summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormiod <>2014-10-28 05:46:56 +0000
committermiod <>2014-10-28 05:46:56 +0000
commit41c028be1988ad160ef2fa6feca4441bb4bca17d (patch)
treee5031b50fe250a2c5c8752bd1c08d24591108740
parent77608e1e83f23ad41247b5fe52616f87439bb30f (diff)
downloadopenbsd-41c028be1988ad160ef2fa6feca4441bb4bca17d.tar.gz
openbsd-41c028be1988ad160ef2fa6feca4441bb4bca17d.tar.bz2
openbsd-41c028be1988ad160ef2fa6feca4441bb4bca17d.zip
Check the result of sk_*_push() operations for failure.
ok doug@ jsing@
Diffstat
-rw-r--r--src/lib/libcrypto/asn1/a_strnid.c12
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c12
-rw-r--r--src/lib/libcrypto/objects/o_names.c8
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_ext.c7
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_attr.c34
-rw-r--r--src/lib/libcrypto/store/str_mem.c8
-rw-r--r--src/lib/libcrypto/ts/ts_conf.c11
-rw-r--r--src/lib/libcrypto/x509v3/v3_alt.c27
-rw-r--r--src/lib/libcrypto/x509v3/v3_extku.c10
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_strnid.c12
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_pbe.c12
-rw-r--r--src/lib/libssl/src/crypto/objects/o_names.c8
-rw-r--r--src/lib/libssl/src/crypto/ocsp/ocsp_ext.c7
-rw-r--r--src/lib/libssl/src/crypto/pkcs7/pk7_attr.c34
-rw-r--r--src/lib/libssl/src/crypto/store/str_mem.c8
-rw-r--r--src/lib/libssl/src/crypto/ts/ts_conf.c11
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_alt.c27
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_extku.c10
18 files changed, 170 insertions, 88 deletions
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c
index be28885363..4da45c537e 100644
--- a/src/lib/libcrypto/asn1/a_strnid.c
+++ b/src/lib/libcrypto/asn1/a_strnid.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_strnid.c,v 1.17 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_strnid.c,v 1.18 2014/10/28 05:46:55 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -261,8 +261,14 @@ ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize, unsigned long mask,
261 if (maxsize != -1) 261 if (maxsize != -1)
262 tmp->maxsize = maxsize; 262 tmp->maxsize = maxsize;
263 tmp->mask = mask; 263 tmp->mask = mask;
264 if (new_nid) 264 if (new_nid) {
265 sk_ASN1_STRING_TABLE_push(stable, tmp); 265 if (sk_ASN1_STRING_TABLE_push(stable, tmp) == 0) {
266 free(tmp);
267 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
268 ERR_R_MALLOC_FAILURE);
269 return 0;
270 }
271 }
266 return 1; 272 return 1;
267} 273}
268 274
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index fcfc43d578..ac593549e5 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_pbe.c,v 1.21 2014/07/11 14:16:10 miod Exp $ */ 1/* $OpenBSD: evp_pbe.c,v 1.22 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -130,7 +130,7 @@ EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
130 char obj_tmp[80]; 130 char obj_tmp[80];
131 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM); 131 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
132 if (!pbe_obj) 132 if (!pbe_obj)
133 strlcpy (obj_tmp, "NULL", sizeof obj_tmp); 133 strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
134 else 134 else
135 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); 135 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
136 ERR_asprintf_error_data("TYPE=%s", obj_tmp); 136 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
@@ -205,7 +205,7 @@ EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
205 205
206 if (!pbe_algs) 206 if (!pbe_algs)
207 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); 207 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
208 if (!(pbe_tmp = (EVP_PBE_CTL*) malloc (sizeof(EVP_PBE_CTL)))) { 208 if (!(pbe_tmp = (EVP_PBE_CTL*)malloc(sizeof(EVP_PBE_CTL)))) {
209 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE); 209 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
210 return 0; 210 return 0;
211 } 211 }
@@ -215,7 +215,11 @@ EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
215 pbe_tmp->md_nid = md_nid; 215 pbe_tmp->md_nid = md_nid;
216 pbe_tmp->keygen = keygen; 216 pbe_tmp->keygen = keygen;
217 217
218 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp); 218 if (sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp) == 0) {
219 free(pbe_tmp);
220 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
221 return 0;
222 }
219 return 1; 223 return 1;
220} 224}
221 225
diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c
