Coverity Scan: Analysis failed for openssl/openssl
Your request for analysis of openssl/openssl is failed. Analysis status: Failure Please fix the error and upload the build again. Error details: :Failed to download tar file from gs://sig-scan-prod-upload/294/427734/openssl.tgz For more detail explanation on the error, please check: https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DF72F_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGJhCUgZ5NHQuQS4m-2FdPQqN7ocdMuiOsDYew6snNdpAe5DjEhZwHM0-2FLPp5BwWHF18-2BZsKXxT4g-2FnfEnAkfQwsF5tNG-2FBti19wU7z31wiv3B5KKuse4wPLJ1J-2B0e1Ri50MuukZWP81KcY-2FddnwaBb1VtGq7LOAXvzhK2xCk67yq-2BFn8xfYuZGH241lxBzj9al4-3D If your build process isn't going smoothly, email us at scan-ad...@coverity.com with your cov-int/build-log.txt file attached for assistance, or post your issue to the StackOverflow at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DNE4F_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGJhCUgZ5NHQuQS4m-2FdPQqN7ocdMuiOsDYew6snNdpAe7zTMoqLJJ0K-2BekGmDGfyNhxD24mkQe-2BwKodcIs0CasaG5sadAk-2FjgrxPZotz9EbuziHLhOJtAWQFAkId2fQYoS1sdkAGVRpA7qZLjHPM0pMeoawbpGn-2FGLDFWLO3mP2qIVUF9tNnLzZ8FOnfMaqR3Q-3D
[openssl] master update
The branch master has been updated via e304aa87b35fac5ea97c405dd3c21549faa45e78 (commit) from e66c41725f03dae2b295df048312fe6d28729e98 (commit) - Log - commit e304aa87b35fac5ea97c405dd3c21549faa45e78 Author: Dimitris Apostolou Date: Mon Jan 3 01:00:27 2022 +0200 Fix typos Reviewed-by: Tim Hudson Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17392) --- Summary of changes: Configure | 4 ++-- INSTALL.md| 2 +- README-ENGINES.md | 2 +- apps/cmp.c| 2 +- apps/include/http_server.h| 2 +- configdata.pm.in | 4 ++-- crypto/aes/asm/aesv8-armx.pl | 6 +++--- crypto/bn/asm/rsaz-2k-avx512.pl | 2 +- crypto/bn/asm/rsaz-3k-avx512.pl | 2 +- crypto/bn/asm/rsaz-4k-avx512.pl | 2 +- crypto/cmp/cmp_vfy.c | 6 +++--- crypto/context.c | 2 +- crypto/ec/ec2_oct.c | 2 +- crypto/encode_decode/encoder_lib.c| 2 +- crypto/evp/ctrl_params_translate.c| 2 +- crypto/evp/m_sigver.c | 2 +- crypto/ffc/ffc_params_generate.c | 2 +- crypto/rand/rand_egd.c| 2 +- crypto/rsa/rsa_lib.c | 2 +- crypto/x509/v3_ist.c | 2 +- crypto/x509/v3_utf8.c | 2 +- crypto/x509/v3_utl.c | 2 +- crypto/x509/x_pubkey.c| 2 +- demos/mac/gmac.c | 2 +- dev/release-aux/README.md | 2 +- dev/release.sh| 4 ++-- doc/internal/man3/OPTIONS.pod | 2 +- doc/internal/man3/ossl_random_add_conf_module.pod | 2 +- doc/internal/man7/EVP_PKEY.pod| 2 +- doc/man1/openssl-genpkey.pod.in | 4 ++-- doc/man1/openssl-s_client.pod.in | 2 +- doc/man1/openssl-verification-options.pod | 2 +- doc/man3/ASN1_aux_cb.pod | 4 ++-- doc/man3/ASN1_item_sign.pod | 4 ++-- doc/man3/BIO_s_core.pod | 2 +- doc/man3/BN_rand.pod | 2 +- doc/man3/CONF_modules_load_file.pod | 2 +- doc/man3/DH_get0_pqg.pod | 2 +- doc/man3/EVP_EncryptInit.pod | 2 +- doc/man3/EVP_KEYMGMT.pod | 2 +- doc/man3/EVP_PKEY2PKCS8.pod | 2 +- doc/man3/EVP_PKEY_derive.pod | 2 +- doc/man3/EVP_PKEY_gettable_params.pod | 2 +- doc/man3/EVP_PKEY_new.pod | 2 +- doc/man3/EVP_PKEY_todata.pod | 2 +- doc/man3/OCSP_resp_find_status.pod| 2 +- doc/man3/OCSP_sendreq_new.pod | 2 +- doc/man3/OSSL_CMP_log_open.pod| 2 +- doc/man3/OSSL_DECODER.pod | 2 +- doc/man3/OSSL_DECODER_CTX_new_for_pkey.pod| 4 ++-- doc/man3/OSSL_ENCODER.pod | 2 +- doc/man3/OSSL_ENCODER_CTX.pod | 4 ++-- doc/man3/OSSL_ENCODER_CTX_new_for_pkey.pod| 2 +- doc/man3/OSSL_ESS_check_signing_certs.pod | 2 +- doc/man3/OSSL_HTTP_REQ_CTX.pod| 2 +- doc/man3/OSSL_HTTP_parse_url.pod | 2 +- doc/man3/OSSL_PARAM.pod | 2 +- doc/man3/OSSL_PARAM_int.pod | 6 +++--- doc/man3/OSSL_STORE_LOADER.pod| 2 +- doc/man3/OSSL_trace_set_channel.pod | 2 +- doc/man3/PKCS12_decrypt_skey.pod | 2 +- doc/man3/PKCS12_gen_mac.pod
