generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure all EVP calls have their returns checked where appropriate

Browse Source 
There are lots of calls to EVP functions from within libssl There were
various places where we should probably check the return value but don't.
This adds these checks.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell
2015-11-06 16:31:21 +00:00
parent cb70eede8b
commit 56d9134675
12 changed files with 270 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
ssl/s3_srvr.c
View File

@@ -1949,14 +1949,22 @@ int ssl3_send_server_key_exchange(SSL *s)
for (num = 2; num > 0; num--) {
EVP_MD_CTX_set_flags(&md_ctx,
EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_DigestInit_ex(&md_ctx, (num == 2)
? s->ctx->md5 : s->ctx->sha1, NULL);
EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx, d, n);
EVP_DigestFinal_ex(&md_ctx, q, (unsigned int *)&i);
if (EVP_DigestInit_ex(&md_ctx,
(num == 2) ? s->ctx->md5
: s->ctx->sha1,
NULL) <= 0
|| EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_DigestUpdate(&md_ctx, d, n) <= 0
|| EVP_DigestFinal_ex(&md_ctx, q,
(unsigned int *)&i) <= 0) {
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
ERR_LIB_EVP);
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
}
q += i;
j += i;
}
@@ -1984,16 +1992,17 @@ int ssl3_send_server_key_exchange(SSL *s)
#ifdef SSL_DEBUG
fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
#endif
EVP_SignInit_ex(&md_ctx, md, NULL);
EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE);
EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE);
EVP_SignUpdate(&md_ctx, d, n);
if (!EVP_SignFinal(&md_ctx, &(p[2]),
(unsigned int *)&i, pkey)) {
if (EVP_SignInit_ex(&md_ctx, md, NULL) <= 0
|| EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_SignUpdate(&md_ctx, d, n) <= 0
|| EVP_SignFinal(&md_ctx, &(p[2]),
(unsigned int *)&i, pkey) <= 0) {
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
goto err;
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
}
s2n(i, p);
n += i + 2;
@@ -2871,7 +2880,10 @@ int ssl3_get_client_key_exchange(SSL *s)
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
goto f_err;
}
EVP_PKEY_decrypt_init(pkey_ctx);
if (EVP_PKEY_decrypt_init(pkey_ctx) <= 0) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
goto gerr;
}
/*
* If client certificate is present and is of the same type, maybe
* use it for key exchange. Don't mind errors from
@@ -3108,7 +3120,12 @@ int ssl3_get_cert_verify(SSL *s)
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
goto f_err;
}
EVP_PKEY_verify_init(pctx);
if (EVP_PKEY_verify_init(pctx) <= 0) {
EVP_PKEY_CTX_free(pctx);
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
goto f_err;
}
if (i != 64) {
fprintf(stderr, "GOST signature length is %d", i);
}