index 68458a282c..9fa5824890 100644
--- a/src/lib/libcrypto/objects/o_names.c
+++ b/src/lib/libcrypto/objects/o_names.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: o_names.c,v 1.18 2014/06/12 15:49:30 deraadt Exp $ */ 1/* $OpenBSD: o_names.c,v 1.19 2014/10/28 05:46:56 miod Exp $ */
2#include <stdio.h> 2#include <stdio.h>
3#include <stdlib.h> 3#include <stdlib.h>
4#include <string.h> 4#include <string.h>
@@ -74,7 +74,11 @@ OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
74 name_funcs->hash_func = lh_strhash; 74 name_funcs->hash_func = lh_strhash;
75 name_funcs->cmp_func = strcmp; 75 name_funcs->cmp_func = strcmp;
76 name_funcs->free_func = NULL; 76 name_funcs->free_func = NULL;
77 sk_NAME_FUNCS_push(name_funcs_stack, name_funcs); 77 if (sk_NAME_FUNCS_push(name_funcs_stack, name_funcs) == 0) {
78 free(name_funcs);
79 OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
80 return (0);
81 }
78 } 82 }
79 name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret); 83 name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
80 if (hash_func != NULL) 84 if (hash_func != NULL)
diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c
index 6318e1718b..7e69ad4fe0 100644
--- a/src/lib/libcrypto/ocsp/ocsp_ext.c
+++ b/src/lib/libcrypto/ocsp/ocsp_ext.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ocsp_ext.c,v 1.12 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: ocsp_ext.c,v 1.13 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL 2/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
3 * project. */ 3 * project. */
4 4
@@ -526,7 +526,10 @@ OCSP_accept_responses_new(char **oids)
526 while (oids && *oids) { 526 while (oids && *oids) {
527 if ((nid = OBJ_txt2nid(*oids)) != NID_undef && 527 if ((nid = OBJ_txt2nid(*oids)) != NID_undef &&
528 (o = OBJ_nid2obj(nid))) 528 (o = OBJ_nid2obj(nid)))
529 sk_ASN1_OBJECT_push(sk, o); 529 if (sk_ASN1_OBJECT_push(sk, o) == 0) {
530 sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
531 return NULL;
532 }
530 oids++; 533 oids++;
531 } 534 }
532 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk); 535 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c
index 2f4d5089f5..554a47673b 100644
--- a/src/lib/libcrypto/pkcs7/pk7_attr.c
+++ b/src/lib/libcrypto/pkcs7/pk7_attr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_attr.c,v 1.9 2014/06/29 17:05:36 jsing Exp $ */ 1/* $OpenBSD: pk7_attr.c,v 1.10 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2001. 3 * project 2001.
4 */ 4 */
@@ -107,29 +107,29 @@ PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
107 return 0; 107 return 0;
108 } 108 }
109 ASN1_OBJECT_free(alg->algorithm); 109 ASN1_OBJECT_free(alg->algorithm);
110 alg->algorithm = OBJ_nid2obj (nid); 110 alg->algorithm = OBJ_nid2obj(nid);
111 if (arg > 0) { 111 if (arg > 0) {
112 ASN1_INTEGER *nbit; 112 ASN1_INTEGER *nbit;
113 if (!(alg->parameter = ASN1_TYPE_new())) { 113
114 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, 114 if (!(alg->parameter = ASN1_TYPE_new()))
115 ERR_R_MALLOC_FAILURE); 115 goto err;
116 return 0; 116 if (!(nbit = ASN1_INTEGER_new()))
117 } 117 goto err;
118 if (!(nbit = ASN1_INTEGER_new())) { 118 if (!ASN1_INTEGER_set(nbit, arg)) {
119 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, 119 ASN1_INTEGER_free(nbit);
120 ERR_R_MALLOC_FAILURE); 120 goto err;
121 return 0;
122 }
123 if (!ASN1_INTEGER_set (nbit, arg)) {
124 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,
125 ERR_R_MALLOC_FAILURE);
126 return 0;
127 } 121 }
128 alg->parameter->value.integer = nbit; 122 alg->parameter->value.integer = nbit;
129 alg->parameter->type = V_ASN1_INTEGER; 123 alg->parameter->type = V_ASN1_INTEGER;
130 } 124 }
131 sk_X509_ALGOR_push (sk, alg); 125 if (sk_X509_ALGOR_push(sk, alg) == 0)
126 goto err;
132 return 1; 127 return 1;
128
129err:
130 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
131 X509_ALGOR_free(alg);
132 return 0;
133} 133}
134 134
135int 135int
diff --git a/src/lib/libcrypto/store/str_mem.c b/src/lib/libcrypto/store/str_mem.c
index 3f32bcb8d0..a85a8946b7 100644
--- a/src/lib/libcrypto/store/str_mem.c
+++ b/src/lib/libcrypto/store/str_mem.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: str_mem.c,v 1.9 2014/07/09 16:59:33 miod Exp $ */ 1/* $OpenBSD: str_mem.c,v 1.10 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL 2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2003. 3 * project 2003.