[openssl] master update
The branch master has been updated via e66c41725f03dae2b295df048312fe6d28729e98 (commit) via db87f89b7393eea395b82050c7fc4e1869ef112e (commit) via cccbb4fa60ca890a0ce6757fcba5669208fffa46 (commit) from 0da3b39af3d961486758262ca71d2135d7013048 (commit) - Log - commit e66c41725f03dae2b295df048312fe6d28729e98 Author: Dmitry Belyavskiy Date: Thu Dec 23 11:19:07 2021 +0100 Run TLSfuzzer tests for CI Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17340) commit db87f89b7393eea395b82050c7fc4e1869ef112e Author: Dmitry Belyavskiy Date: Wed Dec 22 18:13:40 2021 +0100 TLS Fuzzer: initial test infrastructure Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17340) commit cccbb4fa60ca890a0ce6757fcba5669208fffa46 Author: Dmitry Belyavskiy Date: Wed Dec 22 18:11:21 2021 +0100 TLSfuzzer: submodules Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17340) --- Summary of changes: .github/workflows/ci.yml | 2 + .gitmodules| 9 +++ python-ecdsa | 1 + test/recipes/95-test_external_tlsfuzzer.t | 28 + .../95-test_external_tlsfuzzer_data/cert.json.in | 38 +++ .../tls-fuzzer-cert.sh | 9 +++ .../95-test_external_tlsfuzzer_data/tlsfuzzer.sh | 73 ++ tlsfuzzer | 1 + tlslite-ng | 1 + 9 files changed, 162 insertions(+) create mode 16 python-ecdsa create mode 100644 test/recipes/95-test_external_tlsfuzzer.t create mode 100644 test/recipes/95-test_external_tlsfuzzer_data/cert.json.in create mode 100644 test/recipes/95-test_external_tlsfuzzer_data/tls-fuzzer-cert.sh create mode 100644 test/recipes/95-test_external_tlsfuzzer_data/tlsfuzzer.sh create mode 16 tlsfuzzer create mode 16 tlslite-ng diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b52b8c15f4..103f4c774f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -273,6 +273,8 @@ jobs: run: make test TESTS="test_external_gost_engine" - name: test external krb5 run: make test TESTS="test_external_krb5" +- name: test external_tlsfuzzer + run: make test TESTS="test_external_tlsfuzzer" external-test-pyca: runs-on: ubuntu-latest diff --git a/.gitmodules b/.gitmodules index 35f803a99c..1d4c6c9da7 100644 --- a/.gitmodules +++ b/.gitmodules @@ -13,3 +13,12 @@ [submodule "wycheproof"] path = wycheproof url = https://github.com/google/wycheproof +[submodule "tlsfuzzer"] + path = tlsfuzzer + url = https://github.com/tlsfuzzer/tlsfuzzer +[submodule "python-ecdsa"] + path = python-ecdsa + url = https://github.com/tlsfuzzer/python-ecdsa +[submodule "tlslite-ng"] + path = tlslite-ng + url = https://github.com/tlsfuzzer/tlslite-ng diff --git a/python-ecdsa b/python-ecdsa new file mode 16 index 00..4de8d5bf89 --- /dev/null +++ b/python-ecdsa @@ -0,0 +1 @@ +Subproject commit 4de8d5bf89089d1140eb99aa5d7eb2dc8e6337b6 diff --git a/test/recipes/95-test_external_tlsfuzzer.t b/test/recipes/95-test_external_tlsfuzzer.t new file mode 100644 index 00..e506f8007a --- /dev/null +++ b/test/recipes/95-test_external_tlsfuzzer.t @@ -0,0 +1,28 @@ +#! /usr/bin/env perl +# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT data_file data_dir bldtop_dir srctop_dir cmdstr/; +use Cwd qw(abs_path); + +setup("test_external_tlsfuzzer"); + +plan skip_all => "No external tests in this configuration" +if disabled("external-tests"); +plan skip_all => "TLSFuzzer tests not available on Windows or VMS" +if $^O =~ /^(VMS|MSWin32)$/; +plan skip_all => "TLSFuzzer