The branch master has been updated via fe1128dc2a6e7aae9010cf6595c78245e0eefd46 (commit) from 74a8acbdfb2c7f398d1ae2fe914cd32b437f6df4 (commit)
- Log ----------------------------------------------------------------- commit fe1128dc2a6e7aae9010cf6595c78245e0eefd46 Author: Rich Salz <rs...@openssl.org> Date: Thu Apr 26 14:02:24 2018 -0400 Fix last(?) batch of malloc-NULL places Add a script to find them in the future Reviewed-by: Bernd Edlinger <bernd.edlin...@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/6103) ----------------------------------------------------------------------- Summary of changes: crypto/comp/comp_err.c | 3 ++- crypto/comp/comp_lib.c | 5 ++++- crypto/cpt_err.c | 5 +++++ crypto/err/openssl.txt | 6 ++++++ crypto/lhash/lhash.c | 9 ++++++++- crypto/stack/stack.c | 10 +++++++--- include/openssl/comperr.h | 1 + include/openssl/cryptoerr.h | 4 ++++ include/openssl/sslerr.h | 1 + ssl/record/rec_layer_d1.c | 4 +++- ssl/ssl_err.c | 2 ++ .../04-test_bio_callback.t => util/check-malloc-errs | 14 +++++++++----- 12 files changed, 52 insertions(+), 12 deletions(-) copy test/recipes/04-test_bio_callback.t => util/check-malloc-errs (57%) mode change 100644 => 100755 diff --git a/crypto/comp/comp_err.c b/crypto/comp/comp_err.c index 5aff502..2dca315 100644 --- a/crypto/comp/comp_err.c +++ b/crypto/comp/comp_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -18,6 +18,7 @@ static const ERR_STRING_DATA COMP_str_functs[] = { {ERR_PACK(ERR_LIB_COMP, COMP_F_BIO_ZLIB_NEW, 0), "bio_zlib_new"}, {ERR_PACK(ERR_LIB_COMP, COMP_F_BIO_ZLIB_READ, 0), "bio_zlib_read"}, {ERR_PACK(ERR_LIB_COMP, COMP_F_BIO_ZLIB_WRITE, 0), "bio_zlib_write"}, + {ERR_PACK(ERR_LIB_COMP, COMP_F_COMP_CTX_NEW, 0), "COMP_CTX_new"}, {0, NULL} }; diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c index e509f59..6ae2114 100644 --- a/crypto/comp/comp_lib.c +++ b/crypto/comp/comp_lib.c @@ -12,14 +12,17 @@ #include <string.h> #include <openssl/objects.h> #include <openssl/comp.h> +#include <openssl/err.h> #include "comp_lcl.h" COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) { COMP_CTX *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { + COMPerr(COMP_F_COMP_CTX_NEW, ERR_R_MALLOC_FAILURE); return NULL; + } ret->meth = meth; if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { OPENSSL_free(ret); diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c index da1004d..4147b1c 100644 --- a/crypto/cpt_err.c +++ b/crypto/cpt_err.c @@ -40,11 +40,16 @@ static const ERR_STRING_DATA CRYPTO_str_functs[] = { "OPENSSL_hexstr2buf"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_INIT_CRYPTO, 0), "OPENSSL_init_crypto"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_LH_NEW, 0), "OPENSSL_LH_new"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_SK_DEEP_COPY, 0), + "OPENSSL_sk_deep_copy"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_SK_DUP, 0), "OPENSSL_sk_dup"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_HMAC_INIT, 0), "pkey_hmac_init"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_POLY1305_INIT, 0), "pkey_poly1305_init"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_SIPHASH_INIT, 0), "pkey_siphash_init"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_SK_RESERVE, 0), "sk_reserve"}, {0, NULL} }; diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index b9457b9..155a8f3 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -320,6 +320,7 @@ COMP_F_BIO_ZLIB_FLUSH:99:bio_zlib_flush COMP_F_BIO_ZLIB_NEW:100:bio_zlib_new COMP_F_BIO_ZLIB_READ:101:bio_zlib_read COMP_F_BIO_ZLIB_WRITE:102:bio_zlib_write +COMP_F_COMP_CTX_NEW:103:COMP_CTX_new CONF_F_CONF_DUMP_FP:104:CONF_dump_fp CONF_F_CONF_LOAD:100:CONF_load CONF_F_CONF_LOAD_FP:103:CONF_load_fp @@ -359,9 +360,13 @@ CRYPTO_F_OPENSSL_BUF2HEXSTR:117:OPENSSL_buf2hexstr CRYPTO_F_OPENSSL_FOPEN:119:openssl_fopen CRYPTO_F_OPENSSL_HEXSTR2BUF:118:OPENSSL_hexstr2buf CRYPTO_F_OPENSSL_INIT_CRYPTO:116:OPENSSL_init_crypto +CRYPTO_F_OPENSSL_LH_NEW:126:OPENSSL_LH_new +CRYPTO_F_OPENSSL_SK_DEEP_COPY:127:OPENSSL_sk_deep_copy +CRYPTO_F_OPENSSL_SK_DUP:128:OPENSSL_sk_dup CRYPTO_F_PKEY_HMAC_INIT:123:pkey_hmac_init CRYPTO_F_PKEY_POLY1305_INIT:124:pkey_poly1305_init CRYPTO_F_PKEY_SIPHASH_INIT:125:pkey_siphash_init +CRYPTO_F_SK_RESERVE:129:sk_reserve CT_F_CTLOG_NEW:117:CTLOG_new CT_F_CTLOG_NEW_FROM_BASE64:118:CTLOG_new_from_base64 CT_F_CTLOG_NEW_FROM_CONF:119:ctlog_new_from_conf @@ -1101,6 +1106,7 @@ SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST:385:\ dtls_construct_hello_verify_request SSL_F_DTLS_GET_REASSEMBLED_MESSAGE:370:dtls_get_reassembled_message SSL_F_DTLS_PROCESS_HELLO_VERIFY:386:dtls_process_hello_verify +SSL_F_DTLS_RECORD_LAYER_NEW:635:DTLS_RECORD_LAYER_new SSL_F_DTLS_WAIT_FOR_DRY:592:dtls_wait_for_dry SSL_F_EARLY_DATA_COUNT_OK:532:early_data_count_ok SSL_F_FINAL_EARLY_DATA:556:final_early_data diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 38c084d..116274b 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -12,6 +12,7 @@ #include <stdlib.h> #include <openssl/crypto.h> #include <openssl/lhash.h> +#include <openssl/err.h> #include "lhash_lcl.h" /* @@ -45,8 +46,14 @@ OPENSSL_LHASH *OPENSSL_LH_new(OPENSSL_LH_HASHFUNC h, OPENSSL_LH_COMPFUNC c) { OPENSSL_LHASH *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { + /* + * Do not set the error code, because the ERR code uses LHASH + * and we want to avoid possible endless error loop. + * CRYPTOerr(CRYPTO_F_OPENSSL_LH_NEW, ERR_R_MALLOC_FAILURE); + */ return NULL; + } if ((ret->b = OPENSSL_zalloc(sizeof(*ret->b) * MIN_NODES)) == NULL) goto err; ret->comp = ((c == NULL) ? (OPENSSL_LH_COMPFUNC)strcmp : c); diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c index 5fc4eb8..975515d 100644 --- a/crypto/stack/stack.c +++ b/crypto/stack/stack.c @@ -46,8 +46,10 @@ OPENSSL_STACK *OPENSSL_sk_dup(const OPENSSL_STACK *sk) { OPENSSL_STACK *ret; - if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) + if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { + CRYPTOerr(CRYPTO_F_OPENSSL_SK_DUP, ERR_R_MALLOC_FAILURE); return NULL; + } /* direct structure assignment */ *ret = *sk; @@ -75,8 +77,10 @@ OPENSSL_STACK *OPENSSL_sk_deep_copy(const OPENSSL_STACK *sk, OPENSSL_STACK *ret; int i; - if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) + if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { + CRYPTOerr(CRYPTO_F_OPENSSL_SK_DEEP_COPY, ERR_R_MALLOC_FAILURE); return NULL; + } /* direct structure assignment */ *ret = *sk; @@ -174,7 +178,7 @@ static int sk_reserve(OPENSSL_STACK *st, int n, int exact) * so |num_alloc| value is |n| or |min_nodes| if greater than |n|. */ if ((st->data = OPENSSL_zalloc(sizeof(void *) * num_alloc)) == NULL) { - /* STACKerr(STACK_F_SK_RESERVE, ERR_R_MALLOC_FAILURE); */ + CRYPTOerr(CRYPTO_F_SK_RESERVE, ERR_R_MALLOC_FAILURE); return 0; } st->num_alloc = num_alloc; diff --git a/include/openssl/comperr.h b/include/openssl/comperr.h index 5a1c8df..edea63a 100644 --- a/include/openssl/comperr.h +++ b/include/openssl/comperr.h @@ -27,6 +27,7 @@ int ERR_load_COMP_strings(void); # define COMP_F_BIO_ZLIB_NEW 100 # define COMP_F_BIO_ZLIB_READ 101 # define COMP_F_BIO_ZLIB_WRITE 102 +# define COMP_F_COMP_CTX_NEW 103 /* * COMP reason codes. diff --git a/include/openssl/cryptoerr.h b/include/openssl/cryptoerr.h index 85c1952..e127ff6 100644 --- a/include/openssl/cryptoerr.h +++ b/include/openssl/cryptoerr.h @@ -35,9 +35,13 @@ int ERR_load_CRYPTO_strings(void); # define CRYPTO_F_OPENSSL_FOPEN 119 # define CRYPTO_F_OPENSSL_HEXSTR2BUF 118 # define CRYPTO_F_OPENSSL_INIT_CRYPTO 116 +# define CRYPTO_F_OPENSSL_LH_NEW 126 +# define CRYPTO_F_OPENSSL_SK_DEEP_COPY 127 +# define CRYPTO_F_OPENSSL_SK_DUP 128 # define CRYPTO_F_PKEY_HMAC_INIT 123 # define CRYPTO_F_PKEY_POLY1305_INIT 124 # define CRYPTO_F_PKEY_SIPHASH_INIT 125 +# define CRYPTO_F_SK_RESERVE 129 /* * CRYPTO reason codes. diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h index 5c6718f..8e395cd 100644 --- a/include/openssl/sslerr.h +++ b/include/openssl/sslerr.h @@ -55,6 +55,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 385 # define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 370 # define SSL_F_DTLS_PROCESS_HELLO_VERIFY 386 +# define SSL_F_DTLS_RECORD_LAYER_NEW 635 # define SSL_F_DTLS_WAIT_FOR_DRY 592 # define SSL_F_EARLY_DATA_COUNT_OK 532 # define SSL_F_FINAL_EARLY_DATA 556 diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 90029a2..e3e168d 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -20,8 +20,10 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl) { DTLS_RECORD_LAYER *d; - if ((d = OPENSSL_malloc(sizeof(*d))) == NULL) + if ((d = OPENSSL_malloc(sizeof(*d))) == NULL) { + SSLerr(SSL_F_DTLS_RECORD_LAYER_NEW, ERR_R_MALLOC_FAILURE); return 0; + } rl->d = d; diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 0a86a7e..bce2036 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -67,6 +67,8 @@ static const ERR_STRING_DATA SSL_str_functs[] = { "dtls_get_reassembled_message"}, {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_PROCESS_HELLO_VERIFY, 0), "dtls_process_hello_verify"}, + {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_RECORD_LAYER_NEW, 0), + "DTLS_RECORD_LAYER_new"}, {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_WAIT_FOR_DRY, 0), "dtls_wait_for_dry"}, {ERR_PACK(ERR_LIB_SSL, SSL_F_EARLY_DATA_COUNT_OK, 0), "early_data_count_ok"}, diff --git a/test/recipes/04-test_bio_callback.t b/util/check-malloc-errs old mode 100644 new mode 100755 similarity index 57% copy from test/recipes/04-test_bio_callback.t copy to util/check-malloc-errs index 1422cb6..1e63240 --- a/test/recipes/04-test_bio_callback.t +++ b/util/check-malloc-errs @@ -1,4 +1,4 @@ -#! /usr/bin/env perl +#! /bin/sh # Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use @@ -6,7 +6,11 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html - -use OpenSSL::Test::Simple; - -simple_test("test_bio_callback", "bio_callback_test"); +( + pcregrep -rnM 'OPENSSL_.?alloc.*\n.*if.*NULL.*\n.*return' crypto ssl + pcregrep -rnM 'if.*OPENSSL_.?alloc.*NULL.*\n.*.*return' crypto ssl +) | tee /tmp/out$$ +X=0 +test -s /tmp/out$$ && X=1 +rm /tmp/out$$ +exit $X _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits