On Fri, Apr 24, 2015 at 5:54 AM, Emilia Käsper <emi...@openssl.org> wrote:
> commit c028254b12 fixes 1., 2. and 3. (also applied to 1.0.2). > commit 53dd4ddf71 fixes 5 and some of 4. > > Still ploughing my way through the rest of error checking. > > Great. I want to call your attention to one particularly non-obvious failure to handle errors correctly: static void ecp_nistz256_windowed_mul([...], P256_POINT *r, [...]) { [...] if ((num * 16 + 6) > OPENSSL_MALLOC_MAX_NELEMS(P256_POINT) || (table_storage = OPENSSL_malloc((num * 16 + 5) * sizeof(P256_POINT) + 64)) == NULL || (p_str = OPENSSL_malloc(num * 33 * sizeof(unsigned char))) == NULL || (scalars = OPENSSL_malloc(num * sizeof(BIGNUM *))) == NULL) { ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_MALLOC_FAILURE); goto err; } [...] err: [...] } ecp_nistz256_windowed_mul checks for errors, but it doesn't report the fact that an error occurred to the caller, because it has return type |void|. And, the caller doesn't check that ecp_nistz256_windowed_mul failed; it can't because of the void return type. Cheers, Brian
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev