From f50c28dcec4b361203bc7499d29ede9dc4481b9a Mon Sep 17 00:00:00 2001 From: K1 Date: Wed, 25 Dec 2024 12:12:17 +0800 Subject: [PATCH] Fix coverity issues 471258 Unintentional integer overflow 471276, 471277, 471297, 471193 Unchecked return value 516455 Resource leak 471300,471167 Bad bit shift operation 497425, 497430 Overflowed constant 471249, 471299, 471250, 471328, 471335, 471259, 471239, 471161, 471182, 471163, 351691, 166006, 165987, 165981, 165973, 165970, 165968, 165967, 165966, 165950 Logically dead code 471319 Improper use of negative value 471286, 166008, 24956 Dereference after null check 471285 Structurally dead code 471272 Double unlock 471269 Unintentional integer overflow 471262 Array compared against 0 471235 Explicit null dereferenced 471226 Data race condition 471175 Argument cannot be negative --- apps/crl2pkcs7.c | 2 +- apps/delecred.c | 3 ++- apps/ec_elgamal.c | 12 ++++----- apps/errstr.c | 2 +- apps/gendsa.c | 2 +- apps/lib/s_cb.c | 26 ++++++++++++------- apps/list.c | 2 +- apps/nseq.c | 2 +- apps/paillier.c | 12 ++++----- apps/pkeyparam.c | 2 +- apps/prime.c | 2 +- apps/rand.c | 2 +- apps/rehash.c | 5 ++-- apps/speed.c | 20 ++++++++------ crypto/ec/ec_elgamal_crypt.c | 3 ++- crypto/encode_decode/encoder_lib.c | 2 +- crypto/mem_sec.c | 12 ++++++--- crypto/provider_core.c | 4 +-- crypto/x509/x509_lu.c | 8 +++--- crypto/zkp/bulletproofs/bulletproofs_encode.c | 4 +-- crypto/zkp/bulletproofs/inner_product.c | 3 ++- crypto/zkp/bulletproofs/r1cs.c | 3 ++- .../bulletproofs/r1cs_linear_combination.c | 15 ++++++----- crypto/zkp/nizk/nizk_encode.c | 6 ++--- providers/implementations/rands/drbg.c | 4 +-- ssl/ssl_dc.c | 18 ++++++++++--- ssl/statem_ntls/ntls_extensions.c | 14 ++-------- ssl/statem_ntls/ntls_statem_clnt.c | 8 +++--- ssl/statem_ntls/ntls_statem_lib.c | 5 ++-- 29 files changed, 113 insertions(+), 90 deletions(-) diff --git a/apps/crl2pkcs7.c b/apps/crl2pkcs7.c index fe59e6542..f15a90a0c 100644 --- a/apps/crl2pkcs7.c +++ b/apps/crl2pkcs7.c @@ -63,7 +63,7 @@ int crl2pkcs7_main(int argc, char **argv) prog = opt_init(argc, argv, crl2pkcs7_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/delecred.c b/apps/delecred.c index af98f5a2e..151f39951 100644 --- a/apps/delecred.c +++ b/apps/delecred.c @@ -105,7 +105,8 @@ int delecred_main(int argc, char **argv) ee_key_file = opt_arg(); break; case OPT_SEC: - opt_int(opt_arg(), &valid_time); + if (!opt_int(opt_arg(), &valid_time)) + goto opthelp; break; case OPT_EXPECT_VERIFY_MD: expect_verify_hash = opt_arg(); diff --git a/apps/ec_elgamal.c b/apps/ec_elgamal.c index a9560c78a..57601325c 100644 --- a/apps/ec_elgamal.c +++ b/apps/ec_elgamal.c @@ -360,17 +360,17 @@ int ec_elgamal_main(int argc, char **argv) } action_sum = encrypt + decrypt + add + sub + mul; - if (action_sum == 0) { - BIO_printf(bio_err, "No action parameter specified.\n"); - goto opthelp1; - } else if (action_sum != 1) { - BIO_printf(bio_err, "Only one action parameter must be specified.\n"); + if (action_sum != 1) { + if (action_sum == 0) + BIO_printf(bio_err, "No action parameter specified.\n"); + else + BIO_printf(bio_err, "Only one action parameter must be specified.