On Sun, Apr 26, 2015 at 10:37 PM, Brian Smith <br...@briansmith.org> wrote:
> On Fri, Apr 24, 2015 at 5:54 AM, Emilia Käsper <emi...@openssl.org> wrote: > >> commit c028254b12 fixes 1., 2. and 3. (also applied to 1.0.2). >> commit 53dd4ddf71 fixes 5 and some of 4. >> >> Still ploughing my way through the rest of error checking. >> >> > > Great. > > I want to call your attention to one particularly non-obvious failure to > handle errors correctly: > > static void ecp_nistz256_windowed_mul([...], P256_POINT *r, [...]) > { > [...] > > if ((num * 16 + 6) > OPENSSL_MALLOC_MAX_NELEMS(P256_POINT) > || (table_storage = > OPENSSL_malloc((num * 16 + 5) * sizeof(P256_POINT) + 64)) == > NULL > || (p_str = > OPENSSL_malloc(num * 33 * sizeof(unsigned char))) == NULL > || (scalars = OPENSSL_malloc(num * sizeof(BIGNUM *))) == NULL) { > ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_MALLOC_FAILURE); > goto err; > } > > [...] > > err: > [...] > } > > ecp_nistz256_windowed_mul checks for errors, but it doesn't report the > fact that an error occurred to the caller, because it has return type > |void|. And, the caller doesn't check that ecp_nistz256_windowed_mul > failed; it can't because of the void return type. > Thanks again, I would have missed that! I hope I got it all now. Scroll past commit 5956b110e3 (master) or 07977739f0 (1.0.2) for all the changes. Cheers, Emilia > Cheers, > Brian > > > _______________________________________________ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > >
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev