx->cctx == NULL) {
OPENSSL_free(ctx);
diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index 43426ec..da1004d 100644
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -14,6 +14,7 @@
#ifndef OPENSSL_NO_ERR
static const ERR_STRING_DATA CRYPTO_str_functs[] = {
+ {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CMAC_CTX_NEW, 0), "CMAC_CTX_new"},
{ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_DUP_EX_DATA, 0),
"CRYPTO_dup_ex_data"},
{ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_FREE_EX_DATA, 0),
@@ -23,6 +24,10 @@ static const ERR_STRING_DATA CRYPTO_str_functs[] = {
{ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_MEMDUP, 0), "CRYPTO_memdup"},
{ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_NEW_EX_DATA, 0),
"CRYPTO_new_ex_data"},
+ {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_OCB128_COPY_CTX, 0),
+ "CRYPTO_ocb128_copy_ctx"},
+ {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_OCB128_INIT, 0),
+ "CRYPTO_ocb128_init"},
{ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_SET_EX_DATA, 0),
"CRYPTO_set_ex_data"},
{ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_FIPS_MODE_SET, 0), "FIPS_mode_set"},
@@ -35,6 +40,11 @@ static const ERR_STRING_DATA CRYPTO_str_functs[] = {
"OPENSSL_hexstr2buf"},
{ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_INIT_CRYPTO, 0),
"OPENSSL_init_crypto"},
+ {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_HMAC_INIT, 0), "pkey_hmac_init"},
+ {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_POLY1305_INIT, 0),
+ "pkey_poly1305_init"},
+ {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_SIPHASH_INIT, 0),
+ "pkey_siphash_init"},
{0, NULL}
};
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index d1cc039..b238cd7 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -335,13 +335,16 @@ CONF_F_NCONF_LOAD_BIO:110:NCONF_load_bio
CONF_F_NCONF_LOAD_FP:114:NCONF_load_fp
CONF_F_NCONF_NEW:111:NCONF_new
CONF_F_PROCESS_INCLUDE:116:process_include
-CONF_F_SSL_MODULE_INIT:122:ssl_module_init
+CONF_F_SSL_MODULE_INIT:123:ssl_module_init
CONF_F_STR_COPY:101:str_copy
+CRYPTO_F_CMAC_CTX_NEW:120:CMAC_CTX_new
CRYPTO_F_CRYPTO_DUP_EX_DATA:110:CRYPTO_dup_ex_data
CRYPTO_F_CRYPTO_FREE_EX_DATA:111:CRYPTO_free_ex_data
CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX:100:CRYPTO_get_ex_new_index
CRYPTO_F_CRYPTO_MEMDUP:115:CRYPTO_memdup
CRYPTO_F_CRYPTO_NEW_EX_DATA:112:CRYPTO_new_ex_data
+CRYPTO_F_CRYPTO_OCB128_COPY_CTX:121:CRYPTO_ocb128_copy_ctx
+CRYPTO_F_CRYPTO_OCB128_INIT:122:CRYPTO_ocb128_init
CRYPTO_F_CRYPTO_SET_EX_DATA:102:CRYPTO_set_ex_data
CRYPTO_F_FIPS_MODE_SET:109:FIPS_mode_set
CRYPTO_F_GET_AND_LOCK:113:get_and_lock
@@ -350,6 +353,9 @@ CRYPTO_F_OPENSSL_BUF2HEXSTR:117:OPENSSL_buf2hexstr
CRYPTO_F_OPENSSL_FOPEN:119:openssl_fopen
CRYPTO_F_OPENSSL_HEXSTR2BUF:118:OPENSSL_hexstr2buf
CRYPTO_F_OPENSSL_INIT_CRYPTO:116:OPENSSL_init_crypto
+CRYPTO_F_PKEY_HMAC_INIT:123:pkey_hmac_init
+CRYPTO_F_PKEY_POLY1305_INIT:124:pkey_poly1305_init
+CRYPTO_F_PKEY_SIPHASH_INIT:125:pkey_siphash_init
CT_F_CTLOG_NEW:117:CTLOG_new
CT_F_CTLOG_NEW_FROM_BASE64:118:CTLOG_new_from_base64
CT_F_CTLOG_NEW_FROM_CONF:119:ctlog_new_from_conf
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index 5b98477..ceca6f7 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -13,6 +13,7 @@
#include <openssl/x509v3.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#include <openssl/err.h>