\n"); + goto opthelp1; } while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: case OPT_ERR: opthelp2: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/errstr.c b/apps/errstr.c index 782705a78..bcebba04a 100644 --- a/apps/errstr.c +++ b/apps/errstr.c @@ -41,7 +41,7 @@ int errstr_main(int argc, char **argv) prog = opt_init(argc, argv, errstr_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); goto end; diff --git a/apps/gendsa.c b/apps/gendsa.c index e5c9bc22a..4bc60d8f5 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -65,7 +65,7 @@ int gendsa_main(int argc, char **argv) prog = opt_init(argc, argv, gendsa_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c index 369cfa12a..b419a3fd0 100644 --- a/apps/lib/s_cb.c +++ b/apps/lib/s_cb.c @@ -76,22 +76,28 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) } switch (err) { case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - BIO_puts(bio_err, "issuer= "); - X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert), - 0, get_nameopt()); - BIO_puts(bio_err, "\n"); + if (err_cert != NULL) { + BIO_puts(bio_err, "issuer= "); + X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert), + 0, get_nameopt()); + BIO_puts(bio_err, "\n"); + } break; case X509_V_ERR_CERT_NOT_YET_VALID: case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err, "notBefore="); - ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert)); - BIO_printf(bio_err, "\n"); + if (err_cert != NULL) { + BIO_printf(bio_err, "notBefore="); + ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert)); + BIO_printf(bio_err, "\n"); + } break; case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err, "notAfter="); - ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert)); - BIO_printf(bio_err, "\n"); + if (err_cert != NULL) { + BIO_printf(bio_err, "notAfter="); + ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert)); + BIO_printf(bio_err, "\n"); + } break; case X509_V_ERR_NO_EXPLICIT_POLICY: if (!verify_args.quiet) diff --git a/apps/list.c b/apps/list.c index ecdab5ca1..2d2085987 100644 --- a/apps/list.c +++ b/apps/list.c @@ -1505,7 +1505,7 @@ int list_main(int argc, char **argv) prog = opt_init(argc, argv, list_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: /* Never hit, but suppresses warning */ + default: case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/nseq.c b/apps/nseq.c index d5524370f..86f51839d 100644 --- a/apps/nseq.c +++ b/apps/nseq.c @@ -47,7 +47,7 @@ int nseq_main(int argc, char **argv) prog = opt_init(argc, argv, nseq_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/paillier.c b/apps/paillier.c index 88df63c9b..bbde10b24 100644 --- a/apps/paillier.c +++ b/apps/paillier.c @@ -447,7 +447,6 @@ int paillier_main(int argc, char **argv) prog = opt_init(argc, argv, paillier_options); if ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: case OPT_ERR: opthelp1: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); @@ -492,11 +491,12 @@ int paillier_main(int argc, char **argv) } action_sum = keygen + pubgen + key + pub + encrypt + decrypt + add + add_plain + sub + mul; - if (action_sum == 0) { - BIO_printf(bio_err, "No action parameter specified.\n"); - goto opthelp1; - } else if (action_sum != 1) { - BIO_printf(bio_err, "Only one action parameter must be specified.\n"); + if (action_sum != 1) { + if (action_sum == 0) + BIO_printf(bio_err, "No action parameter specified.\n"); + else + BIO_printf(bio_err, "Only one action parameter must be specified.