[openssl-dev] [openssl.org #4383] [PATCH] Add error checking for bn2_expand()/BN_new()/RSA_new_method() in file 'e_chil.c' for OpenSSL-1.0.2g

Mon, 07 Mar 2016 09:53:04 -0800 

Hello All,

In reviewing source code in directory 'crypto/engines', file 'e_chil.c'
there are some comments warning to check for error when bn_expand2() or
BN_new() or RSA_new_method() is called.  The patch file below adds the
requested checks to the code:

--- e_chil.c.orig       2016-03-06 06:51:53.783105250 -0800
+++ e_chil.c    2016-03-06 11:20:38.533253919 -0800
@@ -810,9 +810,17 @@
 #  endif
 #  ifndef OPENSSL_NO_RSA
     rtmp = RSA_new_method(eng);
+    if (!rtmp == NULL) {
+       HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+       goto err;
+    }
     RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
     rtmp->e = BN_new();
     rtmp->n = BN_new();
+    if (!rtmp->e || !rtmp->n) {
+       HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+       goto err;
+    }
     rtmp->flags |= RSA_FLAG_EXT_PKEY;
     MPI2BN(rtmp->e, e);
     MPI2BN(rtmp->n, n);
@@ -823,8 +831,14 @@
         goto err;
     }

-    bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG));
-    bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG));
+    if (bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)) == NULL) {
+       HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+       goto err;
+    }
+    if (bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)) == NULL) {
+       HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+       goto err;
+    }
     MPI2BN(rtmp->e, e);
     MPI2BN(rtmp->n, n);

@@ -923,7 +937,10 @@
         goto err;
     }
     /* Prepare the params */
-    bn_expand2(r, m->top);      /* Check for error !! */
+    if (bn_expand2(r, m->top) == NULL) {     /* Check for error !! */
+       HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE);
+       goto err;
+    }
     BN2MPI(m_a, a);
     BN2MPI(m_p, p);
     BN2MPI(m_n, m);
@@ -989,7 +1006,10 @@
         }

         /* Prepare the params */
-        bn_expand2(r, rsa->n->top); /* Check for error !! */
+        if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */
+           HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE);
+           goto err;
+       }
         BN2MPI(m_a, I);
         MPI2BN(r, m_r);

@@ -1026,7 +1046,10 @@
         }

         /* Prepare the params */
-        bn_expand2(r, rsa->n->top); /* Check for error !! */
+        if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */
+           HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE);
+           goto err;
+       }
         BN2MPI(m_a, I);
         BN2MPI(m_p, rsa->p);
         BN2MPI(m_q, rsa->q);

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4383
Please log in as guest with password guest if prompted

Attachment: e_chil.c.patch
Description: Binary data

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to