tests not supported in out of tree builds" +if bldtop_dir() ne srctop_dir(); + +$ENV{TESTDATADIR} = abs_path(data_dir()); +plan tests => 1; + +ok(run(cmd(["sh", data_file("tls-fuzzer-cert.sh")])), + "running TLSFuzzer tests"); diff --git a/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in b/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in new file mode 100644 index 00..1bc20799d9 --- /dev/null +++ b/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in @@ -0,0 +1,38 @@ +[ +{"server_command": ["@SERVER@", "s_server", "-www", +
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via f762f91f9506927ed036bca5f78f392e039911df (commit) from 82df03d7dd6f207f47ad023ef341c563188903b4 (commit) - Log - commit f762f91f9506927ed036bca5f78f392e039911df Author: x2018 Date: Mon Nov 29 19:08:36 2021 +0800 check the return value of OSSL_PARAM_BLD_new in dsa_kmgmt.c:195 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17155) (cherry picked from commit 0da3b39af3d961486758262ca71d2135d7013048) --- Summary of changes: providers/implementations/keymgmt/dsa_kmgmt.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 1e1b168f7d..b327a3a783 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -210,12 +210,16 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, void *cbarg) { DSA *dsa = keydata; -OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new(); +OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ok = 1; if (!ossl_prov_is_running() || dsa == NULL) -goto err; +return 0; + +tmpl = OSSL_PARAM_BLD_new(); +if (tmpl == NULL) +return 0; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) ok = ok && ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), tmpl, NULL);
[openssl] master update
The branch master has been updated via 0da3b39af3d961486758262ca71d2135d7013048 (commit) from 8582dccc4dd1f1667b0e91a098e2cc78c7146dd7 (commit) - Log - commit 0da3b39af3d961486758262ca71d2135d7013048 Author: x2018 Date: Mon Nov 29 19:08:36 2021 +0800 check the return value of OSSL_PARAM_BLD_new in dsa_kmgmt.c:195 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17155) --- Summary of changes: providers/implementations/keymgmt/dsa_kmgmt.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 1e1b168f7d..b327a3a783 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -210,12 +210,16 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, void *cbarg) { DSA *dsa = keydata; -OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new(); +OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ok = 1; if (!ossl_prov_is_running() || dsa == NULL) -goto err; +return 0; + +tmpl = OSSL_PARAM_BLD_new(); +if (tmpl == NULL) +return 0; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) ok = ok && ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), tmpl, NULL);
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 82df03d7dd6f207f47ad023ef341c563188903b4 (commit) from 038a185971c84ea3978a6a8ba799fca46dc919e7 (commit) - Log - commit 82df03d7dd6f207f47ad023ef341c563188903b4 Author: zhaozg Date: Sat Jan 1 22:45:12 2022 +0800 sm2: fix {i2d,d2i}_PublicKey EC_KEY is EVP_PKEY_SM2 CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17389) (cherry picked from commit 8582dccc4dd1f1667b0e91a098e2cc78c7146dd7) --- Summary of changes: crypto/asn1/d2i_pu.c | 2 +- crypto/asn1/i2d_evp.