\n"); + goto opthelp1; } diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c index 45647341c..20f3d5d24 100644 --- a/apps/pkeyparam.c +++ b/apps/pkeyparam.c @@ -56,7 +56,7 @@ int pkeyparam_main(int argc, char **argv) prog = opt_init(argc, argv, pkeyparam_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/prime.c b/apps/prime.c index e269493d5..2b46e039f 100644 --- a/apps/prime.c +++ b/apps/prime.c @@ -50,7 +50,7 @@ int prime_main(int argc, char **argv) prog = opt_init(argc, argv, prime_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/rand.c b/apps/rand.c index e1365da86..4c19c04b3 100644 --- a/apps/rand.c +++ b/apps/rand.c @@ -63,7 +63,7 @@ int rand_main(int argc, char **argv) prog = opt_init(argc, argv, rand_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); diff --git a/apps/rehash.c b/apps/rehash.c index 5777c77de..07cf07ff6 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -168,7 +168,8 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename, if (need_symlink && !ep->need_symlink) { ep->need_symlink = 1; bp->num_needed++; - memcpy(ep->digest, digest, evpmdsize); + if (digest) + memcpy(ep->digest, digest, evpmdsize); } return 0; } @@ -488,7 +489,7 @@ int rehash_main(int argc, char **argv) prog = opt_init(argc, argv, rehash_options); while ((o = opt_next()) != OPT_EOF) { switch (o) { - case OPT_EOF: + default: case OPT_ERR: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); goto end; diff --git a/apps/speed.c b/apps/speed.c index d4e35f4b8..3505a4dfb 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -641,7 +641,7 @@ static OPT_PAIR bulletproofs_choices[] = { # endif }; -static int bulletproofs_bits[] = {16, 32, 64}; +static int bulletproofs_bits[] = {16, 32, 63}; static int bulletproofs_agg_max[] = {1, 16, 32}; # define BULLETPROOFS_NUM OSSL_NELEM(bulletproofs_choices) @@ -1008,7 +1008,7 @@ static int EVP_Update_loop(void *args) rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); if (rc != 1) { /* reset iv in case of counter overflow */ - EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); + rc = EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); } } } else { @@ -1016,14 +1016,18 @@ static int EVP_Update_loop(void *args) rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); if (rc != 1) { /* reset iv in case of counter overflow */ - EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); + rc = EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); } } } if (decrypt) - EVP_DecryptFinal_ex(ctx, buf, &outl); + rc = EVP_DecryptFinal_ex(ctx, buf, &outl); else - EVP_EncryptFinal_ex(ctx, buf, &outl); + rc = EVP_EncryptFinal_ex(ctx, buf, &outl); + + if (rc == 0) + BIO_printf(bio_err, "Error finalizing cipher loop\n"); + return count; } @@ -4769,7 +4773,7 @@ int speed_main(int argc, char **argv) #ifndef OPENSSL_NO_BULLETPROOFS for (i = 1; i < sizeof(bp_secrets)/sizeof(bp_secrets[0]); i++) { - bp_secrets[i] = (1U << i) - 1; + bp_secrets[i] = (1ULL << i) - 1; } if (!(v = BN_new())) @@ -4783,7 +4787,7 @@ int speed_main(int argc, char **argv) continue; /* Ignore Curve */ for (m = 0; m < BULLETPROOFS_BITS_NUM; m++) { - bp_secrets[0] = (1U << bulletproofs_bits[m]) - 1; + bp_secrets[0] = (1ULL << bulletproofs_bits[m]) - 1; for (n = 0; n < BULLETPROOFS_AGG_MAX_NUM; n++) { bp_pp[testnum][m][n] = BP_PUB_PARAM_new_by_curve_id(test_bulletproofs_curves[testnum].nid, @@ -4823,7 +4827,7 @@ int speed_main(int argc, char **argv) } bp_ctx[testnum][m][n][j] = BP_RANGE_CTX_new(bp_pp[testnum][m][n], bp_witness[testnum][m][n][j], bp_transcript[testnum][m][n]); - if (bp_ctx[testnum][m][n] == NULL) + if (bp_ctx[testnum][m][n][j] == NULL) goto end; if (!BP_RANGE_PROOF_prove(bp_ctx[testnum][m][n][j], bp_proof[testnum][m][n])) { diff --git a/crypto/ec/ec_elgamal_crypt.c b/crypto/ec/ec_elgamal_crypt.c index 6661e8bff..a237ee496 100644 --- a/crypto/ec/ec_elgamal_crypt.c +++ b/crypto/ec/ec_elgamal_crypt.c @@ -92,7 +92,8 @@ EC_ELGAMAL_CTX *EC_ELGAMAL_CTX_new(EC_KEY *key, const EC_POINT *h, int32_t flag) } #endif - EC_KEY_up_ref(key); + if (!EC_KEY_up_ref(key)) + goto err; ctx->key = key; ctx->flag = flag; diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c index 7a55c7ab9..1bda151e6 100644 --- a/crypto/encode_decode/encoder_lib.c +++ b/crypto/encode_decode/encoder_lib.c @@ -543,7 +543,7 @@ static int encoder_process(struct encoder_process_data_st *data) /* Preparations */ switch (ok) { - case 0: + default: break; case -1: /* diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c index 53acd22c0..fae32a824 100644 --- a/crypto/mem_sec.c +++ b/crypto/mem_sec.c @@ -223,11 +223,17 @@ int CRYPTO_secure_allocated(const void *ptr) size_t CRYPTO_secure_used(void) { + size_t ret = 0; + #ifndef OPENSSL_NO_SECURE_MEMORY - return secure_mem_used; -#else - return 0; + if (!CRYPTO_THREAD_read_lock(sec_malloc_lock)) + return 0; + + ret = secure_mem_used; + + CRYPTO_THREAD_unlock(sec_malloc_lock); #endif /* OPENSSL_NO_SECURE_MEMORY */ + return ret; } size_t CRYPTO_secure_actual_size(void *ptr) diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 0c439ed6c..7d0b44761 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -639,7 +639,7 @@ int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, if (!ossl_provider_up_ref(actualtmp)) { ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); actualtmp = NULL; - goto err; + return 0; } *actualprov = actualtmp; } @@ -663,8 +663,6 @@ int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, err: CRYPTO_THREAD_unlock(store->lock); - if (actualprov != NULL) - ossl_provider_free(*actualprov); return 0; } diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index c5ace03cf..ec21f2219 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -284,11 +284,13 @@ int X509_STORE_copy(X509_STORE *dest, const X509_STORE *src) for (i = 0; i < num; i++) { obj = sk_X509_OBJECT_value(src->objs, i); if (obj->type == X509_LU_X509) { - X509_STORE_add_cert(dest, obj->data.x509); + if (!X509_STORE_add_cert(dest, obj->data.x509)) + return 0; } else if (obj->type == X509_LU_CRL) { - X509_STORE_add_crl(dest, obj->data.crl); + if (!X509_STORE_add_crl(dest, obj->data.crl)) + return 0; } else { - /* abort(); */ + return 0; } } } diff --git a/crypto/zkp/bulletproofs/bulletproofs_encode.c b/crypto/zkp/bulletproofs/bulletproofs_encode.c index a208ef26a..2805e3973 100644 --- a/crypto/zkp/bulletproofs/bulletproofs_encode.c +++ b/crypto/zkp/bulletproofs/bulletproofs_encode.c @@ -842,7 +842,7 @@ BP_RANGE_PROOF *BP_RANGE_PROOF_decode(const unsigned char *in, size_t size) proof->T2 = sk_EC_POINT_value(sk_point, 3); sk_bn = zkp_stack_of_bignum_decode(p, &len, bn_len); - if (sk_point == NULL) + if (sk_bn == NULL) goto err; p += len; @@ -1114,7 +1114,7 @@ BP_R1CS_PROOF *BP_R1CS_PROOF_decode(const unsigned char *in, size_t size) #endif sk_bn = zkp_stack_of_bignum_decode(p, &len, bn_len); - if (sk_point == NULL) + if (sk_bn == NULL) goto err; p += len; diff --git a/crypto/zkp/bulletproofs/inner_product.c b/crypto/zkp/bulletproofs/inner_product.c index fabbb44ff..841d151e3 100644 --- a/crypto/zkp/bulletproofs/inner_product.c +++ b/crypto/zkp/bulletproofs/inner_product.c @@ -172,6 +172,7 @@ bp_inner_product_proof_t *bp_inner_product_proof_new(bp_inner_product_ctx_t *ctx if (ctx == NULL || ctx->pp == NULL) { ERR_raise(ERR_LIB_ZKP_BP, ERR_R_PASSED_NULL_PARAMETER); + return NULL; } n = sk_EC_POINT_num(ctx->pp->sk_G); @@ -531,7 +532,7 @@ int bp_inner_product_proof_verify(bp_inner_product_ctx_t *ctx, proof_num = sk_EC_POINT_num(proof->sk_L); n = 2 * proof_num + 2 * pp_num + 1; - if (!(vec_x = OPENSSL_zalloc(proof_num * sizeof(*vec_x))) + if (proof_num < 0 || !