Fix CID 1434549: Unchecked return value in test/evp_test.c

5. check_return: Calling EVP_EncodeUpdate without checking return value
(as is done elsewhere 4 out of 5 times).

Fix CID 1371695, 1371698: Resource leak in test/evp_test.c

- leaked_storage: Variable edata going out of scope leaks the storage it
points to.

- leaked_storage: Variable encode_ctx going out of scope leaks the
storage it points to

Fix CID 1430437, 1430426, 1430429 : Dereference before null check in test/drbg_cavs_test.c

check_after_deref: Null-checking drbg suggests that it
may be null, but it has already been dereferenced on all paths leading
to the check

Fix CID 1440765: Dereference before null check in test/ssltestlib.c

check_after_deref: Null-checking ctx suggests that it may be null, but
it has already been dereferenced on all paths leading to the check.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7993)
This commit is contained in:
FdaSilvaYY 2019-01-08 16:27:27 +10:00 committed by Pauli
parent df1f538f28
commit 760e2d60e6
3 changed files with 26 additions and 30 deletions

View file

@ -1,5 +1,5 @@
/* /*
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -106,12 +106,9 @@ static int single_kat_no_reseed(const struct drbg_kat *td)
failures++; failures++;
err: err:
if (buff != NULL) OPENSSL_free(buff);
OPENSSL_free(buff); RAND_DRBG_uninstantiate(drbg);
if (drbg != NULL) { RAND_DRBG_free(drbg);
RAND_DRBG_uninstantiate(drbg);
RAND_DRBG_free(drbg);
}
return failures == 0; return failures == 0;
} }
@ -176,12 +173,9 @@ static int single_kat_pr_false(const struct drbg_kat *td)
failures++; failures++;
err: err:
if (buff != NULL) OPENSSL_free(buff);
OPENSSL_free(buff); RAND_DRBG_uninstantiate(drbg);
if (drbg != NULL) { RAND_DRBG_free(drbg);
RAND_DRBG_uninstantiate(drbg);
RAND_DRBG_free(drbg);
}
return failures == 0; return failures == 0;
} }
@ -249,12 +243,9 @@ static int single_kat_pr_true(const struct drbg_kat *td)
failures++; failures++;
err: err:
if (buff != NULL) OPENSSL_free(buff);
OPENSSL_free(buff); RAND_DRBG_uninstantiate(drbg);
if (drbg != NULL) { RAND_DRBG_free(drbg);
RAND_DRBG_uninstantiate(drbg);
RAND_DRBG_free(drbg);
}
return failures == 0; return failures == 0;
} }

View file

@ -1,5 +1,5 @@
/* /*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -1761,15 +1761,18 @@ static int encode_test_init(EVP_TEST *t, const char *encoding)
} else if (strcmp(encoding, "invalid") == 0) { } else if (strcmp(encoding, "invalid") == 0) {
edata->encoding = BASE64_INVALID_ENCODING; edata->encoding = BASE64_INVALID_ENCODING;
if (!TEST_ptr(t->expected_err = OPENSSL_strdup("DECODE_ERROR"))) if (!TEST_ptr(t->expected_err = OPENSSL_strdup("DECODE_ERROR")))
return 0; goto err;
} else { } else {
TEST_error("Bad encoding: %s." TEST_error("Bad encoding: %s."
" Should be one of {canonical, valid, invalid}", " Should be one of {canonical, valid, invalid}",
encoding); encoding);
return 0; goto err;
} }
t->data = edata; t->data = edata;
return 1; return 1;
err:
OPENSSL_free(edata);
return 0;
} }
static void encode_test_cleanup(EVP_TEST *t) static void encode_test_cleanup(EVP_TEST *t)
@ -1798,7 +1801,7 @@ static int encode_test_run(EVP_TEST *t)
ENCODE_DATA *expected = t->data; ENCODE_DATA *expected = t->data;
unsigned char *encode_out = NULL, *decode_out = NULL; unsigned char *encode_out = NULL, *decode_out = NULL;
int output_len, chunk_len; int output_len, chunk_len;
EVP_ENCODE_CTX *decode_ctx; EVP_ENCODE_CTX *decode_ctx = NULL, *encode_ctx = NULL;
if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) { if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) {
t->err = "INTERNAL_ERROR"; t->err = "INTERNAL_ERROR";
@ -1806,7 +1809,6 @@ static int encode_test_run(EVP_TEST *t)
} }
if (expected->encoding == BASE64_CANONICAL_ENCODING) { if (expected->encoding == BASE64_CANONICAL_ENCODING) {
EVP_ENCODE_CTX *encode_ctx;
if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new()) if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new())
|| !TEST_ptr(encode_out = || !TEST_ptr(encode_out =
@ -1814,15 +1816,15 @@ static int encode_test_run(EVP_TEST *t)
goto err; goto err;
EVP_EncodeInit(encode_ctx); EVP_EncodeInit(encode_ctx);
EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len, if (!TEST_true(EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,
expected->input, expected->input_len); expected->input, expected->input_len)))
goto err;
output_len = chunk_len; output_len = chunk_len;
EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len); EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);
output_len += chunk_len; output_len += chunk_len;
EVP_ENCODE_CTX_free(encode_ctx);
if (!memory_err_compare(t, "BAD_ENCODING", if (!memory_err_compare(t, "BAD_ENCODING",
expected->output, expected->output_len, expected->output, expected->output_len,
encode_out, output_len)) encode_out, output_len))
@ -1860,6 +1862,7 @@ static int encode_test_run(EVP_TEST *t)
OPENSSL_free(encode_out); OPENSSL_free(encode_out);
OPENSSL_free(decode_out); OPENSSL_free(decode_out);
EVP_ENCODE_CTX_free(decode_ctx); EVP_ENCODE_CTX_free(decode_ctx);
EVP_ENCODE_CTX_free(encode_ctx);
return 1; return 1;
} }

View file

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -436,7 +436,7 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum,
{ {
MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
MEMPACKET *thispkt = NULL, *looppkt, *nextpkt, *allpkts[3]; MEMPACKET *thispkt = NULL, *looppkt, *nextpkt, *allpkts[3];
int i, duprec = ctx->duprec > 0; int i, duprec;
const unsigned char *inu = (const unsigned char *)in; const unsigned char *inu = (const unsigned char *)in;
size_t len = ((inu[RECORD_LEN_HI] << 8) | inu[RECORD_LEN_LO]) size_t len = ((inu[RECORD_LEN_HI] << 8) | inu[RECORD_LEN_LO])
+ DTLS1_RT_HEADER_LENGTH; + DTLS1_RT_HEADER_LENGTH;
@ -449,6 +449,8 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum,
if ((size_t)inl == len) if ((size_t)inl == len)
duprec = 0; duprec = 0;
else
duprec = ctx->duprec > 0;
/* We don't support arbitrary injection when duplicating records */ /* We don't support arbitrary injection when duplicating records */
if (duprec && pktnum != -1) if (duprec && pktnum != -1)