4 */ 4 */
@@ -250,7 +250,11 @@ mem_list_start(STORE *s, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[],
250 goto err; 250 goto err;
251 } 251 }
252 } 252 }
253 sk_STORE_ATTR_INFO_push(context->search_attributes, attrs); 253 if (sk_STORE_ATTR_INFO_push(context->search_attributes,
254 attrs) == 0) {
255 STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
256 goto err;
257 }
254 } 258 }
255 if (!STORE_parse_attrs_endp(attribute_context)) 259 if (!STORE_parse_attrs_endp(attribute_context))
256 goto err; 260 goto err;
diff --git a/src/lib/libcrypto/ts/ts_conf.c b/src/lib/libcrypto/ts/ts_conf.c
index ec033b1cfc..5266f91e63 100644
--- a/src/lib/libcrypto/ts/ts_conf.c
+++ b/src/lib/libcrypto/ts/ts_conf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ts_conf.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: ts_conf.c,v 1.8 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL 2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3 * project 2002. 3 * project 2002.
4 */ 4 */
@@ -110,7 +110,8 @@ end:
110 return x; 110 return x;
111} 111}
112 112
113STACK_OF(X509) *TS_CONF_load_certs(const char *file) 113STACK_OF(X509) *
114TS_CONF_load_certs(const char *file)
114{ 115{
115 BIO *certs = NULL; 116 BIO *certs = NULL;
116 STACK_OF(X509) *othercerts = NULL; 117 STACK_OF(X509) *othercerts = NULL;
@@ -126,7 +127,11 @@ STACK_OF(X509) *TS_CONF_load_certs(const char *file)
126 for (i = 0; i < sk_X509_INFO_num(allcerts); i++) { 127 for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
127 X509_INFO *xi = sk_X509_INFO_value(allcerts, i); 128 X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
128 if (xi->x509) { 129 if (xi->x509) {
129 sk_X509_push(othercerts, xi->x509); 130 if (sk_X509_push(othercerts, xi->x509) == 0) {
131 sk_X509_pop_free(othercerts, X509_free);
132 othercerts = NULL;
133 goto end;
134 }
130 xi->x509 = NULL; 135 xi->x509 = NULL;
131 } 136 }
132 } 137 }
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
index 7ae4b6bd97..2592288bdb 100644
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_alt.c,v 1.21 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: v3_alt.c,v 1.22 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -253,21 +253,24 @@ v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
253 CONF_VALUE *cnf; 253 CONF_VALUE *cnf;
254 int i; 254 int i;
255 255
256 if (!(gens = sk_GENERAL_NAME_new_null())) { 256 if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
257 X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE); 257 X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
258 return NULL; 258 return NULL;
259 } 259 }
260 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 260 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
261 cnf = sk_CONF_VALUE_value(nval, i); 261 cnf = sk_CONF_VALUE_value(nval, i);
262 if (!name_cmp(cnf->name, "issuer") && cnf->value && 262 if (name_cmp(cnf->name, "issuer") == 0 && cnf->value != NULL &&
263 !strcmp(cnf->value, "copy")) { 263 strcmp(cnf->value, "copy") == 0) {
264 if (!copy_issuer(ctx, gens)) 264 if (!copy_issuer(ctx, gens))
265 goto err; 265 goto err;
266 } else { 266 } else {
267 GENERAL_NAME *gen; 267 GENERAL_NAME *gen;
268 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) 268 if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
269 goto err; 269 goto err;
270 sk_GENERAL_NAME_push(gens, gen); 270 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
271 GENERAL_NAME_free(gen);
272 goto err;
273 }
271 } 274 }
272 } 275 }
273 return gens; 276 return gens;
@@ -344,7 +347,10 @@ v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
344 GENERAL_NAME *gen; 347 GENERAL_NAME *gen;
345 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) 348 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
