diff options
author | Jonas Maebe <jonas.maebe@elis.ugent.be> | 2013-12-08 22:53:29 +0100 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2014-08-17 18:56:52 +0200 |
commit | defe438d472bbef4d2bc5e4893560bc4eae43760 (patch) | |
tree | 7fd4140c6ecda987eb01c9029a58cfb114ddfb0d /engines | |
parent | 94c0a987c77d88d98d45ae8f52c568f6f7448ce3 (diff) | |
download | openssl-defe438d472bbef4d2bc5e4893560bc4eae43760.tar.gz |
pub_decode_gost94, pub_decode_gost01: check for NULL after allocating databuf pub_encode_gost94, pub_encode_gost01: check for NULL after allocating databuf and octet
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'engines')
-rw-r--r-- | engines/ccgost/e_gost_err.h | 1 | ||||
-rw-r--r-- | engines/ccgost/gost_ameth.c | 37 |
2 files changed, 38 insertions, 0 deletions
diff --git a/engines/ccgost/e_gost_err.h b/engines/ccgost/e_gost_err.h index 6dc500079d..6049e300a3 100644 --- a/engines/ccgost/e_gost_err.h +++ b/engines/ccgost/e_gost_err.h @@ -111,6 +111,7 @@ void ERR_GOST_error(int function, int reason, char *file, int line); #define GOST_F_PUB_DECODE_GOST01 133 #define GOST_F_PUB_DECODE_GOST94 134 #define GOST_F_PUB_ENCODE_GOST01 135 +#define GOST_F_PUB_ENCODE_GOST94 141 #define GOST_F_UNPACK_CC_SIGNATURE 136 #define GOST_F_UNPACK_CP_SIGNATURE 137 diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c index 8b9230b9ab..f20f1a7c0b 100644 --- a/engines/ccgost/gost_ameth.c +++ b/engines/ccgost/gost_ameth.c @@ -624,6 +624,12 @@ static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub) return 0; } databuf = OPENSSL_malloc(octet->length); + if (databuf == NULL) + { + GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE); + ASN1_OCTET_STRING_free(octet); + return 0; + } for (i=0,j=octet->length-1;i<octet->length;i++,j--) { databuf[j]=octet->data[i]; @@ -655,8 +661,19 @@ static int pub_encode_gost94(X509_PUBKEY *pub,const EVP_PKEY *pk) } data_len = BN_num_bytes(dsa->pub_key); databuf = OPENSSL_malloc(data_len); + if (databuf == NULL) + { + GOSTerr(GOST_F_PUB_ENCODE_GOST94,ERR_R_MALLOC_FAILURE); + return 0; + } BN_bn2bin(dsa->pub_key,databuf); octet = ASN1_OCTET_STRING_new(); + if (octet == NULL) + { + GOSTerr(GOST_F_PUB_ENCODE_GOST94,ERR_R_MALLOC_FAILURE); + OPENSSL_free(databuf); + return 0; + } ASN1_STRING_set(octet,NULL,data_len); sptr = ASN1_STRING_data(octet); for (i=0,j=data_len-1; i< data_len;i++,j--) @@ -695,6 +712,12 @@ static int pub_decode_gost01(EVP_PKEY *pk,X509_PUBKEY *pub) return 0; } databuf = OPENSSL_malloc(octet->length); + if (databuf == NULL) + { + GOSTerr(GOST_F_PUB_DECODE_GOST01,ERR_R_MALLOC_FAILURE); + ASN1_OCTET_STRING_free(octet); + return 0; + } for (i=0,j=octet->length-1;i<octet->length;i++,j--) { databuf[j]=octet->data[i]; @@ -756,6 +779,7 @@ static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk) { GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED); + BN_free(order); return 0; } X=BN_new(); @@ -765,6 +789,13 @@ static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk) data_len = 2*BN_num_bytes(order); BN_free(order); databuf = OPENSSL_malloc(data_len); + if (databuf == NULL) + { + GOSTerr(GOST_F_PUB_ENCODE_GOST01,ERR_R_MALLOC_FAILURE); + BN_free(X); + BN_free(Y); + return 0; + } memset(databuf,0,data_len); store_bignum(X,databuf+data_len/2,data_len/2); @@ -773,6 +804,12 @@ static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk) BN_free(X); BN_free(Y); octet = ASN1_OCTET_STRING_new(); + if (octet == NULL) + { + GOSTerr(GOST_F_PUB_ENCODE_GOST01,ERR_R_MALLOC_FAILURE); + OPENSSL_free(databuf); + return 0; + } ASN1_STRING_set(octet,NULL,data_len); sptr=ASN1_STRING_data(octet); for (i=0,j=data_len-1;i<data_len;i++,j--) |