[openssl.org #3083] [PATCH] Adds sanity checking to malloc()/calloc()/alloca() calls in OpenSSL 1.0.1c
Hello All, I am not sure that the patches below correct any potential security issue, but use of values returned from calloc()/malloc() and alloca() without checking for NULL may result in undesirable behavior in OpenSSL 1.0.1c. The patches below result in a clean './config' and 'make' under CentOS 6.3 (64-bit). In reviewing OpenSSL-1.0.1c, I found two instances where calloc() is called without a check for a return value of NULL which indicates failure. I found these calls in directory 'openssl-1.0.1c/crypto/engine', file 'eng_cryptodev.c'. The patch to add the necessary checks is below: --- eng_cryptodev.c.orig2012-12-16 13:41:49.948556585 -0800 +++ eng_cryptodev.c 2012-12-16 13:46:14.780548132 -0800 @@ -1001,11 +1001,19 @@ if (r) { kop-crk_param[kop-crk_iparams].crp_p = calloc(rlen, sizeof(char)); +if (kop-crk_param[kop-crk_iparams].crp_p == NULL) { +printf(cryptodev_asym: Can't allocate memory via calloc() \n); +return (ret); +} kop-crk_param[kop-crk_iparams].crp_nbits = rlen * 8; kop-crk_oparams++; } if (s) { kop-crk_param[kop-crk_iparams+1].crp_p = calloc(slen, sizeof(char)); +if (kop-crk_param[kop-crk_iparams+1].crp_p == NULL) { +printf(cryptodev_asym: Can't allocate memory via calloc() \n); +return (ret); +} kop-crk_param[kop-crk_iparams+1].crp_nbits = slen * 8; kop-crk_oparams++; } Here is the object file produced by 'make': -rw-r--r--. 1 root root 1240 Dec 16 18:14 eng_cryptodev.o In directory 'openssl-1.0.1c/apps', file 'speed.c', I found an instance of malloc() without a check for a return value of NULL indicating failure. The patch file below adds the check for the return value from malloc(): --- speed.c.orig2012-12-16 14:08:21.308630505 -0800 +++ speed.c 2012-12-16 14:10:07.472567659 -0800 @@ -2655,6 +2655,11 @@ static char sep[]=:; fds=malloc(multi*sizeof *fds); +if (fds == NULL) +{ +fprintf(stderr, do_multi: unable to allocate memory\n); +exit(1); +} for(n=0 ; n multi ; ++n) { if (pipe(fd) == -1) Here is the object file produced by 'make': -rw-r--r--. 1 root root 116096 Dec 16 18:16 speed.o In directory 'openssl-1.0.1c/crypto/pkcs7', file 'example.c', I found a number of instances where malloc() was called, but no check for a return value of NULL was made, indicating failure. The patch file below adds the necessary checks to all malloc() calls which lack such checks: --- example.c.orig 2012-12-16 14:16:02.150623343 -0800 +++ example.c 2012-12-16 14:20:50.590549277 -0800 @@ -95,6 +95,8 @@ total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); data=malloc(total); +if (data == NULL) +return 0; /* unable to allocate memory, leave */ p=data; ASN1_put_object(p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); i2d_ASN1_OCTET_STRING(os1,p); @@ -147,6 +149,8 @@ if (!asn1_const_Finish(c)) goto err; *str1=malloc(os1-length+1); *str2=malloc(os2-length+1); +if ((*str1 == NULL) || (*str2 == NULL)) +goto err; /* unable to allocate memory, error */ memcpy(*str1,os1-data,os1-length); memcpy(*str2,os2-data,os2-length); (*str1)[os1-length]='\0'; @@ -259,6 +263,8 @@ total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); data=malloc(total); +if (data == NULL) +return 0; /* unable to allocate memory */ p=data; ASN1_put_object(p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); i2d_ASN1_OCTET_STRING(os1,p); @@ -314,6 +320,8 @@ if (!asn1_const_Finish(c)) goto err; *str1=malloc(os1-length+1); *str2=malloc(os2-length+1); +if ((*str1 == NULL) || (*str2 == NULL)) +goto err; /* unable to allocate memory, error */ memcpy(*str1,os1-data,os1-length); memcpy(*str2,os2-data,os2-length); (*str1)[os1-length]='\0'; In directory 'openssl-1.0.1c/crypto', file 'cryptlib.c', I found an instance of alloca() being called without a return value check being performed. A value of NULL being returned would mean that there is not enough stack space available left to properly complete the call. The patch file is below: --- cryptlib.c.orig 2012-12-16 16:37:54.969527776 -0800 +++ cryptlib.c 2012-12-16 16:38:59.718553187 -0800 @@ -811,6 +811,7 @@ if (len512) return -1;/* paranoia */ len++,len=~1; /* paranoia */ name=(WCHAR *)alloca(len+sizeof(WCHAR)); +if (name ==
[openssl-dev] [openssl.org #4402] [PATCH] Missing Sanity Check for BN_new in 'apps/prime.c' for OpenSSL-1.1 pre4
Hello All, In reviewing code in directory 'apps', file 'prime.c', there is a call to BN_new() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- prime.c.orig2016-03-08 16:13:24.841500061 -0800 +++ prime.c 2016-03-08 16:15:33.587863062 -0800 @@ -122,6 +122,10 @@ goto end; } bn = BN_new(); + if (bn == NULL) { + BIO_printf(bio_err, "Out of memory\n"); + goto end; + } BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL); s = hex ? BN_bn2hex(bn) : BN_bn2dec(bn); BIO_printf(bio_out, "%s\n", s); === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4402 Please log in as guest with password guest if prompted prime.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4404] [PATCH] Missing Sanity Check for OPENSSL_strdup() in OpenSSL-1.1 pre-4