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 1be114b8a2..6d5dd1bc60 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -54,7 +54,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, goto err; } -switch (EVP_PKEY_get_id(ret)) { +switch (EVP_PKEY_get_base_id(ret)) { case EVP_PKEY_RSA: if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); diff --git a/crypto/asn1/i2d_evp.c b/crypto/asn1/i2d_evp.c index 8b36388263..070ac83376 100644 --- a/crypto/asn1/i2d_evp.c +++ b/crypto/asn1/i2d_evp.c @@ -131,7 +131,7 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp) return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_info, pp); } -switch (EVP_PKEY_get_id(a)) { +switch (EVP_PKEY_get_base_id(a)) { case EVP_PKEY_RSA: return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp); #ifndef OPENSSL_NO_DSA
[openssl] master update
The branch master has been updated via 8582dccc4dd1f1667b0e91a098e2cc78c7146dd7 (commit) from ea4d16bc60dee53feb71997c1e78379eeb69b7ac (commit) - Log - commit 8582dccc4dd1f1667b0e91a098e2cc78c7146dd7 Author: zhaozg Date: Sat Jan 1 22:45:12 2022 +0800 sm2: fix {i2d,d2i}_PublicKey EC_KEY is EVP_PKEY_SM2 CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17389) --- Summary of changes: crypto/asn1/d2i_pu.c | 2 +- crypto/asn1/i2d_evp.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 1be114b8a2..6d5dd1bc60 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -54,7 +54,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, goto err; } -switch (EVP_PKEY_get_id(ret)) { +switch (EVP_PKEY_get_base_id(ret)) { case EVP_PKEY_RSA: if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); diff --git a/crypto/asn1/i2d_evp.c b/crypto/asn1/i2d_evp.c index 8b36388263..070ac83376 100644 --- a/crypto/asn1/i2d_evp.c +++ b/crypto/asn1/i2d_evp.c @@ -131,7 +131,7 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp) return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_info, pp); } -switch (EVP_PKEY_get_id(a)) { +switch (EVP_PKEY_get_base_id(a)) { case EVP_PKEY_RSA: return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp); #ifndef OPENSSL_NO_DSA
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 52d9a1d0448432182a5fab0753c236b29819a2a5 (commit) from dd05385e36582f34e691b1350dd7daf74df5cc90 (commit) - Log - commit 52d9a1d0448432182a5fab0753c236b29819a2a5 Author: Tomas Mraz Date: Tue Dec 28 13:32:57 2021 +0100 close_console: Always unlock as the lock is always held Fixes #17364 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17395) --- Summary of changes: crypto/ui/ui_openssl.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c index 9526c16536..eab29e288d 100644 --- a/crypto/ui/ui_openssl.c +++ b/crypto/ui/ui_openssl.c @@ -572,6 +572,8 @@ static int echo_console(UI *ui) static int close_console(UI *ui) { +int ret = 1; + if (tty_in != stdin) fclose(tty_in); if (tty_out != stderr) @@ -584,12 +586,12 @@ static int close_console(UI *ui) BIO_snprintf(tmp_num, sizeof(tmp_num) - 1, "%%X%08X", status); UIerr(UI_F_CLOSE_CONSOLE, UI_R_SYSDASSGN_ERROR); ERR_add_error_data(2, "status=", tmp_num); -return 0; +ret = 0; } # endif CRYPTO_THREAD_unlock(ui->lock); -return 1; +return ret; } # if !defined(OPENSSL_SYS_WINCE)
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via dd05385e36582f34e691b1350dd7daf74df5cc90 (commit) from 692520a1fede55001dbce23618f992b4042ebbae (commit) - Log - commit dd05385e36582f34e691b1350dd7daf74df5cc90 Author: Peiwei Hu Date: Tue Jan 4 09:10:32 2022 +0800 apps/passwd.c: free before error exiting use goto instead of returning directly while error handling Signed-off-by: Peiwei Hu Reviewed-by: Ben Kaduk Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17404) (cherry picked from commit ea4d16bc60dee53feb71997c1e78379eeb69b7ac) --- Summary of changes: apps/passwd.