Check the return values where memory allocation failures may happen.
PR: 49
This commit is contained in:
Richard Levitte
parent
2640aec227
commit
c4ac954c59
14 changed files with 52 additions and 26 deletions
|
|
@ -151,7 +151,17 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
|
|||
else ret->type=V_ASN1_ENUMERATED;
|
||||
j=BN_num_bits(bn);
|
||||
len=((j == 0)?0:((j/8)+1));
|
||||
ret->data=(unsigned char *)OPENSSL_malloc(len+4);
|
||||
if (ret->length < len+4)
|
||||
{
|
||||
char *new_data=(char *)OPENSSL_realloc(ret->data, len+4);
|
||||
if (!new_data)
|
||||
{
|
||||
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
ret->data=new_data;
|
||||
}
|
||||
|
||||
ret->length=BN_bn2bin(bn,ret->data);
|
||||
return(ret);
|
||||
err:
|
||||
|
|
|
|||
|
|
@ -397,7 +397,16 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
|
|||
else ret->type=V_ASN1_INTEGER;
|
||||
j=BN_num_bits(bn);
|
||||
len=((j == 0)?0:((j/8)+1));
|
||||
ret->data=(unsigned char *)OPENSSL_malloc(len+4);
|
||||
if (ret->length < len+4)
|
||||
{
|
||||
char *new_data=(char *)OPENSSL_realloc(ret->data, len+4);
|
||||
if (!new_data)
|
||||
{
|
||||
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
ret->data=new_data;
|
||||
}
|
||||
ret->length=BN_bn2bin(bn,ret->data);
|
||||
/* Correct zero case */
|
||||
if(!ret->length)
|
||||
|
|
|
|||
|
|
@ -118,7 +118,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
|
|||
}
|
||||
|
||||
pStart = p; /* Catch the beg of Setblobs*/
|
||||
rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array
|
||||
if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array
|
||||
we will store the SET blobs */
|
||||
|
||||
for (i=0; i<sk_num(a); i++)
|
||||
|
|
@ -135,7 +135,7 @@ SetBlob
|
|||
/* Now we have to sort the blobs. I am using a simple algo.
|
||||
*Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
|
||||
qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
|
||||
pTempMem = OPENSSL_malloc(totSize);
|
||||
if (!(pTempMem = OPENSSL_malloc(totSize))) return 0;
|
||||
|
||||
/* Copy to temp mem */
|
||||
p = pTempMem;
|
||||
|
|
|
|||
|
|
@ -119,7 +119,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
|
|||
dsa->write_params=0;
|
||||
ASN1_TYPE_free(a->parameter);
|
||||
i=i2d_DSAparams(dsa,NULL);
|
||||
p=(unsigned char *)OPENSSL_malloc(i);
|
||||
if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
|
||||
pp=p;
|
||||
i2d_DSAparams(dsa,&pp);
|
||||
a->parameter=ASN1_TYPE_new();
|
||||
|
|
@ -136,7 +136,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
|
|||
}
|
||||
|
||||
if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
|
||||
if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err;
|
||||
if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
|
||||
{
|
||||
X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
p=s;
|
||||
i2d_PublicKey(pkey,&p);
|
||||
if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
|
||||
|
|
|
|||
|
|
@ -103,7 +103,7 @@ static int nbiof_new(BIO *bi)
|
|||
{
|
||||
NBIO_TEST *nt;
|
||||
|
||||
nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST));
|
||||
if (!(nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)))) return(0);
|
||||
nt->lrn= -1;
|
||||
nt->lwn= -1;
|
||||
bi->ptr=(char *)nt;
|
||||
|
|
|
|||
|
|
@ -200,10 +200,10 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
|
|||
|
||||
/* First we normalise the numbers */
|
||||
norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
|
||||
BN_lshift(sdiv,divisor,norm_shift);
|
||||
if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err;
|
||||
sdiv->neg=0;
|
||||
norm_shift+=BN_BITS2;
|
||||
BN_lshift(snum,num,norm_shift);
|
||||
if (!(BN_lshift(snum,num,norm_shift))) goto err;
|
||||
snum->neg=0;
|
||||
div_n=sdiv->top;
|
||||
num_n=snum->top;
|
||||
|
|
@ -327,7 +327,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
|
|||
tmp->top=j;
|
||||
|
||||
j=wnum.top;
|
||||
BN_sub(&wnum,&wnum,tmp);
|
||||
if (!BN_sub(&wnum,&wnum,tmp)) goto err;
|
||||
|
||||
snum->top=snum->top+wnum.top-j;
|
||||
|
||||
|
|
@ -335,7 +335,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
|
|||
{
|
||||
q--;
|
||||
j=wnum.top;
|
||||
BN_add(&wnum,&wnum,sdiv);
|
||||
if (!BN_add(&wnum,&wnum,sdiv)) goto err;
|
||||
snum->top+=wnum.top-j;
|
||||
}
|
||||
*(resp--)=q;
|
||||
|
|
|
|||
|
|
@ -221,7 +221,7 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
|
|||
|
||||
if (!BN_mul(t1,t2,&mont->N,ctx)) goto err;
|
||||
if (!BN_add(t2,a,t1)) goto err;
|
||||
BN_rshift(ret,t2,mont->ri);
|
||||
if (!BN_rshift(ret,t2,mont->ri)) goto err;
|
||||