#include "internal/evp_int.h"
/* HMAC pkey context structure */
@@ -27,9 +28,10 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
{
HMAC_PKEY_CTX *hctx;
- hctx = OPENSSL_zalloc(sizeof(*hctx));
- if (hctx == NULL)
+ if ((hctx = OPENSSL_zalloc(sizeof(*hctx))) == NULL) {
+ CRYPTOerr(CRYPTO_F_PKEY_HMAC_INIT, ERR_R_MALLOC_FAILURE);
return 0;
+ }
hctx->ktmp.type = V_ASN1_OCTET_STRING;
hctx->ctx = HMAC_CTX_new();
if (hctx->ctx == NULL) {
diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c
index db794d0..350c41f 100644
--- a/crypto/modes/ocb128.c
+++ b/crypto/modes/ocb128.c
@@ -9,6 +9,7 @@
#include <string.h>
#include <openssl/crypto.h>
+#include <openssl/err.h>
#include "modes_lcl.h"
#ifndef OPENSSL_NO_OCB
@@ -164,9 +165,10 @@ int CRYPTO_ocb128_init(OCB128_CONTEXT *ctx, void *keyenc,
void *keydec,
memset(ctx, 0, sizeof(*ctx));
ctx->l_index = 0;
ctx->max_l_index = 5;
- ctx->l = OPENSSL_malloc(ctx->max_l_index * 16);
- if (ctx->l == NULL)
+ if ((ctx->l = OPENSSL_malloc(ctx->max_l_index * 16)) == NULL) {
+ CRYPTOerr(CRYPTO_F_CRYPTO_OCB128_INIT, ERR_R_MALLOC_FAILURE);
return 0;
+ }
/*
* We set both the encryption and decryption key schedules - decryption
@@ -210,9 +212,10 @@ int CRYPTO_ocb128_copy_ctx(OCB128_CONTEXT *dest,
OCB128_CONTEXT *src,
if (keydec)
dest->keydec = keydec;
if (src->l) {
- dest->l = OPENSSL_malloc(src->max_l_index * 16);
- if (dest->l == NULL)
+ if ((dest->l = OPENSSL_malloc(src->max_l_index * 16)) == NULL) {
+ CRYPTOerr(CRYPTO_F_CRYPTO_OCB128_COPY_CTX, ERR_R_MALLOC_FAILURE);
return 0;
+ }
memcpy(dest->l, src->l, (src->l_index + 1) * 16);
}
return 1;
diff --git a/crypto/poly1305/poly1305_pmeth.c b/crypto/poly1305/poly1305_pmeth.c
index 7bc6add..1459a32 100644
--- a/crypto/poly1305/poly1305_pmeth.c
+++ b/crypto/poly1305/poly1305_pmeth.c
@@ -12,6 +12,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/evp.h>
+#include <openssl/err.h>
#include "internal/poly1305.h"
#include "poly1305_local.h"
#include "internal/evp_int.h"
@@ -27,9 +28,10 @@ static int pkey_poly1305_init(EVP_PKEY_CTX *ctx)
{
POLY1305_PKEY_CTX *pctx;
- pctx = OPENSSL_zalloc(sizeof(*pctx));
- if (pctx == NULL)
+ if ((pctx = OPENSSL_zalloc(sizeof(*pctx))) == NULL) {
+ CRYPTOerr(CRYPTO_F_PKEY_POLY1305_INIT, ERR_R_MALLOC_FAILURE);
return 0;
+ }
pctx->ktmp.type = V_ASN1_OCTET_STRING;
EVP_PKEY_CTX_set_data(ctx, pctx);
diff --git a/crypto/siphash/siphash_pmeth.c b/crypto/siphash/siphash_pmeth.c
index ae16e55..a5211f2 100644
--- a/crypto/siphash/siphash_pmeth.c
+++ b/crypto/siphash/siphash_pmeth.c
@@ -12,6 +12,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/evp.h>
+#include <openssl/err.h>
#include "internal/siphash.h"
#include "siphash_local.h"
#include "internal/evp_int.h"
@@ -27,9 +28,10 @@ static int pkey_siphash_init(EVP_PKEY_CTX *ctx)
{
SIPHASH_PKEY_CTX *pctx;
- pctx = OPENSSL_zalloc(sizeof(*pctx));
- if (pctx == NULL)
+ if ((pctx = OPENSSL_zalloc(sizeof(*pctx))) == NULL) {
+ CRYPTOerr(CRYPTO_F_PKEY_SIPHASH_INIT, ERR_R_MALLOC_FAILURE);
return 0;
+ }
pctx->ktmp.type = V_ASN1_OCTET_STRING;
EVP_PKEY_CTX_set_data(ctx, pctx);
diff --git a/crypto/threads_none.c b/crypto/threads_none.c
index 30ed4e6..35c985b 100644
--- a/crypto/threads_none.c
+++ b/crypto/threads_none.c
@@ -14,9 +14,12 @@
CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
{
- CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(unsigned int));
