The branch master has been updated via 10481d33844218694929a7bad57314411a33ab74 (commit) from 22778abad905536fa6c93cdc6fffc8c736dfee79 (commit)
- Log ----------------------------------------------------------------- commit 10481d33844218694929a7bad57314411a33ab74 Author: Peiwei Hu <jlu....@foxmail.com> Date: Wed Jan 5 23:17:53 2022 +0800 Fix: some patches related to error exiting Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17417) ----------------------------------------------------------------------- Summary of changes: apps/verify.c | 1 + crypto/ec/ec_lib.c | 4 ++-- crypto/objects/obj_dat.c | 5 +++-- crypto/x509/v3_crld.c | 1 + crypto/x509/v3_sxnet.c | 8 +++++--- ssl/statem/statem_clnt.c | 2 +- test/evp_test.c | 2 +- 7 files changed, 14 insertions(+), 9 deletions(-) diff --git a/apps/verify.c b/apps/verify.c index 24bbebf3f3..d504acd5b8 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -263,6 +263,7 @@ static int check(X509_STORE *ctx, const char *file, if (x509_ctrl_string(x, opt) <= 0) { BIO_printf(bio_err, "parameter error \"%s\"\n", opt); ERR_print_errors(bio_err); + X509_free(x); return 0; } } diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 3d3cf96962..2d85d4f23a 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -1710,8 +1710,8 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ENCODING); if (ptmp != NULL && !ossl_ec_encoding_param2id(ptmp, &encoding_flag)) { - ECerr(0, EC_R_INVALID_ENCODING); - return 0; + ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING); + goto err; } if (encoding_flag == OPENSSL_EC_NAMED_CURVE) { ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING); diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index eef80d63ce..26d2508e86 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -747,16 +747,17 @@ int OBJ_create(const char *oid, const char *sn, const char *ln) if ((sn != NULL && OBJ_sn2nid(sn) != NID_undef) || (ln != NULL && OBJ_ln2nid(ln) != NID_undef)) { ERR_raise(ERR_LIB_OBJ, OBJ_R_OID_EXISTS); - goto err; + return 0; } /* Convert numerical OID string to an ASN1_OBJECT structure */ tmpoid = OBJ_txt2obj(oid, 1); if (tmpoid == NULL) - goto err; + return 0; if (!ossl_obj_write_lock(1)) { ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_WRITE_LOCK); + ASN1_OBJECT_free(tmpoid); return 0; } diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c index b831f775db..0f239ca568 100644 --- a/crypto/x509/v3_crld.c +++ b/crypto/x509/v3_crld.c @@ -83,6 +83,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, return -1; dnsect = X509V3_get_section(ctx, cnf->value); if (!dnsect) { + X509_NAME_free(nm); ERR_raise(ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND); return -1; } diff --git a/crypto/x509/v3_sxnet.c b/crypto/x509/v3_sxnet.c index 4b19ce07d5..9d4113386a 100644 --- a/crypto/x509/v3_sxnet.c +++ b/crypto/x509/v3_sxnet.c @@ -167,11 +167,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user, goto err; if (!ASN1_INTEGER_set(sx->version, 0)) goto err; - *psx = sx; } else sx = *psx; if (SXNET_get_id_INTEGER(sx, zone)) { ERR_raise(ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID); + if (*psx == NULL) + SXNET_free(sx); return 0; } @@ -183,13 +184,14 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user, if (!sk_SXNETID_push(sx->ids, id)) goto err; id->zone = zone; + *psx = sx; return 1; err: ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); SXNETID_free(id); - SXNET_free(sx); - *psx = NULL; + if (*psx == NULL) + SXNET_free(sx); return 0; } diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index b7e40e6db8..05f915bd91 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2926,7 +2926,7 @@ static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt) encoded_pub_len = EVP_PKEY_get1_encoded_public_key(ckey, &encoded_pub); if (encoded_pub_len == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - EVP_PKEY_free(skey); + EVP_PKEY_free(ckey); return EXT_RETURN_FAIL; } diff --git a/test/evp_test.c b/test/evp_test.c index 6ae862b044..d068d6fa8e 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -2510,7 +2510,7 @@ static int rand_test_run(EVP_TEST *t) item->pr_entropyB_len); params[1] = OSSL_PARAM_construct_end(); if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params))) - return 0; + goto err; } if (!TEST_true(EVP_RAND_generate (expected->ctx, got, got_len,