(vec_x = OPENSSL_zalloc(proof_num * sizeof(*vec_x))) || !(vec_x_inv = OPENSSL_zalloc(proof_num * sizeof(*vec_x_inv)))) { ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE); goto end; diff --git a/crypto/zkp/bulletproofs/r1cs.c b/crypto/zkp/bulletproofs/r1cs.c index 20ebbabac..6f41c0f63 100644 --- a/crypto/zkp/bulletproofs/r1cs.c +++ b/crypto/zkp/bulletproofs/r1cs.c @@ -836,7 +836,8 @@ int BP_R1CS_PROOF_verify(BP_R1CS_CTX *ctx, BP_R1CS_PROOF *proof) v_n = sk_BP_VARIABLE_num(witness->sk_V); lg_n = sk_EC_POINT_num(ip_proof->sk_L); - if (padded_n != 1 << lg_n) { + if (lg_n < 0 || (lg_n >= (int)sizeof(int) * 8) + || ((unsigned int)padded_n != 1U << lg_n)) { ERR_raise(ERR_LIB_ZKP_BP, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } diff --git a/crypto/zkp/bulletproofs/r1cs_linear_combination.c b/crypto/zkp/bulletproofs/r1cs_linear_combination.c index f43490293..67b8e8b33 100644 --- a/crypto/zkp/bulletproofs/r1cs_linear_combination.c +++ b/crypto/zkp/bulletproofs/r1cs_linear_combination.c @@ -210,7 +210,8 @@ BP_R1CS_LINEAR_COMBINATION *BP_R1CS_LINEAR_COMBINATION_dup(const BP_R1CS_LINEAR_ if (item_dup == NULL) goto err; - sk_BP_R1CS_LINEAR_COMBINATION_ITEM_push(ret->items, item_dup); + if (sk_BP_R1CS_LINEAR_COMBINATION_ITEM_push(ret->items, item_dup) <= 0) + goto err; } ret->type = lc->type; @@ -427,12 +428,12 @@ int BP_R1CS_LINEAR_COMBINATION_raw_mul(BP_R1CS_LINEAR_COMBINATION **output, BN_CTX_free(bn_ctx); return 1; err: - if (output == NULL) - output = NULL; - if (left == NULL) - left = NULL; - if (right == NULL) - right = NULL; + if (output != NULL) + *output = NULL; + if (left != NULL) + *left = NULL; + if (right != NULL) + *right = NULL; BP_R1CS_LINEAR_COMBINATION_free(llc); BP_R1CS_LINEAR_COMBINATION_free(rlc); diff --git a/crypto/zkp/nizk/nizk_encode.c b/crypto/zkp/nizk/nizk_encode.c index d6ec1ba17..9f6015f77 100644 --- a/crypto/zkp/nizk/nizk_encode.c +++ b/crypto/zkp/nizk/nizk_encode.c @@ -493,7 +493,7 @@ NIZK_PLAINTEXT_KNOWLEDGE_PROOF *NIZK_PLAINTEXT_KNOWLEDGE_PROOF_decode(const unsi proof->B = sk_EC_POINT_value(sk_point, 1); sk_bn = zkp_stack_of_bignum_decode(p, &len, bn_len); - if (sk_point == NULL) + if (sk_bn == NULL) goto err; p += len; @@ -892,7 +892,7 @@ NIZK_DLOG_KNOWLEDGE_PROOF *NIZK_DLOG_KNOWLEDGE_PROOF_decode(const unsigned char proof->A = sk_EC_POINT_value(sk_point, 0); sk_bn = zkp_stack_of_bignum_decode(p, &len, bn_len); - if (sk_point == NULL) + if (sk_bn == NULL) goto err; p += len; @@ -1092,7 +1092,7 @@ NIZK_DLOG_EQUALITY_PROOF *NIZK_DLOG_EQUALITY_PROOF_decode(const unsigned char *i proof->A2 = sk_EC_POINT_value(sk_point, 1); sk_bn = zkp_stack_of_bignum_decode(p, &len, bn_len); - if (sk_point == NULL) + if (sk_bn == NULL) goto err; p += len; diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c index ef10b1e8e..3c71c9afc 100644 --- a/providers/implementations/rands/drbg.c +++ b/providers/implementations/rands/drbg.c @@ -477,11 +477,9 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, if (!drbg->instantiate(drbg, entropy, entropylen, nonce, noncelen, pers, perslen)) { - cleanup_entropy(drbg, entropy, entropylen); ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_INSTANTIATING_DRBG); goto end; } - cleanup_entropy(drbg, entropy, entropylen); drbg->state = EVP_RAND_STATE_READY; drbg->generate_counter = 1; @@ -489,6 +487,8 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter); end: + if (entropy != NULL) + cleanup_entropy(drbg, entropy, entropylen); if (nonce != NULL) ossl_prov_cleanup_nonce(drbg->provctx, nonce, noncelen); if (drbg->state == EVP_RAND_STATE_READY) diff --git a/ssl/ssl_dc.c b/ssl/ssl_dc.c index d65bcc739..52ba02ea7 100644 --- a/ssl/ssl_dc.c +++ b/ssl/ssl_dc.c @@ -199,6 +199,10 @@ int SSL_verify_delegated_credential_signature(X509 *parent_cert, parent_cert_raw_index = parent_cert_raw; parent_cert_len = i2d_X509_AUX(parent_cert, &parent_cert_raw_index); + if (parent_cert_len <= 0) { + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); + goto err; + } if (!ssl_dc_tbs_data(parent_cert_raw, parent_cert_len, dc, is_server, &tbs, &tbs_len)) { @@ -269,19 +273,25 @@ int DC_sign(DELEGATED_CREDENTIAL *dc, EVP_PKEY *dc_pkey, if (!DC_check_parent_cert_valid(ee_cert)) goto end; - dc_pkey_raw_len = i2d_PUBKEY(dc_pkey, NULL); - if (dc_pkey_raw_len <= 0) { + ret = i2d_PUBKEY(dc_pkey, NULL); + if (ret <= 0) { ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); goto end; } - if ((dc_pkey_raw = OPENSSL_malloc(dc_pkey_raw_len)) == NULL) { + if ((dc_pkey_raw = OPENSSL_malloc(ret)) == NULL) { ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto end; } dc_pkey_raw_index = dc_pkey_raw; - dc_pkey_raw_len = i2d_PUBKEY(dc_pkey, &dc_pkey_raw_index); + ret = i2d_PUBKEY(dc_pkey, &dc_pkey_raw_index); + if (ret <= 0) { + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); + goto end; + } + + dc_pkey_raw_len = ret; dc_verify_lu = ssl_sigalg_lookup_by_pkey_and_hash(dc_pkey, expect_verify_hash, 1); diff --git a/ssl/statem_ntls/ntls_extensions.c b/ssl/statem_ntls/ntls_extensions.c index cf5b3b393..1442bcef0 100644 --- a/ssl/statem_ntls/ntls_extensions.c +++ b/ssl/statem_ntls/ntls_extensions.c @@ -934,19 +934,9 @@ static int init_alpn(SSL *s, unsigned int context) static int final_alpn(SSL *s, unsigned int context, int sent) { if (!s->server && !sent && s->session->ext.alpn_selected != NULL) - s->ext.early_data_ok = 0; - return 1; + s->ext.early_data_ok = 0; - /* - * Call alpn_select callback if needed. Has to be done after SNI and - * cipher negotiation (HTTP/2 restricts permitted ciphers). In TLSv1.3 - * we also have to do this before we decide whether to accept early_data. - * In TLSv1.3 we've already negotiated our cipher so we do this call now. - * For < TLSv1.3 we defer it until after cipher negotiation. - * - * On failure SSLfatal_ntls() already called. - */ - return tls_handle_alpn_ntls(s); + return 1; } static int init_sig_algs(SSL *s, unsigned int context) diff --git a/ssl/statem_ntls/ntls_statem_clnt.c b/ssl/statem_ntls/ntls_statem_clnt.c index cc4be6f41..60580cb1e 100644 --- a/ssl/statem_ntls/ntls_statem_clnt.c +++ b/ssl/statem_ntls/ntls_statem_clnt.c @@ -1414,9 +1414,11 @@ WORK_STATE tls_post_process_server_certificate_ntls(SSL *s, WORK_STATE wst) } } - X509_free(s->session->peer); - X509_up_ref(x); - s->session->peer = x; + if (x) { + X509_free(s->session->peer); + s->session->peer = x; + X509_up_ref(x); + } s->session->verify_result = s->verify_result; return WORK_FINISHED_CONTINUE; diff --git a/ssl/statem_ntls/ntls_statem_lib.c b/ssl/statem_ntls/ntls_statem_lib.c index e48e2874c..e28107215 100644 --- a/ssl/statem_ntls/ntls_statem_lib.c +++ b/ssl/statem_ntls/ntls_statem_lib.c @@ -165,15 +165,14 @@ int tls_setup_handshake_ntls(SSL *s) static int get_cert_verify_tbs_data_ntls(SSL *s, void **hdata, size_t *hdatalen) { - size_t retlen; long retlen_l; - retlen = retlen_l = BIO_get_mem_data(s->s3.handshake_buffer, hdata); + retlen_l = BIO_get_mem_data(s->s3.handshake_buffer, hdata); if (retlen_l <= 0) { SSLfatal_ntls(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return 0; } - *hdatalen = retlen; + *hdatalen = retlen_l; return 1; }