- if (lock == NULL)
+ CRYPTO_RWLOCK *lock;
+
+ if ((lock = OPENSSL_zalloc(sizeof(unsigned int))) == NULL) {
+ /* Don't set error, to avoid recursion blowup. */
return NULL;
+ }
*(unsigned int *)lock = 1;
diff --git a/crypto/threads_pthread.c b/crypto/threads_pthread.c
index 3aeef21..a2c1707 100644
--- a/crypto/threads_pthread.c
+++ b/crypto/threads_pthread.c
@@ -19,9 +19,12 @@
CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
{
# ifdef USE_RWLOCK
- CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(pthread_rwlock_t));
- if (lock == NULL)
+ CRYPTO_RWLOCK *lock;
+
+ if ((lock = OPENSSL_zalloc(sizeof(pthread_rwlock_t))) == NULL) {
+ /* Don't set error, to avoid recursion blowup. */
return NULL;
+ }
if (pthread_rwlock_init(lock, NULL) != 0) {
OPENSSL_free(lock);
@@ -29,9 +32,12 @@ CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
}
# else
pthread_mutexattr_t attr;
- CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(pthread_mutex_t));
- if (lock == NULL)
+ CRYPTO_RWLOCK *lock;
+
+ if ((lock = OPENSSL_zalloc(sizeof(pthread_mutex_t))) == NULL) {
+ /* Don't set error, to avoid recursion blowup. */
return NULL;
+ }
pthread_mutexattr_init(&attr);
pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE);
diff --git a/crypto/threads_win.c b/crypto/threads_win.c
index f222aa5..ad4f5e1 100644
--- a/crypto/threads_win.c
+++ b/crypto/threads_win.c
@@ -17,9 +17,12 @@
CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
{
- CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(CRITICAL_SECTION));
- if (lock == NULL)
+ CRYPTO_RWLOCK *lock;
+
+ if ((lock = OPENSSL_zalloc(sizeof(CRITICAL_SECTION))) == NULL) {
+ /* Don't set error, to avoid recursion blowup. */
return NULL;
+ }
/* 0x400 is the spin count value suggested in the documentation */
if (!InitializeCriticalSectionAndSpinCount(lock, 0x400)) {
diff --git a/include/openssl/conferr.h b/include/openssl/conferr.h
index e2317d8..4574636 100644
--- a/include/openssl/conferr.h
+++ b/include/openssl/conferr.h
@@ -40,7 +40,7 @@ int ERR_load_CONF_strings(void);
# define CONF_F_NCONF_LOAD_FP 114
# define CONF_F_NCONF_NEW 111
# define CONF_F_PROCESS_INCLUDE 116
-# define CONF_F_SSL_MODULE_INIT 122
+# define CONF_F_SSL_MODULE_INIT 123
# define CONF_F_STR_COPY 101
/*
diff --git a/include/openssl/cryptoerr.h b/include/openssl/cryptoerr.h
index 63f3f0f..85c1952 100644
--- a/include/openssl/cryptoerr.h
+++ b/include/openssl/cryptoerr.h
@@ -19,11 +19,14 @@ int ERR_load_CRYPTO_strings(void);
/*
* CRYPTO function codes.
*/
+# define CRYPTO_F_CMAC_CTX_NEW 120
# define CRYPTO_F_CRYPTO_DUP_EX_DATA 110
# define CRYPTO_F_CRYPTO_FREE_EX_DATA 111
# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
# define CRYPTO_F_CRYPTO_MEMDUP 115
# define CRYPTO_F_CRYPTO_NEW_EX_DATA 112
+# define CRYPTO_F_CRYPTO_OCB128_COPY_CTX 121
+# define CRYPTO_F_CRYPTO_OCB128_INIT 122
# define CRYPTO_F_CRYPTO_SET_EX_DATA 102
# define CRYPTO_F_FIPS_MODE_SET 109
# define CRYPTO_F_GET_AND_LOCK 113
@@ -32,6 +35,9 @@ int ERR_load_CRYPTO_strings(void);
# define CRYPTO_F_OPENSSL_FOPEN 119
# define CRYPTO_F_OPENSSL_HEXSTR2BUF 118
# define CRYPTO_F_OPENSSL_INIT_CRYPTO 116
+# define CRYPTO_F_PKEY_HMAC_INIT 123
+# define CRYPTO_F_PKEY_POLY1305_INIT 124
+# define CRYPTO_F_PKEY_SIPHASH_INIT 125
/*
* CRYPTO reason codes.
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