Hello All, In reviewing code in directory 'crypto/conf', file 'conf_mod.c', there is a call to OPENSSL_strdup() which is not checked for a return value of NULL, indicating failure. The patch file below adds the test, and releases the previously allocated memory assigned to 'tmod': --- conf_mod.c.orig 2016-03-08 18:05:52.017031376 -0800 +++ conf_mod.c 2016-03-08 18:08:22.865203402 -0800 @@ -284,6 +284,10 @@ tmod->dso = dso; tmod->name = OPENSSL_strdup(name); +if (tmod->name == NULL) { + OPENSSL_free(tmod); + return NULL; +} tmod->init = ifunc; tmod->finish = ffunc; === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4404 Please log in as guest with password guest if prompted openssl11-conf_mod.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'
Geez, What did I start here (egad) :) Bill On Wed, Mar 9, 2016 at 5:03 AM, Salz, Rich via RTwrote: > > No, you got that right, NULL being 'safe' to free varies with OS. > > Except we mandate ANSI C which means it's portable :) > > -- > Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401 > Please log in as guest with password guest if prompted > > -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4403] [PATCH] prevent OPENSSL_realloc() from clobbering old pointer value on failure in OpenSSL-1.1 pre-4
Hello All, In reviewing code in directory 'crypto/modes', file 'ocb128.c', there is a call to OPENSSL_realloc() which has the potential to clobber the old value of variable 'ctx->l', if the call returns NULL. The patch file below uses a void *tmp_ptr to prevent this from occuring: --- ocb128.c.orig 2016-03-08 16:29:47.856436204 -0800 +++ ocb128.c2016-03-08 16:31:51.241117763 -0800 @@ -140,6 +140,7 @@ static OCB_BLOCK *ocb_lookup_l(OCB128_CONTEXT *ctx, size_t idx) { size_t l_index = ctx->l_index; +void *tmp_ptr; if (idx <= l_index) { return ctx->l + idx; @@ -157,10 +158,11 @@ * the index. */ ctx->max_l_index += (idx - ctx->max_l_index + 4) & ~3; -ctx->l = +tmp_ptr = OPENSSL_realloc(ctx->l, ctx->max_l_index * sizeof(OCB_BLOCK)); -if (ctx->l == NULL) +if (tmp_ptr == NULL) /* prevent ctx->l from being clobbered */ return NULL; + ctx->l = tmp_ptr; } while (l_index < idx) { ocb_double(ctx->l + l_index, ctx->l + l_index + 1); -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4403 Please log in as guest with password guest if prompted ocb128.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'
I must be brain dead today, since free'ing something that is already NULL is not a problem (geez)... Heh On Tue, Mar 8, 2016 at 12:01 PM, Salz, Rich via RTwrote: > > > + if (dest->mont_data != NULL) > > + BN_MONT_CTX_free(dest->mont_data); > > Free routines don't need to check for non-NULL. > > > -- > Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401 > Please log in as guest with password guest if prompted > > -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4400] [PATCH] plug potential memory leak in OpenSSL 1.1 pre 4
Hello All, In reviewing source code in directory 'crypto/ocsp', file 'ocsp_ht.c', there is a minor flaw in the test logic which could allow a small memory leak to develop. The patch file below should address/correct this issue: --- ocsp_ht.c.orig 2016-03-08 10:24:51.821632969 -0800 +++ ocsp_ht.c 2016-03-08 10:26:32.062373052 -0800 @@ -119,13 +119,18 @@ rctx->state = OHS_ERROR; rctx->max_resp_len = OCSP_MAX_RESP_LENGTH; rctx->mem = BIO_new(BIO_s_mem()); +if (rctx->mem == NULL) + OCSP_REQ_CTX_free(rctx); + return NULL; +} rctx->io = io; if (maxline > 0) rctx->iobuflen = maxline; else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); -if (rctx->iobuf == NULL || rctx->mem == NULL) { +if (rctx->iobuf == NULL) { + OCSP_REQ_CTX_free(rctx->mem); OCSP_REQ_CTX_free(rctx); return NULL; } === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4400 Please log in as guest with password guest if prompted ocsp_ht.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'