346 goto err; 349 goto err;
347 sk_GENERAL_NAME_push(gens, gen); 350 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
351 GENERAL_NAME_free(gen);
352 goto err;
353 }
348 } 354 }
349 } 355 }
350 return gens; 356 return gens;
@@ -429,7 +435,10 @@ v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
429 cnf = sk_CONF_VALUE_value(nval, i); 435 cnf = sk_CONF_VALUE_value(nval, i);
430 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) 436 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
431 goto err; 437 goto err;
432 sk_GENERAL_NAME_push(gens, gen); 438 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
439 GENERAL_NAME_free(gen);
440 goto err;
441 }
433 } 442 }
434 return gens; 443 return gens;
435 444
@@ -537,7 +546,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
537 return gen; 546 return gen;
538 547
539err: 548err:
540 if (!out) 549 if (out == NULL)
541 GENERAL_NAME_free(gen); 550 GENERAL_NAME_free(gen);
542 return NULL; 551 return NULL;
543} 552}
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c
index 0f36a99525..a9f1d6da6e 100644
--- a/src/lib/libcrypto/x509v3/v3_extku.c
+++ b/src/lib/libcrypto/x509v3/v3_extku.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_extku.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: v3_extku.c,v 1.10 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -144,7 +144,13 @@ v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
144 X509V3_conf_err(val); 144 X509V3_conf_err(val);
145 return NULL; 145 return NULL;
146 } 146 }
147 sk_ASN1_OBJECT_push(extku, objtmp); 147 if (sk_ASN1_OBJECT_push(extku, objtmp) == 0) {
148 ASN1_OBJECT_free(objtmp);
149 sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
150 X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
151 ERR_R_MALLOC_FAILURE);
152 return NULL;
153 }
148 } 154 }
149 return extku; 155 return extku;
150} 156}
diff --git a/src/lib/libssl/src/crypto/asn1/a_strnid.c b/src/lib/libssl/src/crypto/asn1/a_strnid.c
index be28885363..4da45c537e 100644
--- a/src/lib/libssl/src/crypto/asn1/a_strnid.c
+++ b/src/lib/libssl/src/crypto/asn1/a_strnid.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_strnid.c,v 1.17 2014/07/11 08:44:47 jsing Exp $ */ 1/* $OpenBSD: a_strnid.c,v 1.18 2014/10/28 05:46:55 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -261,8 +261,14 @@ ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize, unsigned long mask,
261 if (maxsize != -1) 261 if (maxsize != -1)
262 tmp->maxsize = maxsize; 262 tmp->maxsize = maxsize;
263 tmp->mask = mask; 263 tmp->mask = mask;
264 if (new_nid) 264 if (new_nid) {
265 sk_ASN1_STRING_TABLE_push(stable, tmp); 265 if (sk_ASN1_STRING_TABLE_push(stable, tmp) == 0) {
266 free(tmp);
267 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
268 ERR_R_MALLOC_FAILURE);
269 return 0;
270 }
271 }
266 return 1; 272 return 1;
267} 273}
268 274
diff --git a/src/lib/libssl/src/crypto/evp/evp_pbe.c b/src/lib/libssl/src/crypto/evp/evp_pbe.c
index fcfc43d578..ac593549e5 100644
--- a/src/lib/libssl/src/crypto/evp/evp_pbe.c
+++ b/src/lib/libssl/src/crypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_pbe.c,v 1.21 2014/07/11 14:16:10 miod Exp $ */ 1/* $OpenBSD: evp_pbe.c,v 1.22 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -130,7 +130,7 @@ EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
130 char obj_tmp[80]; 130 char obj_tmp[80];
131 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM); 131 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
132 if (!pbe_obj) 132 if (!pbe_obj)
133 strlcpy (obj_tmp, "NULL", sizeof obj_tmp); 133 strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
134 else 134 else
135 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj); 135 i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
