summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormiod <>2015-02-10 09:52:35 +0000
committermiod <>2015-02-10 09:52:35 +0000
commitd2f68f95d95ff1ca4370b66eb67e8add10d9d079 (patch)
tree58f7f299c05557099d7278079e061aed0f4a9f23
parent9c8f4b278d0fe6c5ae67ecea60905c57ccf4c4e1 (diff)
downloadopenbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.tar.gz
openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.tar.bz2
openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.zip
Replace assert() and OPENSSL_assert() calls with proper error return paths.
Careful review, feedback & ok doug@ jsing@
Diffstat
-rw-r--r--src/lib/libcrypto/asn1/bio_asn1.c11
-rw-r--r--src/lib/libcrypto/evp/digest.c7
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c8
-rw-r--r--src/lib/libcrypto/evp/evp.h9
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c45
-rw-r--r--src/lib/libcrypto/evp/evp_key.c15
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c14
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c12
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c7
-rw-r--r--src/lib/libcrypto/gost/gostr341001_pmeth.c25
-rw-r--r--src/lib/libcrypto/hmac/hmac.c15
-rw-r--r--src/lib/libcrypto/pem/pem_info.c10
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c14
-rw-r--r--src/lib/libssl/src/crypto/asn1/bio_asn1.c11
-rw-r--r--src/lib/libssl/src/crypto/evp/digest.c7
-rw-r--r--src/lib/libssl/src/crypto/evp/e_rc2.c8
-rw-r--r--src/lib/libssl/src/crypto/evp/evp.h9
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_enc.c45
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_key.c15
-rw-r--r--src/lib/libssl/src/crypto/evp/evp_lib.c14
-rw-r--r--src/lib/libssl/src/crypto/evp/p5_crpt.c12
-rw-r--r--src/lib/libssl/src/crypto/evp/p5_crpt2.c7
-rw-r--r--src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c25
-rw-r--r--src/lib/libssl/src/crypto/hmac/hmac.c15
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_info.c10
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_lib.c14
26 files changed, 282 insertions, 102 deletions
diff --git a/src/lib/libcrypto/asn1/bio_asn1.c b/src/lib/libcrypto/asn1/bio_asn1.c
index 6670ef5c17..219810db82 100644
--- a/src/lib/libcrypto/asn1/bio_asn1.c
+++ b/src/lib/libcrypto/asn1/bio_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bio_asn1.c,v 1.10 2014/07/10 13:58:22 jsing Exp $ */ 1/* $OpenBSD: bio_asn1.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -200,7 +200,7 @@ static int
200asn1_bio_write(BIO *b, const char *in , int inl) 200asn1_bio_write(BIO *b, const char *in , int inl)
201{ 201{
202 BIO_ASN1_BUF_CTX *ctx; 202 BIO_ASN1_BUF_CTX *ctx;
203 int wrmax, wrlen, ret; 203 int wrmax, wrlen, ret, buflen;
204 unsigned char *p; 204 unsigned char *p;
205 205
206 if (!in || (inl < 0) || (b->next_bio == NULL)) 206 if (!in || (inl < 0) || (b->next_bio == NULL))
@@ -231,9 +231,10 @@ asn1_bio_write(BIO *b, const char *in , int inl)
231 break; 231 break;
232 232
233 case ASN1_STATE_HEADER: 233 case ASN1_STATE_HEADER:
234 ctx->buflen = 234 buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
235 ASN1_object_size(0, inl, ctx->asn1_tag) - inl; 235 if (buflen <= 0 || buflen > ctx->bufsize)
236 OPENSSL_assert(ctx->buflen <= ctx->bufsize); 236 return -1;
237 ctx->buflen = buflen;
237 p = ctx->buf; 238 p = ctx->buf;
238 ASN1_put_object(&p, 0, inl, 239 ASN1_put_object(&p, 0, inl,
239 ctx->asn1_tag, ctx->asn1_class); 240 ctx->asn1_tag, ctx->asn1_class);
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index 4a18aff657..c9fb60d49b 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: digest.c,v 1.24 2014/11/09 19:12:18 miod Exp $ */ 1/* $OpenBSD: digest.c,v 1.25 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -249,7 +249,10 @@ EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
249{ 249{
250 int ret; 250 int ret;
251 251
252 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); 252 if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) {
253 EVPerr(EVP_F_EVP_DIGESTFINAL_EX, EVP_R_TOO_LARGE);
254 return 0;
255 }
253 ret = ctx->digest->final(ctx, md); 256 ret = ctx->digest->final(ctx, md);
254 if (size != NULL) 257 if (size != NULL)
255 *size = ctx->digest->md_size; 258 *size = ctx->digest->md_size;
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
index 456a22eeeb..9052195ac2 100644