#endif /* MONT_WORD */
|
||||
|
||||
if (BN_ucmp(ret, &(mont->N)) >= 0)
|
||||
|
|
@ -282,8 +282,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
|
|||
BN_ULONG buf[2];
|
||||
|
||||
mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
|
||||
BN_zero(R);
|
||||
BN_set_bit(R,BN_BITS2); /* R */
|
||||
if (!(BN_zero(R))) goto err;
|
||||
if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */
|
||||
|
||||
buf[0]=mod->d[0]; /* tmod = N mod word size */
|
||||
buf[1]=0;
|
||||
|
|
|
|||
|
|
@ -964,7 +964,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
|
|||
|
||||
if ((al == 0) || (bl == 0))
|
||||
{
|
||||
BN_zero(r);
|
||||
if (!BN_zero(r)) goto err;
|
||||
return(1);
|
||||
}
|
||||
top=al+bl;
|
||||
|
|
@ -1044,7 +1044,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
|
|||
if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA))
|
||||
{
|
||||
BIGNUM *tmp_bn = (BIGNUM *)b;
|
||||
bn_wexpand(tmp_bn,al);
|
||||
if (bn_wexpand(tmp_bn,al) == NULL) goto err;
|
||||
tmp_bn->d[bl]=0;
|
||||
bl++;
|
||||
i--;
|
||||
|
|
@ -1052,7 +1052,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
|
|||
else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA))
|
||||
{
|
||||
BIGNUM *tmp_bn = (BIGNUM *)a;
|
||||
bn_wexpand(tmp_bn,bl);
|
||||
if (bn_wexpand(tmp_bn,bl) == NULL) goto err;
|
||||
tmp_bn->d[al]=0;
|
||||
al++;
|
||||
i++;
|
||||
|
|
@ -1067,14 +1067,14 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
|
|||
t = BN_CTX_get(ctx);
|
||||
if (al == j) /* exact multiple */
|
||||
{
|
||||
bn_wexpand(t,k*2);
|
||||
bn_wexpand(rr,k*2);
|
||||
if (bn_wexpand(t,k*2) == NULL) goto err;
|
||||
if (bn_wexpand(rr,k*2) == NULL) goto err;
|
||||
bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
|
||||
}
|
||||
else
|
||||
{
|
||||
bn_wexpand(t,k*4);
|
||||
bn_wexpand(rr,k*4);
|
||||
if (bn_wexpand(t,k*4) == NULL) goto err;
|
||||
if (bn_wexpand(rr,k*4) == NULL) goto err;
|
||||
bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
|
||||
}
|
||||
rr->top=top;
|
||||
|
|
|
|||
|
|
@ -110,8 +110,8 @@ static int enc_new(BIO *bi)
|
|||
BIO_ENC_CTX *ctx;
|
||||
|
||||
ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
|
||||
EVP_CIPHER_CTX_init(&ctx->cipher);
|
||||
if (ctx == NULL) return(0);
|
||||
EVP_CIPHER_CTX_init(&ctx->cipher);
|
||||
|
||||
ctx->buf_len=0;
|
||||
ctx->buf_off=0;
|
||||
|
|
|
|||
|
|
@ -79,6 +79,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
|
|||
{
|
||||
MemCheck_off();
|
||||
name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
|
||||
MemCheck_on();
|
||||
if (!name_funcs) return(0);
|
||||
name_funcs->hash_func = lh_strhash;
|
||||
name_funcs->cmp_func = OPENSSL_strcmp;
|
||||
name_funcs->free_func = 0; /* NULL is often declared to
|
||||
|
|
@ -86,6 +88,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
|
|||
* to Compaq C is not really
|
||||
* compatible with a function
|
||||
* pointer. -- Richard Levitte*/
|
||||
MemCheck_off();
|
||||
sk_NAME_FUNCS_push(name_funcs_stack,name_funcs);
|
||||
MemCheck_on();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -236,7 +236,7 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
|
|||
if (added == NULL)
|
||||
if (!init_added()) return(0);
|
||||
if ((o=OBJ_dup(obj)) == NULL) goto err;
|
||||
ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
|
||||
if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err;
|
||||
if ((o->length != 0) && (obj->data != NULL))
|
||||
ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ));
|
||||
if (o->sn != NULL)
|
||||
|
|
|
|||
|
|
@ -479,10 +479,10 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
|
|||
int ret=0;
|
||||
BN_CTX *ctx;
|
||||
|
||||
if ((ctx=BN_CTX_new()) == NULL) goto err;
|
||||
BN_init(&m1);
|
||||
BN_init(&r1);
|
||||
BN_init(&vrfy);
|
||||
if ((ctx=BN_CTX_new()) == NULL) goto err;
|
||||
|
||||
if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -122,7 +122,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
|
|||
else
|
||||
{
|
||||
buf->data[offset-1]='\0'; /* blat the '\n' */
|
||||
p=(char *)OPENSSL_malloc(add+offset);
|
||||
if (!(p=(char *)OPENSSL_malloc(add+offset))) goto err;
|
||||
offset=0;
|
||||
}
|
||||
pp=(char **)p;
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
|
|||
{
|
||||
char *tmp;
|
||||
if(!ia5 || !ia5->length) return NULL;
|
||||
tmp = OPENSSL_malloc(ia5->length + 1);
|
||||
if (!(tmp = OPENSSL_malloc(ia5->length + 1))) return NULL;
|
||||
memcpy(tmp, ia5->data, ia5->length);
|
||||
tmp[ia5->length] = 0;
|
||||
return tmp;
|
||||
|
|
|
|||
Loading…
Reference in a new issue