136 ERR_asprintf_error_data("TYPE=%s", obj_tmp); 136 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
@@ -205,7 +205,7 @@ EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
205 205
206 if (!pbe_algs) 206 if (!pbe_algs)
207 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); 207 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
208 if (!(pbe_tmp = (EVP_PBE_CTL*) malloc (sizeof(EVP_PBE_CTL)))) { 208 if (!(pbe_tmp = (EVP_PBE_CTL*)malloc(sizeof(EVP_PBE_CTL)))) {
209 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE); 209 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
210 return 0; 210 return 0;
211 } 211 }
@@ -215,7 +215,11 @@ EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
215 pbe_tmp->md_nid = md_nid; 215 pbe_tmp->md_nid = md_nid;
216 pbe_tmp->keygen = keygen; 216 pbe_tmp->keygen = keygen;
217 217
218 sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp); 218 if (sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp) == 0) {
219 free(pbe_tmp);
220 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
221 return 0;
222 }
219 return 1; 223 return 1;
220} 224}
221 225
diff --git a/src/lib/libssl/src/crypto/objects/o_names.c b/src/lib/libssl/src/crypto/objects/o_names.c
index 68458a282c..9fa5824890 100644
--- a/src/lib/libssl/src/crypto/objects/o_names.c
+++ b/src/lib/libssl/src/crypto/objects/o_names.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: o_names.c,v 1.18 2014/06/12 15:49:30 deraadt Exp $ */ 1/* $OpenBSD: o_names.c,v 1.19 2014/10/28 05:46:56 miod Exp $ */
2#include <stdio.h> 2#include <stdio.h>
3#include <stdlib.h> 3#include <stdlib.h>
4#include <string.h> 4#include <string.h>
@@ -74,7 +74,11 @@ OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
74 name_funcs->hash_func = lh_strhash; 74 name_funcs->hash_func = lh_strhash;
75 name_funcs->cmp_func = strcmp; 75 name_funcs->cmp_func = strcmp;
76 name_funcs->free_func = NULL; 76 name_funcs->free_func = NULL;
77 sk_NAME_FUNCS_push(name_funcs_stack, name_funcs); 77 if (sk_NAME_FUNCS_push(name_funcs_stack, name_funcs) == 0) {
78 free(name_funcs);
79 OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
80 return (0);
81 }
78 } 82 }
79 name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret); 83 name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
80 if (hash_func != NULL) 84 if (hash_func != NULL)
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c b/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c
index 6318e1718b..7e69ad4fe0 100644
--- a/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c
+++ b/src/lib/libssl/src/crypto/ocsp/ocsp_ext.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ocsp_ext.c,v 1.12 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: ocsp_ext.c,v 1.13 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL 2/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
3 * project. */ 3 * project. */
4 4
@@ -526,7 +526,10 @@ OCSP_accept_responses_new(char **oids)
526 while (oids && *oids) { 526 while (oids && *oids) {
527 if ((nid = OBJ_txt2nid(*oids)) != NID_undef && 527 if ((nid = OBJ_txt2nid(*oids)) != NID_undef &&
528 (o = OBJ_nid2obj(nid))) 528 (o = OBJ_nid2obj(nid)))
529 sk_ASN1_OBJECT_push(sk, o); 529 if (sk_ASN1_OBJECT_push(sk, o) == 0) {
530 sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
531 return NULL;
532 }
530 oids++; 533 oids++;
531 } 534 }
532 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk); 535 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c b/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c
index 2f4d5089f5..554a47673b 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_attr.c,v 1.9 2014/06/29 17:05:36 jsing Exp $ */ 1/* $OpenBSD: pk7_attr.c,v 1.10 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2001. 3 * project 2001.