Hello All, In reviewing code in directory 'crypto/ec', file 'ec_lib.c'', there appears to be allocated memory which is not released when a return 0; is encountered in some cases of OPENSSL_malloc(). The patch file below should address/correct these minor leaks: --- ec_lib.c.orig 2016-03-08 10:46:45.885643748 -0800 +++ ec_lib.c2016-03-08 10:53:51.196698596 -0800 @@ -231,8 +231,11 @@ if (src->generator != NULL) { if (dest->generator == NULL) { dest->generator = EC_POINT_new(dest); -if (dest->generator == NULL) +if (dest->generator == NULL) { + if (dest->mont_data != NULL) + BN_MONT_CTX_free(dest->mont_data); return 0; + } } if (!EC_POINT_copy(dest->generator, src->generator)) return 0; @@ -256,7 +259,11 @@ if (src->seed) { OPENSSL_free(dest->seed); dest->seed = OPENSSL_malloc(src->seed_len); -if (dest->seed == NULL) +if (dest->seed == NULL) { + if (dest->mont_data != NULL) + EC_POINT_clear_free(dest->mont_data); + if (dest->generator != NULL) + EC_POINT_clear_free(dest->generator); return 0; if (!memcpy(dest->seed, src->seed, src->seed_len)) return 0; === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401 Please log in as guest with password guest if prompted ec_lib.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4372] [PATCH] Missing sanity check for OPENSSL_malloc() in openssl-1.0.2g in th-lock.c
Hello All, In reviewing code in OpenSSL-1.0.2g, in directory 'crypto/threads', file 'th-lock.c', in function 'CRYPTO_thread_setup', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- th-lock.c.orig 2016-03-01 18:46:39.633840674 -0800 +++ th-lock.c 2016-03-01 18:47:40.408564829 -0800 @@ -177,6 +177,10 @@ return; } lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); +if (!lock_count) { + /* Nothing we can do about this...void function! */ + return; +} for (i = 0; i < CRYPTO_num_locks(); i++) { lock_count[i] = 0; # ifdef USE_MUTEX === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4372 Please log in as guest with password guest if prompted th-lock.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4370] [PATCH] Potential for NULL pointer dereferences in OpenSSL-1.0.2g (CWE-476)
Hello All, In reviewing source code in directory 'openssl-1.0.2g/apps', in file 'ca.c', there are a few instances where OPENSSL_malloc() is called, but immediately afterwards a call to memcpy() is made with the return value from the call, but the check for NULL is made AFTER the memcpy(). However, if the 1st argument to memcpy() is NULL, a segmentation fault/ violation will occur. The patch file below should address/correct this issue: --- ca.c.orig 2016-03-01 18:08:42.795466224 -0800 +++ ca.c2016-03-01 18:13:10.149445540 -0800 @@ -2107,6 +2107,10 @@ tm = X509_get_notAfter(ret); row[DB_exp_date] = (char *)OPENSSL_malloc(tm->length + 1); +if (row[DB_exp_date] == NULL) { + BIO_printf(bio_err, "Memory allocation failure\n"); + goto err; +} memcpy(row[DB_exp_date], tm->data, tm->length); row[DB_exp_date][tm->length] = '\0'; @@ -2116,7 +2120,7 @@ row[DB_file] = (char *)OPENSSL_malloc(8); row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0); -if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || +if ((row[DB_type] == NULL) || (row[DB_file] == NULL) || (row[DB_name] == NULL)) { BIO_printf(bio_err, "Memory allocation failure\n"); goto err; @@ -2375,6 +2379,10 @@ tm = X509_get_notAfter(x509); row[DB_exp_date] = (char *)OPENSSL_malloc(tm->length + 1); + if (row[DB_exp_date] == NULL) { + BIO_printf(bio_err, "Memory allocation failure\n"); + goto err; + } memcpy(row[DB_exp_date], tm->data, tm->length); row[DB_exp_date][tm->length] = '\0'; @@ -2385,8 +2393,7 @@ /* row[DB_name] done already */ -if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || -(row[DB_file] == NULL)) { +if ((row[DB_type] == NULL) || (row[DB_file] == NULL)) { BIO_printf(bio_err, "Memory allocation failure\n"); goto err; } === In directory 'openssl-1.0.2g/crypto/engine', file 'eng_cryptodev.c', there is a call to OPENSSL_malloc() in function 'cryptodev_digest_copy()' where the return value is not checked for NULL, but immediately afterwards the statement: memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len); is processed, but if dstate->mac_data is NULL, this will cause a segmentation fault/violation. The patch file below should address/correct this issue: --- eng_cryptodev.c.orig2016-03-01 19:31:03.315380900 -0800 +++ eng_cryptodev.c 2016-03-01 19:32:43.154069884 -0800 @@ -937,6 +937,10 @@ if (fstate->mac_len != 0) { if (fstate->mac_data != NULL) { dstate->mac_data = OPENSSL_malloc(fstate->mac_len); + if (dstate->mac_data == NULL) { + printf("cryptodev_digest_init: Memory allocation failed\n"); + return (0); + } memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len); dstate->mac_len = fstate->mac_len; } === In directory 'openssl-1.0.2g/crypto/x509v3', in file 'v3_alt.c', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure in function 'static int do_othername()', but immediately afterwards the statement: strncpy(objtmp, value, objlen); is processed, but if 'objtmp' is NULL, this will generate a segmentation fault/violation: The patch file below should address/correct this issue: --- v3_alt.c.orig 2016-03-01 19:51:02.114742135 -0800 +++ v3_alt.c2016-03-01 19:51:52.816186027 -0800 @@ -573,6 +573,8 @@ return 0; objlen = p - value; objtmp = OPENSSL_malloc(objlen + 1); +if (objtmp == NULL) + return 0; strncpy(objtmp, value, objlen); objtmp[objlen] = 0; gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0); === In directory 'openssl-1.0.2g/crypto/ui', in file 'ui_lib.c', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure, but immediately afterwards the statement: BUF_strlcpy(prompt, prompt1, len + 1); is processed, but if 'prompt' is NULL, this will generate a segmentation fault/violation: The patch file below should address/correct this issue: --- ui_lib.c.orig 2015-09-12 09:05:14.19300 -0700 +++ ui_lib.c2015-09-12 09:56:53.32800 -0700 @@ -413,6 +413,9 @@ len += sizeof(prompt3) - 1; prompt = (char *)OPENSSL_malloc(len + 1); + if (prompt == NULL) { + return NULL; + } BUF_strlcpy(prompt, prompt1, len + 1); BUF_strlcat(prompt, object_desc, len + 1); if (object_name) { === -- Ticket here:
[openssl-dev] [openssl.org #4380] [PATCH] Missing Sanity Checks for EVP_PKEY_new() in OpenSSL-1.0.2g
Hello All, In reviewing code in directory 'crypto/evp', file 'pmeth_gn.c', in function 'EVP_PKEY_keygen()', there is a call to EVP_PKEY_new() which is not checked for a return value of NULL, indicating failure. This test is done in function 'EVP_PKEY_paramgen()', but looks like it was left out in function 'EVP_PKEY_keygen()' it would appear. The patch file below should address/correct this issue: --- pmeth_gn.c.orig 2016-03-05 06:15:29.530259070 -0800 +++ pmeth_gn.c 2016-03-05 06:18:17.940663167 -0800 @@ -152,6 +152,11 @@ if (!*ppkey) *ppkey = EVP_PKEY_new(); +if (*ppkey == NULL) { + EVPerr(EVP_F_EVP_PKEY_PARAMGEN, ERR_R_MALLOC_FAILURE); + return -1; +} + ret = ctx->pmeth->keygen(ctx, *ppkey); if (ret <= 0) { EVP_PKEY_free(*ppkey); === In directory 'engines/ccgost', file 'gost94_keyx.c', there is a call to 'EVP_PKEY_new()' which are not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- gost94_keyx.c.orig 2016-03-05 06:25:00.168784292 -0800 +++ gost94_keyx.c 2016-03-05 06:27:47.325028991 -0800 @@ -126,6 +126,8 @@ key_is_ephemeral = 1; if (out) { mykey = EVP_PKEY_new(); + if (!mykey) + goto memerr; EVP_PKEY_assign(mykey, EVP_PKEY_base_id(pubk), DSA_new()); EVP_PKEY_copy_parameters(mykey, pubk); if (!gost_sign_keygen(EVP_PKEY_get0(mykey))) { === In directory 'engines/ccgost', file 'gost2001_keyx.c', there is a call to 'EVP_PKEY_new()' which are not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- gost2001_keyx.c.orig2016-03-05 06:29:48.056373325 -0800 +++ gost2001_keyx.c 2016-03-05 06:30:23.400865428 -0800 @@ -147,6 +147,8 @@ key_is_ephemeral = 1; if (out) { sec_key = EVP_PKEY_new(); + if (!sec_key) + goto memerr; EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new()); EVP_PKEY_copy_parameters(sec_key, pubk); if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) { === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4380 Please log in as guest with password guest if prompted pmeth_gn.c.patch Description: Binary data gost94_keyx.c.patch Description: Binary data gost2001_keyx.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4371] [PATCH] Missing Sanity Check for malloc() in openssl-1.0.2g for 'apps/speed.c'
Hello All, In reviewing source code for OpenSSL-1.0.2g, it would appear in file 'apps/speed.c', in function 'static int do_multi()', a call to malloc() is made without being tested for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- speed.c.orig2016-03-01 18:19:44.213529059 -0800 +++ speed.c 2016-03-01 18:21:24.822315918 -0800 @@ -2614,6 +2614,10 @@ static char sep[] = ":"; fds = malloc(multi * sizeof *fds); +if (fds == NULL) { + fprintf(stderr, "out of memory\n"); + exit(1); +} for (n = 0; n < multi; ++n) { if (pipe(fd) == -1) { fprintf(stderr, "pipe failure\n"); Should the call to malloc() be changed to OPENSSL_malloc() as well? Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4371 Please log in as guest with password guest if prompted speed.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4374] [PATCH] Potential for NULL pointer dereferences in OpenSSL-1.0.2g (CWE-476)
Hello All, In reviewing source code in directory 'openssl-1.0.2g/crypto/evp', in file 'openbsd_hw.c', there are a few instances where OPENSSL_malloc() is called, but immediately afterwards a call to memcpy() is made with the return value from the call to OPENSSL_malloc(), but no check for a return value of NULL is made after OPENSSL_malloc() returns. However, if the 1st argument to memcpy() is NULL, a segmentation fault/ violation will occur. The patch file below should address/correct this issue: --- openbsd_hw.c.orig 2016-03-02 15:36:57.236927351 -0800 +++ openbsd_hw.c2016-03-02 15:40:29.525908189 -0800 @@ -133,6 +133,10 @@ return 0; CDATA(ctx)->key = OPENSSL_malloc(MAX_HW_KEY); +if (CDATA(ctx)->key == NULL { + err("CDATA(ctx)->key memory allocation failed"); + return 0; +} assert(ctx->cipher->iv_len <= MAX_HW_IV); @@ -186,6 +190,11 @@ if (((unsigned long)in & 3) || cinl != inl) { cin = OPENSSL_malloc(cinl); + if (cin == NULL) { + err("cin - memory allocation failed"); + abort(); + return 0; + } memcpy(cin, in, inl); cryp.src = cin; } @@ -334,6 +343,11 @@ char *dcopy; dcopy = OPENSSL_malloc(len); + if (dcopy == NULL) { + err("dcopy - memory allocation failed"); + abort(); + return 0; + } memcpy(dcopy, data, len); cryp.src = dcopy; cryp.dst = cryp.src; // FIXME!!! @@ -397,6 +411,10 @@ assert(from->digest->flags & EVP_MD_FLAG_ONESHOT); to_md->data = OPENSSL_malloc(from_md->len); +if (to_md->data == NULL) { + err("DEV_CRYPTO_MD5_COPY: unable to allocate memory"); + return 0; +} memcpy(to_md->data, from_md->data, from_md->len); return 1; === Hello All, In reviewing source code in directory 'engines/ccgost', in file 'gost_ameth.c', there are a few instances where OPENSSL_malloc() is called, but no check for a return value of NULL is made. However, immediately afterwards statments which access the allocated memory are used (array access/memset(), etc) which will result in a segmentation fault/violation occuring if NULL is returned from the OPENSSL_malloc() call. The patch file below should address/correct this issue: --- gost_ameth.c.orig 2016-03-02 16:43:36.014151374 -0800 +++ gost_ameth.c2016-03-02 16:45:59.978448496 -0800 @@ -617,6 +617,10 @@ return 0; } databuf = OPENSSL_malloc(octet->length); +if (!databuf) { + GOSTerr(GOST_F_PUB_DECODE_GOST94, ERR_R_MALLOC_FAILURE); + return 0; +} for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { databuf[j] = octet->data[i]; } @@ -646,6 +650,8 @@ } data_len = BN_num_bytes(dsa->pub_key); databuf = OPENSSL_malloc(data_len); +if (!databuf) + return 0; BN_bn2bin(dsa->pub_key, databuf); octet = ASN1_OCTET_STRING_new(); ASN1_STRING_set(octet, NULL, data_len); @@ -686,6 +692,10 @@ return 0; } databuf = OPENSSL_malloc(octet->length); +if (!databuf) { + GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); + return 0; +} for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { databuf[j] = octet->data[i]; } @@ -760,6 +770,10 @@ data_len = 2 * BN_num_bytes(order); BN_free(order); databuf = OPENSSL_malloc(data_len); +if (!databuf) { + GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); + return 0; +} memset(databuf, 0, data_len); store_bignum(X, databuf + data_len / 2, data_len / 2); === Hello All, In reviewing source code in directory 'engines/ccgost', in file 'gost_pmeth.c', there are a few instances where OPENSSL_malloc() is called, but no check for a return value of NULL is made. However, immediately afterwards statments which access the allocated memory are used (memcpy()/memset(), etc) which will result in a segmentation fault/violation occuring if NULL is returned from the OPENSSL_malloc() call. The patch file below should address/correct this issue: --- gost_pmeth.c.orig 2016-03-02 17:24:49.503519153 -0800 +++ gost_pmeth.c2016-03-02 17:27:27.179558967 -0800 @@ -107,6 +107,8 @@ return 1; case EVP_PKEY_CTRL_SET_IV: pctx->shared_ukm = OPENSSL_malloc((int)p1); + if (!pctx->shared_ukm) + return 0; memcpy(pctx->shared_ukm, p2, (int)p1); return 1; case EVP_PKEY_CTRL_PEER_KEY: @@ -533,6 +535,8 @@ return 0; } keydata = OPENSSL_malloc(32); +if (!keydata) + return 0; memcpy(keydata, data->key, 32);
[openssl-dev] [openssl.org #4375] [PATCH] Missing Sanity Checks for OPENSSL_malloc() in OpenSSL-1.0.2g
Hello All, In reviewing code in OpenSSL-1.0.2g, in directory 'ssl', file 'ssl_ciph.c', in function ''SSL_COMP_add_compression_method()'', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- ssl_ciph.c.orig 2016-03-02 17:39:01.677826126 -0800 +++ ssl_ciph.c 2016-03-02 17:40:51.942840242 -0800 @@ -1996,6 +1996,8 @@ MemCheck_off(); comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); +if (comp == NULL) + return 1; comp->id = id; comp->method = cm; load_builtin_compressions(); === Hello All, In reviewing code in OpenSSL-1.0.2g, in directory 'crypto/bio', file 'bss_rtcp.c', in function 'rtcp_new()', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- bss_rtcp.c.orig 2016-03-02 15:25:08.307826108 -0800 +++ bss_rtcp.c 2016-03-02 15:25:47.326785217 -0800 @@ -170,6 +170,8 @@ bi->num = 0; bi->flags = 0; bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx)); +if (bi->ptr == NULL) + return (0); ctx = (struct rpc_ctx *)bi->ptr; ctx->filled = 0; ctx->pos = 0; === Hello All, In reviewing code in OpenSSL-1.0.2g, in directory 'apps', file 'apps.c', in function 'args_from_file()', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- apps.c.orig 2016-03-02 15:27:24.293109138 -0800 +++ apps.c 2016-03-02 15:27:48.108135906 -0800 @@ -215,7 +215,8 @@ if (arg != NULL) OPENSSL_free(arg); arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2)); - +if (arg == NULL) + return (0); *argv = arg; num = 0; p = buf; === Hello All, In reviewing code in OpenSSL-1.0.2g, in directory 'crypto/x509', file 'by_dir.c', in function 'get_cert_by_subject()', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- by_dir.c.orig 2016-03-02 15:29:32.361385958 -0800 +++ by_dir.c2016-03-02 15:30:04.762503973 -0800 @@ -401,6 +401,10 @@ } if (!hent) { hent = OPENSSL_malloc(sizeof(BY_DIR_HASH)); + if (hent == NULL) { + X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE); + goto finish; + } hent->hash = h; hent->suffix = k; if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) { === Hello All, In reviewing code in OpenSSL-1.0.2g, in directory 'engines', file 'e_capi.c', in function 'capi_get_provname()', there is a call to OPENSSL_malloc() or alloca() which is not checked for a return value of NULL, indicating failure. In function 'capi_cert_get_fname()', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure. In function '*capi_get_key()', there is a call to OPENSSL_malloc() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- e_capi.c.orig 2016-03-02 15:31:15.011432251 -0800 +++ e_capi.c2016-03-02 15:35:24.264110984 -0800 @@ -1106,6 +1106,10 @@ name = alloca(len); else name = OPENSSL_malloc(len); +if (name == NULL) { + CAPIerr(CAPI_F_CAPI_GET_PROVNAME, ERR_R_MALLOC_FAILURE); + return 0; +} if (!CryptEnumProviders(idx, NULL, 0, ptype, name, )) { err = GetLastError(); if (err == ERROR_NO_MORE_ITEMS) @@ -1286,6 +1290,10 @@ (cert, CERT_FRIENDLY_NAME_PROP_ID, NULL, )) return NULL; wfname = OPENSSL_malloc(dlen); +if (wfname == NULL) { + CAPIerr(CAPI_F_CAPI_CERT_GET_FNAME, ERR_R_MALLOC_FAILURE); + return NULL; +} if (CertGetCertificateContextProperty (cert, CERT_FRIENDLY_NAME_PROP_ID, wfname, )) { char *fname = wide_to_asc(wfname); @@ -1436,6 +1444,11 @@ CAPI_KEY *key; DWORD dwFlags = 0; key = OPENSSL_malloc(sizeof(CAPI_KEY)); +if (key == NULL) { + CAPIerr(CAPI_F_CAPI_GET_KEY, ERR_R_MALLOC_FAILURE); + capi_addlasterror(); + goto err; +} if (sizeof(TCHAR) == sizeof(char)) CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", contname, provname, ptype); === Hello All, In reviewing code in OpenSSL-1.0.2g, in directory
[openssl-dev] [openssl.org #4381] [PATCH] Missing Sanity Check for OBJ_nid2obj() in OpenSSL-1.0.2g
In reviewing code in directory 'crypto/asn1', file 'asn_moid.c', in function 'do_create()', there is a call to 'OBJ_nid2obj()' which is not checked for a return value of NULL. The patch file below adds the check and returns 0 if NULL is returned: --- asn_moid.c.orig 2016-03-06 17:09:03.019903938 -0800 +++ asn_moid.c 2016-03-06 17:09:41.778829998 -0800 @@ -146,6 +146,8 @@ memcpy(lntmp, ln, p - ln); lntmp[p - ln] = 0; oid = OBJ_nid2obj(nid); + if (oid == NULL) + return 0; oid->ln = lntmp; } === In reviewing code in directory 'crypto/asn1', file 'p5_pbev2.c', in function 'PKCS5_pbe2_set_iv()' and 'PKCS5_pbkdf2_set(), there are calls to 'OBJ_nid2obj()' which is not checked for a return value of NULL. The patch file below adds the check and goes to merr: if NULL is returned: --- p5_pbev2.c.orig 2016-03-06 17:21:56.612223544 -0800 +++ p5_pbev2.c 2016-03-06 17:23:25.049463462 -0800 @@ -105,6 +105,8 @@ goto err; } obj = OBJ_nid2obj(alg_nid); +if (obj == NULL) + goto merr; if (!(pbe2 = PBE2PARAM_new())) goto merr; @@ -169,6 +171,8 @@ goto merr; ret->algorithm = OBJ_nid2obj(NID_pbes2); +if (ret->algorithm == NULL) + goto merr; /* Encode PBE2PARAM into parameter */ @@ -258,6 +262,8 @@ goto merr; keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2); +if (!keyfunc->algorithm) + goto merr; /* Encode PBKDF2PARAM into parameter of pbe2 */ === In reviewing code in directory 'crypto/asn1', file 'x_attrib.c', in function 'X509_ATTRIBUTE_create()' there is a call to 'OBJ_nid2obj()' which is not checked for a return value of NULL. The patch file below adds the check and goes to err: if NULL is returned: --- x_attrib.c.orig 2016-03-06 17:35:12.565385098 -0800 +++ x_attrib.c 2016-03-06 17:37:35.383536550 -0800 @@ -105,6 +105,8 @@ if ((ret = X509_ATTRIBUTE_new()) == NULL) return (NULL); ret->object = OBJ_nid2obj(nid); +if (ret->object == NULL) + goto err; ret->single = 0; if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL) goto err; === In reviewing code in directory 'crypto/asn1', file 'tasn_new.c', in function 'ASN1_primitive_new()' there is a call to 'OBJ_nid2obj()' which is not checked for a return value of NULL. The patch file below adds the check and returns 0 if NULL is returned: --- tasn_new.c.orig 2016-03-06 17:39:25.320508974 -0800 +++ tasn_new.c 2016-03-06 17:40:31.614934655 -0800 @@ -328,6 +328,8 @@ switch (utype) { case V_ASN1_OBJECT: *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); + if (!pval) + return 0; return 1; case V_ASN1_BOOLEAN: === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4381 Please log in as guest with password guest if prompted asn_moid.c.patch Description: Binary data p5_pbev2.c.patch Description: Binary data x_attrib.c.patch Description: Binary data tasn_new.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4384] [PATCH] Missing Sanity Check plus potential NULL pointer deref (CWE-476)
Hello All, In reviewing code in directory 'engines', file 'e_aep.c', there is a call to function 'bn_expand()', but it is not checked for a return value of NULL. However, a member of the variable 'bn' (bn->d) are used in memset()/memcpy() calls, but if 'bn' is NULL, a segmentation fault/violation will occur. The patch file below checks for a NULL return from 'bn_expand()', but I was not sure what should be returned from here (so I kludged something to fit): --- e_aep.c.orig2016-03-06 10:47:23.113646348 -0800 +++ e_aep.c 2016-03-06 10:52:27.991394742 -0800 @@ -1137,7 +1137,9 @@ /* * Expand the result bn so that it can hold our big num. Size is in bits */ -bn_expand(bn, (int)(BigNumSize << 3)); +if (!bn_expand(bn, (int)(BigNumSize << 3)) == NULL) + /* what should we do here, a new error code, etc? */ + return 117; /* bn_expand could return NULL, could it not? */ # ifdef SIXTY_FOUR_BIT_LONG bn->top = BigNumSize >> 3; -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4384 Please log in as guest with password guest if prompted e_aep.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4382] [PATCH] Missing Sanity Check(s) for BUF_strdup() in OpenSSL-1.0.2g
Hello All, In reviewing source code in directory 'crypto/conf', file 'conf_mod.c', there is a call to BUF_strdup() in function 'module_add()' which is not checked for a return value of NULL, indicating failure. The patch file below adds the check and calls OPENSSL_free(tmod) to release the previous allocation by OPENSSL_malloc(): --- conf_mod.c.orig 2016-03-06 05:46:50.424008381 -0800 +++ conf_mod.c 2016-03-06 05:47:49.031457086 -0800 @@ -288,6 +288,10 @@ tmod->dso = dso; tmod->name = BUF_strdup(name); +if (!tmod->name) { + OPENSSL_free(tmod); + return NULL; +} tmod->init = ifunc; tmod->finish = ffunc; tmod->links = 0; -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4382 Please log in as guest with password guest if prompted conf_mod.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4385] [PATCH] Missing Sanity Checks for RSA_new_method() in OpenSSL-1.0.2g
Hello All, In reviewing source code in directory 'engines', file 'e_4758cca.c', there are two calls to function 'RSA_new_method()' which are not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- e_4758cca.c.orig2016-03-06 11:05:42.053315929 -0800 +++ e_4758cca.c 2016-03-06 11:06:54.996586643 -0800 @@ -463,6 +463,10 @@ (*(long *)keyToken) = keyTokenLength; rtmp = RSA_new_method(e); +if (rtmp == NULL) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE); + goto err; +} RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); @@ -535,6 +539,10 @@ (*(long *)keyToken) = keyTokenLength; rtmp = RSA_new_method(e); +if (rtmp == NULL) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE); + goto err; +} RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4385 Please log in as guest with password guest if prompted e_4758cca.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4386] [PATCH] Add sanity checks for BN_new() in OpenSSL-1.0.2g
Hello All, In reviewing code in directory 'engines/ccgost', file 'gost2001.c', there are two calls to BN_new() which are not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- gost2001.c.orig 2016-03-06 11:32:49.676178425 -0800 +++ gost2001.c 2016-03-06 11:38:04.604204158 -0800 @@ -434,6 +434,10 @@ int gost2001_keygen(EC_KEY *ec) { BIGNUM *order = BN_new(), *d = BN_new(); +if (!order || !d) { + GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_MALLOC_FAILURE); + return 0; +} const EC_GROUP *group = EC_KEY_get0_group(ec); if(!group || !EC_GROUP_get_order(group, order, NULL)) { -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4386 Please log in as guest with password guest if prompted gost2001.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4383] [PATCH] Add error checking for bn2_expand()/BN_new()/RSA_new_method() in file 'e_chil.c' for OpenSSL-1.0.2g
Hello All, In reviewing source code in directory 'crypto/engines', file 'e_chil.c' there are some comments warning to check for error when bn_expand2() or BN_new() or RSA_new_method() is called. The patch file below adds the requested checks to the code: --- e_chil.c.orig 2016-03-06 06:51:53.783105250 -0800 +++ e_chil.c2016-03-06 11:20:38.533253919 -0800 @@ -810,9 +810,17 @@ # endif # ifndef OPENSSL_NO_RSA rtmp = RSA_new_method(eng); +if (!rtmp == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; +} RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr); rtmp->e = BN_new(); rtmp->n = BN_new(); +if (!rtmp->e || !rtmp->n) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; +} rtmp->flags |= RSA_FLAG_EXT_PKEY; MPI2BN(rtmp->e, e); MPI2BN(rtmp->n, n); @@ -823,8 +831,14 @@ goto err; } -bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)); -bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)); +if (bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)) == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; +} +if (bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)) == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); + goto err; +} MPI2BN(rtmp->e, e); MPI2BN(rtmp->n, n); @@ -923,7 +937,10 @@ goto err; } /* Prepare the params */ -bn_expand2(r, m->top); /* Check for error !! */ +if (bn_expand2(r, m->top) == NULL) { /* Check for error !! */ + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; +} BN2MPI(m_a, a); BN2MPI(m_p, p); BN2MPI(m_n, m); @@ -989,7 +1006,10 @@ } /* Prepare the params */ -bn_expand2(r, rsa->n->top); /* Check for error !! */ +if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */ + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; + } BN2MPI(m_a, I); MPI2BN(r, m_r); @@ -1026,7 +1046,10 @@ } /* Prepare the params */ -bn_expand2(r, rsa->n->top); /* Check for error !! */ +if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */ + HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; + } BN2MPI(m_a, I); BN2MPI(m_p, rsa->p); BN2MPI(m_q, rsa->q); -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4383 Please log in as guest with password guest if prompted e_chil.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4386] [PATCH] Add sanity checks for BN_new() in OpenSSL-1.0.2g
Dr. Dale, I actually saw that, but forgot to correct it before sending (my bad)...:( Bill On Mon, Mar 7, 2016 at 1:44 PM, paul.d...@oracle.com via RT <r...@openssl.org> wrote: > If one of the allocation calls succeeds and the other fails, the patched > code will leak memory. > It needs something along the lines of: > > if (order != NULL) BN_clear_free(order); > if (d != NULL) BN_clear_free(d); > > in the failure case code. > > > Pauli > > -- > Oracle > Dr Paul Dale | Cryptographer | Network Security & Encryption > Phone +61 7 3031 7217 > Oracle Australia > > On Mon, 7 Mar 2016 05:55:23 PM Bill Parker via RT wrote: > > Hello All, > > > > In reviewing code in directory 'engines/ccgost', file 'gost2001.c', > > there are two calls to BN_new() which are not checked for a return > > value of NULL, indicating failure. > > > > The patch file below should address/correct this issue: > > > > --- gost2001.c.orig 2016-03-06 11:32:49.676178425 -0800 > > +++ gost2001.c 2016-03-06 11:38:04.604204158 -0800 > > @@ -434,6 +434,10 @@ > > int gost2001_keygen(EC_KEY *ec) > > { > > BIGNUM *order = BN_new(), *d = BN_new(); > > +if (!order || !d) { > > + GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_MALLOC_FAILURE); > > + return 0; > > +} > > const EC_GROUP *group = EC_KEY_get0_group(ec); > > > > if(!group || !EC_GROUP_get_order(group, order, NULL)) { > > > > > > > -- > Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4386 > Please log in as guest with password guest if prompted > > -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4386 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4377] Prevent potential NULL pointer dereference in OpenSSL-1.0.2g (CWE-476)
Hello All, In reviewing code in directory 'crypto/evp', in file 'openbsd_hw.c', there is a call to OPENSSL_realloc() which is NOT checked for a return value of NULL, indicating failure. However, the statement after this is memcpy(), which if the destination variable is NULL, will result in a segmentation fault/violation. The patch file below should address/correct this issue: --- openbsd_hw.c.orig 2016-03-02 15:36:57.236927351 -0800 +++ openbsd_hw.c2016-03-03 18:56:58.169567807 -0800 @@ -364,6 +378,10 @@ return do_digest(md_data->sess.ses, md_data->md, data, len); md_data->data = OPENSSL_realloc(md_data->data, md_data->len + len); +if (md_data->data == NULL) { + err("DEV_CRYPTO_MD5_UPDATE: unable to allocate memory"); + return 0; +} memcpy(md_data->data + md_data->len, data, len); md_data->len += len; === Bill Parker (wp02855 at gmail dot com) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4377 Please log in as guest with password guest if prompted realloc_openbsd_hw.c.patch Description: Binary data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev