Hello All, In reviewing source code in directory 'engines', file 'e_4758cca.c', there are two calls to function 'RSA_new_method()' which are not checked for a return value of NULL, indicating failure.
The patch file below should address/correct this issue:
--- e_4758cca.c.orig 2016-03-06 11:05:42.053315929 -0800
+++ e_4758cca.c 2016-03-06 11:06:54.996586643 -0800
@@ -463,6 +463,10 @@
(*(long *)keyToken) = keyTokenLength;
rtmp = RSA_new_method(e);
+ if (rtmp == NULL) {
+ CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
@@ -535,6 +539,10 @@
(*(long *)keyToken) = keyTokenLength;
rtmp = RSA_new_method(e);
+ if (rtmp == NULL) {
+ CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4385
Please log in as guest with password guest if prompted
e_4758cca.c.patch
Description: Binary data
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