4 */ 4 */
@@ -107,29 +107,29 @@ PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
107 return 0; 107 return 0;
108 } 108 }
109 ASN1_OBJECT_free(alg->algorithm); 109 ASN1_OBJECT_free(alg->algorithm);
110 alg->algorithm = OBJ_nid2obj (nid); 110 alg->algorithm = OBJ_nid2obj(nid);
111 if (arg > 0) { 111 if (arg > 0) {
112 ASN1_INTEGER *nbit; 112 ASN1_INTEGER *nbit;
113 if (!(alg->parameter = ASN1_TYPE_new())) { 113
114 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, 114 if (!(alg->parameter = ASN1_TYPE_new()))
115 ERR_R_MALLOC_FAILURE); 115 goto err;
116 return 0; 116 if (!(nbit = ASN1_INTEGER_new()))
117 } 117 goto err;
118 if (!(nbit = ASN1_INTEGER_new())) { 118 if (!ASN1_INTEGER_set(nbit, arg)) {
119 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, 119 ASN1_INTEGER_free(nbit);
120 ERR_R_MALLOC_FAILURE); 120 goto err;
121 return 0;
122 }
123 if (!ASN1_INTEGER_set (nbit, arg)) {
124 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,
125 ERR_R_MALLOC_FAILURE);
126 return 0;
127 } 121 }
128 alg->parameter->value.integer = nbit; 122 alg->parameter->value.integer = nbit;
129 alg->parameter->type = V_ASN1_INTEGER; 123 alg->parameter->type = V_ASN1_INTEGER;
130 } 124 }
131 sk_X509_ALGOR_push (sk, alg); 125 if (sk_X509_ALGOR_push(sk, alg) == 0)
126 goto err;
132 return 1; 127 return 1;
128
129err:
130 PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
131 X509_ALGOR_free(alg);
132 return 0;
133} 133}
134 134
135int 135int
diff --git a/src/lib/libssl/src/crypto/store/str_mem.c b/src/lib/libssl/src/crypto/store/str_mem.c
index 3f32bcb8d0..a85a8946b7 100644
--- a/src/lib/libssl/src/crypto/store/str_mem.c
+++ b/src/lib/libssl/src/crypto/store/str_mem.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: str_mem.c,v 1.9 2014/07/09 16:59:33 miod Exp $ */ 1/* $OpenBSD: str_mem.c,v 1.10 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL 2/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3 * project 2003. 3 * project 2003.
4 */ 4 */
@@ -250,7 +250,11 @@ mem_list_start(STORE *s, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[],
250 goto err; 250 goto err;
251 } 251 }
252 } 252 }
253 sk_STORE_ATTR_INFO_push(context->search_attributes, attrs); 253 if (sk_STORE_ATTR_INFO_push(context->search_attributes,
254 attrs) == 0) {
255 STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
256 goto err;
257 }
254 } 258 }
255 if (!STORE_parse_attrs_endp(attribute_context)) 259 if (!STORE_parse_attrs_endp(attribute_context))
256 goto err; 260 goto err;
diff --git a/src/lib/libssl/src/crypto/ts/ts_conf.c b/src/lib/libssl/src/crypto/ts/ts_conf.c
index ec033b1cfc..5266f91e63 100644
--- a/src/lib/libssl/src/crypto/ts/ts_conf.c
+++ b/src/lib/libssl/src/crypto/ts/ts_conf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ts_conf.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: ts_conf.c,v 1.8 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL 2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3 * project 2002. 3 * project 2002.
4 */ 4 */
@@ -110,7 +110,8 @@ end:
110 return x; 110 return x;
111} 111}
112 112
113STACK_OF(X509) *TS_CONF_load_certs(const char *file) 113STACK_OF(X509) *
114TS_CONF_load_certs(const char *file)
114{ 115{
115 BIO *certs = NULL; 116 BIO *certs = NULL;
116 STACK_OF(X509) *othercerts = NULL; 117 STACK_OF(X509) *othercerts = NULL;
@@ -126,7 +127,11 @@ STACK_OF(X509) *TS_CONF_load_certs(const char *file)
126 for (i = 0; i < sk_X509_INFO_num(allcerts); i++) { 127 for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
127 X509_INFO *xi = sk_X509_INFO_value(allcerts, i); 128 X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
128 if (xi->x509) { 129 if (xi->x509) {
129 sk_X509_push(othercerts, xi->x509); 130 if (sk_X509_push(othercerts, xi->x509) == 0) {
131 sk_X509_pop_free(othercerts, X509_free);
132 othercerts = NULL;
133 goto end;
134 }
130 xi->x509 = NULL; 135 xi->x509 = NULL;
131 } 136 }
132 } 137 }
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_alt.c b/src/lib/libssl/src/crypto/x509v3/v3_alt.c
index 7ae4b6bd97..2592288bdb 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_alt.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_alt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_alt.c,v 1.21 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: v3_alt.c,v 1.22 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -253,21 +253,24 @@ v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
253 CONF_VALUE *cnf; 253 CONF_VALUE *cnf;
254 int i; 254 int i;
255 255
256 if (!(gens = sk_GENERAL_NAME_new_null())) { 256 if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
257 X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE); 257 X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
258 return NULL; 258 return NULL;
259 } 259 }
260 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 260 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
261 cnf = sk_CONF_VALUE_value(nval, i); 261 cnf = sk_CONF_VALUE_value(nval, i);
262 if (!name_cmp(cnf->name, "issuer") && cnf->value && 262 if (name_cmp(cnf->name, "issuer") == 0 && cnf->value != NULL &&
263 !strcmp(cnf->value, "copy")) { 263 strcmp(cnf->value, "copy") == 0) {
264 if (!copy_issuer(ctx, gens)) 264 if (!copy_issuer(ctx, gens))
265 goto err; 265 goto err;
266 } else { 266 } else {
267 GENERAL_NAME *gen; 267 GENERAL_NAME *gen;
268 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) 268 if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
269 goto err; 269 goto err;
270 sk_GENERAL_NAME_push(gens, gen); 270 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
271 GENERAL_NAME_free(gen);
272 goto err;
273 }
271 } 274 }
272 } 275 }
273 return gens; 276 return gens;
@@ -344,7 +347,10 @@ v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
344 GENERAL_NAME *gen; 347 GENERAL_NAME *gen;
345 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) 348 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
346 goto err; 349 goto err;
347 sk_GENERAL_NAME_push(gens, gen); 350 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
351 GENERAL_NAME_free(gen);
352 goto err;
353 }
348 } 354 }
349 } 355 }
350 return gens; 356 return gens;
@@ -429,7 +435,10 @@ v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
429 cnf = sk_CONF_VALUE_value(nval, i); 435 cnf = sk_CONF_VALUE_value(nval, i);
430 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) 436 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
431 goto err; 437 goto err;
432 sk_GENERAL_NAME_push(gens, gen); 438 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
439 GENERAL_NAME_free(gen);
440 goto err;
441 }
433 } 442 }
434 return gens; 443 return gens;
435 444
@@ -537,7 +546,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
537 return gen; 546 return gen;
538 547
539err: 548err:
540 if (!out) 549 if (out == NULL)
541 GENERAL_NAME_free(gen); 550 GENERAL_NAME_free(gen);
542 return NULL; 551 return NULL;
543} 552}
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_extku.c b/src/lib/libssl/src/crypto/x509v3/v3_extku.c
index 0f36a99525..a9f1d6da6e 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_extku.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_extku.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_extku.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: v3_extku.c,v 1.10 2014/10/28 05:46:56 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -144,7 +144,13 @@ v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
144 X509V3_conf_err(val); 144 X509V3_conf_err(val);
145 return NULL; 145 return NULL;
146 } 146 }
147 sk_ASN1_OBJECT_push(extku, objtmp); 147 if (sk_ASN1_OBJECT_push(extku, objtmp) == 0) {
148 ASN1_OBJECT_free(objtmp);
149 sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
150 X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
151 ERR_R_MALLOC_FAILURE);
152 return NULL;
153 }
148 } 154 }
149 return extku; 155 return extku;
150} 156}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 04:39:23 +0000