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_rc2.c,v 1.10 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: e_rc2.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -187,7 +187,11 @@ rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
187 187
188 if (type != NULL) { 188 if (type != NULL) {
189 l = EVP_CIPHER_CTX_iv_length(c); 189 l = EVP_CIPHER_CTX_iv_length(c);
190 OPENSSL_assert(l <= sizeof(iv)); 190 if (l > sizeof(iv)) {
191 EVPerr(EVP_F_RC2_GET_ASN1_TYPE_AND_IV,
192 EVP_R_IV_TOO_LARGE);
193 return -1;
194 }
191 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l); 195 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
192 if (i != (int)l) 196 if (i != (int)l)
193 return (-1); 197 return (-1);
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index dd4d2245e6..6de762a4ff 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp.h,v 1.42 2015/02/08 22:22:13 miod Exp $ */ 1/* $OpenBSD: evp.h,v 1.43 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1353,13 +1353,19 @@ void ERR_load_EVP_strings(void);
1353#define EVP_F_EVP_AEAD_CTX_INIT 180 1353#define EVP_F_EVP_AEAD_CTX_INIT 180
1354#define EVP_F_EVP_AEAD_CTX_OPEN 190 1354#define EVP_F_EVP_AEAD_CTX_OPEN 190
1355#define EVP_F_EVP_AEAD_CTX_SEAL 191 1355#define EVP_F_EVP_AEAD_CTX_SEAL 191
1356#define EVP_F_EVP_BYTESTOKEY 200
1356#define EVP_F_EVP_CIPHERINIT_EX 123 1357#define EVP_F_EVP_CIPHERINIT_EX 123
1357#define EVP_F_EVP_CIPHER_CTX_COPY 163 1358#define EVP_F_EVP_CIPHER_CTX_COPY 163
1358#define EVP_F_EVP_CIPHER_CTX_CTRL 124 1359#define EVP_F_EVP_CIPHER_CTX_CTRL 124
1359#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 1360#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
1361#define EVP_F_EVP_CIPHER_GET_ASN1_IV 201
1362#define EVP_F_EVP_CIPHER_SET_ASN1_IV 202
1360#define EVP_F_EVP_DECRYPTFINAL_EX 101 1363#define EVP_F_EVP_DECRYPTFINAL_EX 101
1364#define EVP_F_EVP_DECRYPTUPDATE 199
1365#define EVP_F_EVP_DIGESTFINAL_EX 196
1361#define EVP_F_EVP_DIGESTINIT_EX 128 1366#define EVP_F_EVP_DIGESTINIT_EX 128
1362#define EVP_F_EVP_ENCRYPTFINAL_EX 127 1367#define EVP_F_EVP_ENCRYPTFINAL_EX 127
1368#define EVP_F_EVP_ENCRYPTUPDATE 198
1363#define EVP_F_EVP_MD_CTX_COPY_EX 110 1369#define EVP_F_EVP_MD_CTX_COPY_EX 110
1364#define EVP_F_EVP_MD_CTX_CTRL 195 1370#define EVP_F_EVP_MD_CTX_CTRL 195
1365#define EVP_F_EVP_MD_SIZE 162 1371#define EVP_F_EVP_MD_SIZE 162
@@ -1415,6 +1421,7 @@ void ERR_load_EVP_strings(void);
1415#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 1421#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
1416#define EVP_F_PKCS8_SET_BROKEN 112 1422#define EVP_F_PKCS8_SET_BROKEN 112
1417#define EVP_F_PKEY_SET_TYPE 158 1423#define EVP_F_PKEY_SET_TYPE 158
1424#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV 197
1418#define EVP_F_RC2_MAGIC_TO_METH 109 1425#define EVP_F_RC2_MAGIC_TO_METH 109
1419#define EVP_F_RC5_CTRL 125 1426#define EVP_F_RC5_CTRL 125
1420 1427
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index 49ceacefad..42ccfceec9 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_enc.c,v 1.25 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: evp_enc.c,v 1.26 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -140,10 +140,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
140 const EVP_CIPHER *c = 140 const EVP_CIPHER *c =
141 ENGINE_get_cipher(impl, cipher->nid); 141 ENGINE_get_cipher(impl, cipher->nid);
142 if (!c) { 142 if (!c) {
143 /* One positive side-effect of US's export
144 * control history, is that we should at least
145 * be able to avoid using US mispellings of
146 * "initialisation"? */
147 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 143 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
148 EVP_R_INITIALIZATION_ERROR); 144 EVP_R_INITIALIZATION_ERROR);
149 return 0; 145 return 0;
@@ -186,9 +182,12 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
186skip_to_init: 182skip_to_init:
187#endif 183#endif
188 /* we assume block size is a power of 2 in *cryptUpdate */ 184 /* we assume block size is a power of 2 in *cryptUpdate */
189 OPENSSL_assert(ctx->cipher->block_size == 1 || 185 if (ctx->cipher->block_size != 1 &&
190 ctx->cipher->block_size == 8 || 186 ctx->cipher->block_size != 8 &&
191 ctx->cipher->block_size == 16); 187 ctx->cipher->block_size != 16) {
188 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH);
189 return 0;
190 }
192 191
193 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { 192 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
194 switch (EVP_CIPHER_CTX_mode(ctx)) { 193 switch (EVP_CIPHER_CTX_mode(ctx)) {
@@ -205,8 +204,12 @@ skip_to_init:
205 204
206 case EVP_CIPH_CBC_MODE: 205 case EVP_CIPH_CBC_MODE:
207 206
208 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= 207 if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
209 (int)sizeof(ctx->iv)); 208 sizeof(ctx->iv)) {
209 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
210 EVP_R_IV_TOO_LARGE);
211 return 0;
212 }
210 if (iv) 213 if (iv)
211 memcpy(ctx->oiv, iv, 214 memcpy(ctx->oiv, iv,
212 EVP_CIPHER_CTX_iv_length(ctx)); 215 EVP_CIPHER_CTX_iv_length(ctx));
@@ -325,7 +328,11 @@ EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
325 } 328 }
326 i = ctx->buf_len; 329 i = ctx->buf_len;
327 bl = ctx->cipher->block_size; 330 bl = ctx->cipher->block_size;
328 OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); 331 if ((size_t)bl > sizeof(ctx->buf)) {
332 EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
333 *outl = 0;
334 return 0;
335 }
329 if (i != 0) { 336 if (i != 0) {
330 if (i + inl < bl) { 337 if (i + inl < bl) {
331 memcpy(&(ctx->buf[i]), in, inl); 338 memcpy(&(ctx->buf[i]), in, inl);
@@ -383,7 +390,10 @@ EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
383 } 390 }
384 391
385 b = ctx->cipher->block_size; 392 b = ctx->cipher->block_size;
386 OPENSSL_assert(b <= sizeof ctx->buf); 393 if (b > sizeof ctx->buf) {
394 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH);
395 return 0;
396 }
387 if (b == 1) { 397 if (b == 1) {
388 *outl = 0; 398 *outl = 0;
389 return 1; 399 return 1;
@@ -437,7 +447,10 @@ EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
437 return EVP_EncryptUpdate(ctx, out, outl, in, inl); 447 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
438 448
439 b = ctx->cipher->block_size; 449 b = ctx->cipher->block_size;
440 OPENSSL_assert(b <= sizeof ctx->final); 450 if (b > sizeof ctx->final) {
451 EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
452 return 0;
453 }
441 454
442 if (ctx->final_used) { 455 if (ctx->final_used) {
443 memcpy(out, ctx->final, b); 456 memcpy(out, ctx->final, b);
@@ -506,7 +519,11 @@ EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
506 EVP_R_WRONG_FINAL_BLOCK_LENGTH); 519 EVP_R_WRONG_FINAL_BLOCK_LENGTH);
507 return (0); 520 return (0);
508 } 521 }
509 OPENSSL_assert(b <= sizeof ctx->final); 522 if (b > sizeof ctx->final) {
523 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
524 EVP_R_BAD_BLOCK_LENGTH);
525 return 0;
526 }
510 n = ctx->final[b - 1]; 527 n = ctx->final[b - 1];
511 if (n == 0 || n > (int)b) { 528 if (n == 0 || n > (int)b) {
512 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT); 529 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index 1493ca9103..4718ab6175 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_key.c,v 1.20 2014/08/06 04:28:21 guenther Exp $ */ 1/* $OpenBSD: evp_key.c,v 1.21 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -59,6 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <string.h> 60#include <string.h>
61 61
62#include <openssl/err.h>
62#include <openssl/evp.h> 63#include <openssl/evp.h>
63#include <openssl/objects.h> 64#include <openssl/objects.h>
64#include <openssl/ui.h> 65#include <openssl/ui.h>
@@ -129,10 +130,18 @@ EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
129 int niv, nkey, addmd = 0; 130 int niv, nkey, addmd = 0;
130 unsigned int mds = 0, i; 131 unsigned int mds = 0, i;
131 int rv = 0; 132 int rv = 0;
133
132 nkey = type->key_len; 134 nkey = type->key_len;
133 niv = type->iv_len; 135 niv = type->iv_len;
134 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); 136
135 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); 137 if ((size_t)nkey > EVP_MAX_KEY_LENGTH) {
138 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_BAD_KEY_LENGTH);
139 return 0;
140 }
141 if ((size_t)niv > EVP_MAX_IV_LENGTH) {
142 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_IV_TOO_LARGE);
143 return 0;
144 }
136 145
137 if (data == NULL) 146 if (data == NULL)
138 return (nkey); 147 return (nkey);
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
index 310252d0e8..491c8d6f67 100644
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_lib.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: evp_lib.c,v 1.14 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -99,7 +99,11 @@ EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
99 99
100 if (type != NULL) { 100 if (type != NULL) {
101 l = EVP_CIPHER_CTX_iv_length(c); 101 l = EVP_CIPHER_CTX_iv_length(c);
102 OPENSSL_assert(l <= sizeof(c->iv)); 102 if (l > sizeof(c->iv)) {
103 EVPerr(EVP_F_EVP_CIPHER_GET_ASN1_IV,
104 EVP_R_IV_TOO_LARGE);
105 return 0;
106 }
103 i = ASN1_TYPE_get_octetstring(type, c->oiv, l); 107 i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
104 if (i != (int)l) 108 if (i != (int)l)
105 return (-1); 109 return (-1);
@@ -117,7 +121,11 @@ EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
117 121
118 if (type != NULL) { 122 if (type != NULL) {
119 j = EVP_CIPHER_CTX_iv_length(c); 123 j = EVP_CIPHER_CTX_iv_length(c);
120 OPENSSL_assert(j <= sizeof(c->iv)); 124 if (j > sizeof(c->iv)) {
125 EVPerr(EVP_F_EVP_CIPHER_SET_ASN1_IV,
126 EVP_R_IV_TOO_LARGE);
127 return 0;
128 }
121 i = ASN1_TYPE_set_octetstring(type, c->oiv, j); 129 i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
122 } 130 }
123 return (i); 131 return (i);
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 3b1419b545..112a69114c 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_crpt.c,v 1.14 2014/07/13 12:46:44 miod Exp $ */ 1/* $OpenBSD: p5_crpt.c,v 1.15 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -134,9 +134,15 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
134 if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL)) 134 if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
135 goto err; 135 goto err;
136 } 136 }
137 OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp)); 137 if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) {
138 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
139 goto err;
140 }
138 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); 141 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
139 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); 142 if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) {
143 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_IV_TOO_LARGE);
144 goto err;
145 }
140 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), 146 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
141 EVP_CIPHER_iv_length(cipher)); 147 EVP_CIPHER_iv_length(cipher));
142 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) 148 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index 61eadec804..c9eef8f49a 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_crpt2.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: p5_crpt2.c,v 1.18 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -255,7 +255,10 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
255 goto err; 255 goto err;
256 } 256 }
257 keylen = EVP_CIPHER_CTX_key_length(ctx); 257 keylen = EVP_CIPHER_CTX_key_length(ctx);
258 OPENSSL_assert(keylen <= sizeof key); 258 if (keylen > sizeof key) {
259 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
260 goto err;
261 }
259 262
260 /* Decode parameter */ 263 /* Decode parameter */
261 264
diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c
index 859c0884d6..c7d4dc10ae 100644
--- a/src/lib/libcrypto/gost/gostr341001_pmeth.c
+++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_pmeth.c,v 1.6 2014/11/13 20:29:55 miod Exp $ */ 1/* $OpenBSD: gostr341001_pmeth.c,v 1.7 2015/02/10 09:52:35 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -248,7 +248,10 @@ pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
248 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL); 248 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL);
249 return 0; 249 return 0;
250 } 250 }
251 OPENSSL_assert(tbs_len == 32 || tbs_len == 64); 251 if (tbs_len != 32 && tbs_len != 64) {
252 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EVP_R_BAD_BLOCK_LENGTH);
253 return 0;
254 }
252 md = GOST_le2bn(tbs, tbs_len, NULL); 255 md = GOST_le2bn(tbs, tbs_len, NULL);
253 if (md == NULL) 256 if (md == NULL)
254 return 0; 257 return 0;
@@ -411,11 +414,23 @@ pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
411 414
412 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher); 415 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher);
413 416
414 OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); 417 if (gkt->key_agreement_info->eph_iv->length != 8) {
