On Mon, Dec 01, 2003 at 01:11:57PM +0100, Richard Levitte wrote:
> OpenSSL CVS Repository
> http://cvs.openssl.org/
> ____________________________________________________________________________
>
> Server: cvs.openssl.org Name: Richard Levitte
> Root: /e/openssl/cvs Email: [EMAIL PROTECTED]
> Module: openssl Date: 01-Dec-2003 13:11:57
> Branch: OpenSSL_0_9_7-stable Handle: 2003120112115700
>
> Modified files: (Branch: OpenSSL_0_9_7-stable)
> openssl/crypto/evp evp_enc.c
>
> Log:
> Check that OPENSSL_malloc() really returned some memory.
>
> PR: 751
> Notified by: [EMAIL PROTECTED]
> Reviewed by: Lutz Jaenicke, Richard Levitte
>
> Summary:
> Revision Changes Path
> 1.28.2.9 +5 -0 openssl/crypto/evp/evp_enc.c
> ____________________________________________________________________________
>
> patch -p0 <<'@@ .'
> Index: openssl/crypto/evp/evp_enc.c
> ============================================================================
> $ cvs diff -u -r1.28.2.8 -r1.28.2.9 evp_enc.c
> --- openssl/crypto/evp/evp_enc.c 30 Jan 2003 17:37:44 -0000 1.28.2.8
> +++ openssl/crypto/evp/evp_enc.c 1 Dec 2003 12:11:57 -0000 1.28.2.9
> @@ -149,6 +149,11 @@
>
> ctx->cipher=cipher;
> ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
> + if (!ctx->cipher_data)
> + {
> + EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE);
> + return 0;
> + }
> ctx->key_len = cipher->key_len;
> ctx->flags = 0;
> if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
> @@ .
Have you tested this with eNULL? I would expect the new sequence to
unconditionally fail with eNULL!
I was thinking about
if (ctx->cipher_ctx_size)
cipher_data = malloc();
else
cipher_data = NULL; /* There is no key to store */
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
