generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix misc NULL derefs in sureware engine

Browse Source 
Fix miscellaneous NULL pointer derefs in the sureware engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 7b611e5fe8eaac9512f72094c460f3ed6040076a)
This commit is contained in:
Matt Caswell 2015-03-13 15:04:54 +00:00
parent 32d3b0f52f
commit 96d9674646
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
engines/e_sureware.c
View File

@ -712,10 +712,12 @@ static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
/* set public big nums */
rsatmp->e = BN_new();
rsatmp->n = BN_new();
if(!rsatmp->e || !rsatmp->n)
goto err;
bn_expand2(rsatmp->e, el / sizeof(BN_ULONG));
bn_expand2(rsatmp->n, el / sizeof(BN_ULONG));
if (!rsatmp->e || rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
!rsatmp->n || rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
if (rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
goto err;
ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el,
(unsigned long *)rsatmp->n->d,
@ -752,15 +754,16 @@ static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
dsatmp->p = BN_new();
dsatmp->q = BN_new();
dsatmp->g = BN_new();
if(!dsatmp->pub_key || !dsatmp->p || !dsatmp->q || !dsatmp->g)
goto err;
bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG));
bn_expand2(dsatmp->p, el / sizeof(BN_ULONG));
bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG));
bn_expand2(dsatmp->g, el / sizeof(BN_ULONG));
if (!dsatmp->pub_key
|| dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
|| !dsatmp->p || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
|| !dsatmp->q || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
|| !dsatmp->g || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
if (dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
|| dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
|| dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
|| dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
goto err;
ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el,
@ -1038,10 +1041,12 @@ static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen,
}
psign->r = BN_new();
psign->s = BN_new();
if(!psign->r || !psign->s)
goto err;
bn_expand2(psign->r, 20 / sizeof(BN_ULONG));
bn_expand2(psign->s, 20 / sizeof(BN_ULONG));
if (!psign->r || psign->r->dmax != 20 / sizeof(BN_ULONG) ||
!psign->s || psign->s->dmax != 20 / sizeof(BN_ULONG))
if (psign->r->dmax != 20 / sizeof(BN_ULONG) ||
psign->s->dmax != 20 / sizeof(BN_ULONG))
goto err;
ret = p_surewarehk_Dsa_Sign(msg, flen, from,
(unsigned long *)psign->r->d,
@ -1070,9 +1075,9 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
char msg[64] = "ENGINE_modexp";
if (!p_surewarehk_Mod_Exp) {
SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED);
} else {
} else if (r) {
bn_expand2(r, m->top);
if (r && r->dmax == m->top) {
if (r->dmax == m->top) {
/* do it */
ret = p_surewarehk_Mod_Exp(msg,
m->top * sizeof(BN_ULONG),