On Fri, Apr 24, 2015 at 5:54 AM, Emilia Käsper <[email protected]> wrote:
> commit c028254b12 fixes 1., 2. and 3. (also applied to 1.0.2).
> commit 53dd4ddf71 fixes 5 and some of 4.
>
> Still ploughing my way through the rest of error checking.
>
>
Great.
I want to call your attention to one particularly non-obvious failure to
handle errors correctly:
static void ecp_nistz256_windowed_mul([...], P256_POINT *r, [...])
{
[...]
if ((num * 16 + 6) > OPENSSL_MALLOC_MAX_NELEMS(P256_POINT)
|| (table_storage =
OPENSSL_malloc((num * 16 + 5) * sizeof(P256_POINT) + 64)) ==
NULL
|| (p_str =
OPENSSL_malloc(num * 33 * sizeof(unsigned char))) == NULL
|| (scalars = OPENSSL_malloc(num * sizeof(BIGNUM *))) == NULL) {
ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_MALLOC_FAILURE);
goto err;
}
[...]
err:
[...]
}
ecp_nistz256_windowed_mul checks for errors, but it doesn't report the fact
that an error occurred to the caller, because it has return type |void|.
And, the caller doesn't check that ecp_nistz256_windowed_mul failed; it
can't because of the void return type.
Cheers,
Brian
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
