diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-09-23 23:43:49 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-09-23 23:43:49 +0000 |
commit | b6dcdbfc94c482f6c15ba725754fc9e827e41851 (patch) | |
tree | 9fec84d4564530bc97b42d56e01a64abb96adac3 /crypto/pkcs12 | |
parent | cd4f7cddc7994d23d48b86cf638541c6e2310c2d (diff) | |
download | openssl-b6dcdbfc94c482f6c15ba725754fc9e827e41851.tar.gz |
Audit libcrypto for unchecked return values: fix all cases enountered
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r-- | crypto/pkcs12/p12_decr.c | 10 | ||||
-rw-r--r-- | crypto/pkcs12/p12_key.c | 19 | ||||
-rw-r--r-- | crypto/pkcs12/p12_mutl.c | 12 |
3 files changed, 29 insertions, 12 deletions
diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index ba77dbbe32..5dcb55b16b 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -89,7 +89,15 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, goto err; } - EVP_CipherUpdate(&ctx, out, &i, in, inlen); + if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) + { + OPENSSL_free(out); + out = NULL; + PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_EVP_LIB); + goto err; + } + outlen += i; + outlen = i; if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) { OPENSSL_free(out); diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index a29794bbbc..705050ec4c 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -153,14 +153,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen]; for (i = 0; i < Plen; i++) *p++ = pass[i % passlen]; for (;;) { - EVP_DigestInit_ex(&ctx, md_type, NULL); - EVP_DigestUpdate(&ctx, D, v); - EVP_DigestUpdate(&ctx, I, Ilen); - EVP_DigestFinal_ex(&ctx, Ai, NULL); + if (!EVP_DigestInit_ex(&ctx, md_type, NULL) + || !EVP_DigestUpdate(&ctx, D, v) + || !EVP_DigestUpdate(&ctx, I, Ilen) + || !EVP_DigestFinal_ex(&ctx, Ai, NULL)) + goto err; for (j = 1; j < iter; j++) { - EVP_DigestInit_ex(&ctx, md_type, NULL); - EVP_DigestUpdate(&ctx, Ai, u); - EVP_DigestFinal_ex(&ctx, Ai, NULL); + if (!EVP_DigestInit_ex(&ctx, md_type, NULL) + || !EVP_DigestUpdate(&ctx, Ai, u) + || !EVP_DigestFinal_ex(&ctx, Ai, NULL)) + goto err; } memcpy (out, Ai, min (n, u)); if (u >= n) { @@ -201,6 +203,9 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, } else BN_bn2bin (Ij, I + j); } } + err: + EVP_MD_CTX_cleanup(&ctx); + return 0; } #ifdef DEBUG_KEYGEN void h__dump (unsigned char *p, int len) diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 9ab740d51f..96de1bd11e 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -97,10 +97,14 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, return 0; } HMAC_CTX_init(&hmac); - HMAC_Init_ex(&hmac, key, md_size, md_type, NULL); - HMAC_Update(&hmac, p12->authsafes->d.data->data, - p12->authsafes->d.data->length); - HMAC_Final(&hmac, mac, maclen); + if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL) + || !HMAC_Update(&hmac, p12->authsafes->d.data->data, + p12->authsafes->d.data->length) + || !HMAC_Final(&hmac, mac, maclen)) + { + HMAC_CTX_cleanup(&hmac); + return 0; + } HMAC_CTX_cleanup(&hmac); return 1; } |