generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

pub_decode_gost94, pub_decode_gost01: check for NULL after allocating databuf pub_encode_gost94, pub_encode_gost01: check for NULL after allocating databuf and octet

Browse Source 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Jonas Maebe 2013-12-08 22:53:29 +01:00 committed by Kurt Roeckx
parent 94c0a987c7
commit defe438d47
2 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
engines/ccgost/e_gost_err.h
View File

@ -111,6 +111,7 @@ void ERR_GOST_error(int function, int reason, char *file, int line);
#define GOST_F_PUB_DECODE_GOST01 133 #define GOST_F_PUB_DECODE_GOST01 133
#define GOST_F_PUB_DECODE_GOST94 134 #define GOST_F_PUB_DECODE_GOST94 134
#define GOST_F_PUB_ENCODE_GOST01 135 #define GOST_F_PUB_ENCODE_GOST01 135
#define GOST_F_PUB_ENCODE_GOST94 141
#define GOST_F_UNPACK_CC_SIGNATURE 136 #define GOST_F_UNPACK_CC_SIGNATURE 136
#define GOST_F_UNPACK_CP_SIGNATURE 137 #define GOST_F_UNPACK_CP_SIGNATURE 137

37
engines/ccgost/gost_ameth.c
View File

@ -624,6 +624,12 @@ static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub)
return 0; return 0;
} }
databuf = OPENSSL_malloc(octet->length); databuf = OPENSSL_malloc(octet->length);
if (databuf == NULL)
{
GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE);
ASN1_OCTET_STRING_free(octet);
return 0;
}
for (i=0,j=octet->length-1;i<octet->length;i++,j--) for (i=0,j=octet->length-1;i<octet->length;i++,j--)
{ {
databuf[j]=octet->data[i]; databuf[j]=octet->data[i];
@ -655,8 +661,19 @@ static int pub_encode_gost94(X509_PUBKEY *pub,const EVP_PKEY *pk)
} }
data_len = BN_num_bytes(dsa->pub_key); data_len = BN_num_bytes(dsa->pub_key);
databuf = OPENSSL_malloc(data_len); databuf = OPENSSL_malloc(data_len);
if (databuf == NULL)
{
GOSTerr(GOST_F_PUB_ENCODE_GOST94,ERR_R_MALLOC_FAILURE);
return 0;
}
BN_bn2bin(dsa->pub_key,databuf); BN_bn2bin(dsa->pub_key,databuf);
octet = ASN1_OCTET_STRING_new(); octet = ASN1_OCTET_STRING_new();
if (octet == NULL)
{
GOSTerr(GOST_F_PUB_ENCODE_GOST94,ERR_R_MALLOC_FAILURE);
OPENSSL_free(databuf);
return 0;
}
ASN1_STRING_set(octet,NULL,data_len); ASN1_STRING_set(octet,NULL,data_len);
sptr = ASN1_STRING_data(octet); sptr = ASN1_STRING_data(octet);
for (i=0,j=data_len-1; i< data_len;i++,j--) for (i=0,j=data_len-1; i< data_len;i++,j--)
@ -695,6 +712,12 @@ static int pub_decode_gost01(EVP_PKEY *pk,X509_PUBKEY *pub)
return 0; return 0;
} }
databuf = OPENSSL_malloc(octet->length); databuf = OPENSSL_malloc(octet->length);
if (databuf == NULL)
{
GOSTerr(GOST_F_PUB_DECODE_GOST01,ERR_R_MALLOC_FAILURE);
ASN1_OCTET_STRING_free(octet);
return 0;
}
for (i=0,j=octet->length-1;i<octet->length;i++,j--) for (i=0,j=octet->length-1;i<octet->length;i++,j--)
{ {
databuf[j]=octet->data[i]; databuf[j]=octet->data[i];
@ -756,6 +779,7 @@ static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk)
{ {
GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOSTerr(GOST_F_PUB_ENCODE_GOST01,
GOST_R_PUBLIC_KEY_UNDEFINED); GOST_R_PUBLIC_KEY_UNDEFINED);
BN_free(order);
return 0; return 0;
} }
X=BN_new(); X=BN_new();
@ -765,6 +789,13 @@ static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk)
data_len = 2*BN_num_bytes(order); data_len = 2*BN_num_bytes(order);
BN_free(order); BN_free(order);
databuf = OPENSSL_malloc(data_len); databuf = OPENSSL_malloc(data_len);
if (databuf == NULL)
{
GOSTerr(GOST_F_PUB_ENCODE_GOST01,ERR_R_MALLOC_FAILURE);
BN_free(X);
BN_free(Y);
return 0;
}
memset(databuf,0,data_len); memset(databuf,0,data_len);
store_bignum(X,databuf+data_len/2,data_len/2); store_bignum(X,databuf+data_len/2,data_len/2);
@ -773,6 +804,12 @@ static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk)
BN_free(X); BN_free(X);
BN_free(Y); BN_free(Y);
octet = ASN1_OCTET_STRING_new(); octet = ASN1_OCTET_STRING_new();
if (octet == NULL)
{
GOSTerr(GOST_F_PUB_ENCODE_GOST01,ERR_R_MALLOC_FAILURE);
OPENSSL_free(databuf);
return 0;
}
ASN1_STRING_set(octet,NULL,data_len); ASN1_STRING_set(octet,NULL,data_len);
sptr=ASN1_STRING_data(octet); sptr=ASN1_STRING_data(octet);
for (i=0,j=data_len-1;i<data_len;i++,j--) for (i=0,j=data_len-1;i<data_len;i++,j--)