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/passwd.c b/apps/passwd.c index d741d05335..2a4199d080 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -407,7 +407,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) n >>= 1; } if (!EVP_DigestFinal_ex(md, buf, NULL)) -return NULL; +goto err; for (i = 0; i < 1000; i++) { if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL)) @@ -633,7 +633,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) n >>= 1; } if (!EVP_DigestFinal_ex(md, buf, NULL)) -return NULL; +goto err; /* P sequence */ if (!EVP_DigestInit_ex(md2, sha, NULL)) @@ -644,7 +644,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) goto err; if (!EVP_DigestFinal_ex(md2, temp_buf, NULL)) -return NULL; +goto err; if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL) goto err; @@ -661,7 +661,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) goto err; if (!EVP_DigestFinal_ex(md2, temp_buf, NULL)) -return NULL; +goto err; if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL) goto err;
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 038a185971c84ea3978a6a8ba799fca46dc919e7 (commit) from f29cb506035e5aecbdae351aeaddbe3b919d8f9c (commit) - Log - commit 038a185971c84ea3978a6a8ba799fca46dc919e7 Author: Peiwei Hu Date: Tue Jan 4 09:10:32 2022 +0800 apps/passwd.c: free before error exiting use goto instead of returning directly while error handling Signed-off-by: Peiwei Hu Reviewed-by: Ben Kaduk Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17404) (cherry picked from commit ea4d16bc60dee53feb71997c1e78379eeb69b7ac) --- Summary of changes: apps/passwd.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/passwd.c b/apps/passwd.c index 65cbd9e493..80861b3f3b 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -410,7 +410,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) n >>= 1; } if (!EVP_DigestFinal_ex(md, buf, NULL)) -return NULL; +goto err; for (i = 0; i < 1000; i++) { if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL)) @@ -636,7 +636,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) n >>= 1; } if (!EVP_DigestFinal_ex(md, buf, NULL)) -return NULL; +goto err; /* P sequence */ if (!EVP_DigestInit_ex(md2, sha, NULL)) @@ -647,7 +647,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) goto err; if (!EVP_DigestFinal_ex(md2, temp_buf, NULL)) -return NULL; +goto err; if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL) goto err; @@ -664,7 +664,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) goto err; if (!EVP_DigestFinal_ex(md2, temp_buf, NULL)) -return NULL; +goto err; if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL) goto err;
[openssl] master update
The branch master has been updated via ea4d16bc60dee53feb71997c1e78379eeb69b7ac (commit) from abc4345a19430869b9a8925c6defc9e9ce977429 (commit) - Log - commit ea4d16bc60dee53feb71997c1e78379eeb69b7ac Author: Peiwei Hu Date: Tue Jan 4 09:10:32 2022 +0800 apps/passwd.c: free before error exiting use goto instead of returning directly while error handling Signed-off-by: Peiwei Hu Reviewed-by: Ben Kaduk Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17404) --- Summary of changes: apps/passwd.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/passwd.c b/apps/passwd.c index bcb8804114..e024e8de7e 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -410,7 +410,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) n >>= 1; } if (!EVP_DigestFinal_ex(md, buf, NULL)) -return NULL; +goto err; for (i = 0; i < 1000; i++) { if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL)) @@ -636,7 +636,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) n >>= 1; } if (!EVP_DigestFinal_ex(md, buf, NULL)) -return NULL; +goto err; /* P sequence */ if (!EVP_DigestInit_ex(md2, sha, NULL)) @@ -647,7 +647,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) goto err; if (!EVP_DigestFinal_ex(md2, temp_buf, NULL)) -return NULL; +goto err; if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL) goto err; @@ -664,7 +664,7 @@ static char *shacrypt(const char *passwd, const char *magic, const char *salt) goto err; if (!EVP_DigestFinal_ex(md2, temp_buf, NULL)) -return NULL; +goto err; if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL) goto err;
[openssl] master update
The branch master has been updated via abc4345a19430869b9a8925c6defc9e9ce977429 (commit) from e06c0a2870c55aa4e66108ca071e7da7fd00b922 (commit) - Log - commit abc4345a19430869b9a8925c6defc9e9ce977429 Author: fangming.fang Date: Tue Dec 28 04:13:21 2021 + fix building failure when using -Wconditional-uninitialized Use clang -Wconditional-uninitialized to build, the error "initialize the variable 'buffer_size' to silence this warning" will be reported. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17375) --- Summary of changes: crypto/armcap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/armcap.c b/crypto/armcap.c index 117c57efe4..72ed0a024a 100644 --- a/crypto/armcap.c +++ b/crypto/armcap.c @@ -65,7 +65,7 @@ size_t OPENSSL_rndrrs_bytes(unsigned char *buf, size_t len); static size_t OPENSSL_rndr_wrapper(size_t (*func)(unsigned char *, size_t), unsigned char *buf, size_t len) { -size_t buffer_size; +size_t buffer_size = 0; int i; for (i = 0; i < 8; i++) {
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via f29cb506035e5aecbdae351aeaddbe3b919d8f9c (commit) from c245cc1be1acb47b1f983dea3bbb0caf36a33712 (commit) - Log - commit f29cb506035e5aecbdae351aeaddbe3b919d8f9c Author: Tomas Mraz Date: Mon Jan 3 14:46:52 2022 +0100 trace.c: Add missing trace category entry Fixes #17397 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17399) (cherry picked from commit e06c0a2870c55aa4e66108ca071e7da7fd00b922) --- Summary of changes: crypto/trace.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/trace.c b/crypto/trace.c index cc0b477698..dc194acb52 100644 --- a/crypto/trace.c +++ b/crypto/trace.c @@ -136,6 +136,7 @@ static const struct trace_category_st trace_categories[] = { TRACE_CATEGORY_(PKCS12_DECRYPT), TRACE_CATEGORY_(X509V3_POLICY), TRACE_CATEGORY_(BN_CTX), +TRACE_CATEGORY_(CMP), TRACE_CATEGORY_(STORE), TRACE_CATEGORY_(DECODER), TRACE_CATEGORY_(ENCODER),
[openssl] master update
The branch master has been updated via e06c0a2870c55aa4e66108ca071e7da7fd00b922 (commit) from b971d4198def0b29654e8fbf7987f7157741aed2 (commit) - Log - commit e06c0a2870c55aa4e66108ca071e7da7fd00b922 Author: Tomas Mraz Date: Mon Jan 3 14:46:52 2022 +0100 trace.c: Add missing trace category entry Fixes #17397 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17399) --- Summary of changes: crypto/trace.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/trace.c b/crypto/trace.c index cc0b477698..dc194acb52 100644 --- a/crypto/trace.c +++ b/crypto/trace.c @@ -136,6 +136,7 @@ static const struct trace_category_st trace_categories[] = { TRACE_CATEGORY_(PKCS12_DECRYPT), TRACE_CATEGORY_(X509V3_POLICY), TRACE_CATEGORY_(BN_CTX), +TRACE_CATEGORY_(CMP), TRACE_CATEGORY_(STORE), TRACE_CATEGORY_(DECODER), TRACE_CATEGORY_(ENCODER),