The branch master has been updated
via 09fba0b44032c2f66d5e7e8c732869e031ce74c8 (commit)
via fd0a9ff7ef0db7441baf8626f53e37a10d22449d (commit)
via c12bf35026af94a73402eaf13f2428a9af30f1c0 (commit)
via 3bbc7b562abf4ca3221d8762fe3f749024936281 (commit)
via 48b05bb617e247a40b66c2ddd9326966000a3504 (commit)
via 1002bb9ff0e35b4195586199222f9bad77837162 (commit)
via 89f7ea045be346ecd9085804a429bb4842843344 (commit)
from 41385f2708d08155d56ce08dce494152e225069e (commit)
- Log -----------------------------------------------------------------
commit 09fba0b44032c2f66d5e7e8c732869e031ce74c8
Author: Pauli <[email protected]>
Date: Mon Mar 22 08:37:56 2021 +1000
fix coverity 1466710: resource leak
Reviewed-by: Matt Caswell <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/14620)
commit fd0a9ff7ef0db7441baf8626f53e37a10d22449d
Author: Pauli <[email protected]>
Date: Fri Mar 19 14:54:40 2021 +1000
dh: fix coverity 1473238: argument cannot be negative
Reviewed-by: Matt Caswell <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/14620)
commit c12bf35026af94a73402eaf13f2428a9af30f1c0
Author: Pauli <[email protected]>
Date: Fri Mar 19 14:50:43 2021 +1000
evp: fix coverity 1473631: argument cannot be negative
Reviewed-by: Matt Caswell <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/14620)
commit 3bbc7b562abf4ca3221d8762fe3f749024936281
Author: Pauli <[email protected]>
Date: Fri Mar 19 14:50:28 2021 +1000
evp: fix coverity 1451509: argument cannot be negative
Reviewed-by: Matt Caswell <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/14620)
commit 48b05bb617e247a40b66c2ddd9326966000a3504
Author: Pauli <[email protected]>
Date: Fri Mar 19 14:50:11 2021 +1000
evp: fix coverity 1451510: argument cannot be negative
Reviewed-by: Matt Caswell <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/14620)
commit 1002bb9ff0e35b4195586199222f9bad77837162
Author: Pauli <[email protected]>
Date: Fri Mar 19 14:49:57 2021 +1000
evp: fix coverity 1472682: argument cannot be negative
Reviewed-by: Matt Caswell <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/14620)
commit 89f7ea045be346ecd9085804a429bb4842843344
Author: Pauli <[email protected]>
Date: Fri Mar 19 14:49:42 2021 +1000
test: fix coverity 1473234 & 1473239: argument cannot be negative
Reviewed-by: Matt Caswell <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/14620)
-----------------------------------------------------------------------
Summary of changes:
crypto/dh/dh_pmeth.c | 9 +++++----
crypto/evp/e_cast.c | 6 +++++-
crypto/evp/e_rc4.c | 6 +++++-
crypto/evp/e_rc4_hmac_md5.c | 6 +++++-
crypto/evp/evp_enc.c | 7 ++++---
providers/implementations/keymgmt/ec_kmgmt.c | 6 +++---
test/dhtest.c | 4 ++--
7 files changed, 29 insertions(+), 15 deletions(-)
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index 584a174ae2..affe40a53c 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -463,10 +463,11 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned
char *key,
if (*keylen != dctx->kdf_outlen)
return 0;
ret = 0;
- Zlen = DH_size(dh);
- Z = OPENSSL_malloc(Zlen);
- if (Z == NULL) {
- goto err;
+ if ((Zlen = DH_size(dh)) <= 0)
+ return 0;
+ if ((Z = OPENSSL_malloc(Zlen)) == NULL) {
+ ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
+ return 0;
}
if (DH_compute_key_padded(Z, dhpubbn, dh) <= 0)
goto err;
diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c
index 8325a5f8d2..883030224b 100644
--- a/crypto/evp/e_cast.c
+++ b/crypto/evp/e_cast.c
@@ -40,7 +40,11 @@ IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
- CAST_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
+ int keylen = EVP_CIPHER_CTX_key_length(ctx);
+
+ if (keylen <= 0)
+ return 0;
+ CAST_set_key(&data(ctx)->ks, keylen, key);
return 1;
}
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
index 10b83aea6d..94107c72c3 100644
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -75,7 +75,11 @@ const EVP_CIPHER *EVP_rc4_40(void)
static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
- RC4_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
+ int keylen;
+
+ if ((keylen = EVP_CIPHER_CTX_key_length(ctx)) <= 0)
+ return 0;
+ RC4_set_key(&data(ctx)->ks, keylen, key);
return 1;
}
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index 098aa3ee1b..8bc1da6323 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -46,8 +46,12 @@ static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *iv, int enc)
{
EVP_RC4_HMAC_MD5 *key = data(ctx);
+ const int keylen = EVP_CIPHER_CTX_key_length(ctx);
- RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
+ if (keylen <= 0)
+ return 0;
+
+ RC4_set_key(&key->ks, keylen, inkey);
MD5_Init(&key->head); /* handy when benchmarking */
key->tail = key->head;
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 64759311c0..2e4a3227a1 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -78,6 +78,7 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
const unsigned char *iv, int enc,
const OSSL_PARAM params[])
{
+ int n;
#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
ENGINE *tmpimpl = NULL;
#endif
@@ -336,9 +337,9 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
/* fall-through */
case EVP_CIPH_CBC_MODE:
-
- OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
- (int)sizeof(ctx->iv));
+ n = EVP_CIPHER_CTX_iv_length(ctx);
+ if (!ossl_assert(n >= 0 && n <= (int)sizeof(ctx->iv)))
+ return 0;
if (iv)
memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c
b/providers/implementations/keymgmt/ec_kmgmt.c
index ed1b412225..58283ca8f0 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -900,13 +900,13 @@ int ec_validate(const void *keydata, int selection, int
checktype)
if (!ossl_prov_is_running())
return 0;
+ if ((selection & EC_POSSIBLE_SELECTIONS) == 0)
+ return 1; /* nothing to validate */
+
ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eck));
if (ctx == NULL)
return 0;
- if ((selection & EC_POSSIBLE_SELECTIONS) == 0)
- return 1; /* nothing to validate */
-
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
int flags = EC_KEY_get_flags(eck);
diff --git a/test/dhtest.c b/test/dhtest.c
index 189b5ae13f..b5ff81a319 100644
--- a/test/dhtest.c
+++ b/test/dhtest.c
@@ -666,12 +666,12 @@ static int rfc7919_test(void)
DH_get0_key(b, &bpub_key, NULL);
alen = DH_size(a);
- if (!TEST_ptr(abuf = OPENSSL_malloc(alen))
+ if (!TEST_int_gt(alen, 0) || !TEST_ptr(abuf = OPENSSL_malloc(alen))
|| !TEST_true((aout = DH_compute_key(abuf, bpub_key, a)) != -1))
goto err;
blen = DH_size(b);
- if (!TEST_ptr(bbuf = OPENSSL_malloc(blen))
+ if (!TEST_int_gt(blen, 0) || !TEST_ptr(bbuf = OPENSSL_malloc(blen))
|| !TEST_true((bout = DH_compute_key(bbuf, apub_key, b)) != -1))
goto err;