418 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
419 GOST_R_INVALID_IV_LENGTH);
420 goto err;
421 }
415 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); 422 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
416 OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); 423 if (gkt->key_info->encrypted_key->length != 32) {
424 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
425 EVP_R_BAD_KEY_LENGTH);
426 goto err;
427 }
417 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); 428 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
418 OPENSSL_assert(gkt->key_info->imit->length == 4); 429 if (gkt->key_info->imit->length != 4) {
430 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
431 ERR_R_INTERNAL_ERROR);
432 goto err;
433 }
419 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); 434 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
420 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0) 435 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0)
421 goto err; 436 goto err;
diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c
index f2e5f149e0..155e32a540 100644
--- a/src/lib/libcrypto/hmac/hmac.c
+++ b/src/lib/libcrypto/hmac/hmac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: hmac.c,v 1.21 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: hmac.c,v 1.22 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -60,6 +60,7 @@
60#include <stdlib.h> 60#include <stdlib.h>
61#include <string.h> 61#include <string.h>
62 62
63#include <openssl/err.h>
63#include <openssl/hmac.h> 64#include <openssl/hmac.h>
64 65
65int 66int
@@ -78,7 +79,10 @@ HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
78 if (key != NULL) { 79 if (key != NULL) {
79 reset = 1; 80 reset = 1;
80 j = EVP_MD_block_size(md); 81 j = EVP_MD_block_size(md);
81 OPENSSL_assert(j <= (int)sizeof(ctx->key)); 82 if ((size_t)j > sizeof(ctx->key)) {
83 EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_BAD_BLOCK_LENGTH);
84 goto err;
85 }
82 if (j < len) { 86 if (j < len) {
83 if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl)) 87 if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
84 goto err; 88 goto err;
@@ -88,8 +92,11 @@ HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
88 &ctx->key_length)) 92 &ctx->key_length))
89 goto err; 93 goto err;
90 } else { 94 } else {
91 OPENSSL_assert(len >= 0 && 95 if ((size_t)len > sizeof(ctx->key)) {
92 len <= (int)sizeof(ctx->key)); 96 EVPerr(EVP_F_HMAC_INIT_EX,
97 EVP_R_BAD_KEY_LENGTH);
98 goto err;
99 }
93 memcpy(ctx->key, key, len); 100 memcpy(ctx->key, key, len);
94 ctx->key_length = len; 101 ctx->key_length = len;
95 } 102 }
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
index 9ddcb56596..6fe72ce742 100644
--- a/src/lib/libcrypto/pem/pem_info.c
+++ b/src/lib/libcrypto/pem/pem_info.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_info.c,v 1.19 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pem_info.c,v 1.20 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -361,8 +361,12 @@ PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
361 } 361 }
362 362
363 /* create the right magic header stuff */ 363 /* create the right magic header stuff */
364 OPENSSL_assert(strlen(objstr) + 23 + 364 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 >
365 2 * enc->iv_len + 13 <= sizeof buf); 365 sizeof buf) {
366 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
367 ASN1_R_BUFFER_TOO_SMALL);
368 goto err;
369 }
366 buf[0] = '\0'; 370 buf[0] = '\0';
367 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); 371 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
368 PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); 372 PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 1ebae53e74..e3629762f9 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_lib.c,v 1.35 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: pem_lib.c,v 1.36 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -389,7 +389,10 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
389 } 389 }
390 kstr = (unsigned char *)buf; 390 kstr = (unsigned char *)buf;
391 } 391 }
392 OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); 392 if ((size_t)enc->iv_len > sizeof(iv)) {
393 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, EVP_R_IV_TOO_LARGE);
394 goto err;
395 }
393 arc4random_buf(iv, enc->iv_len); /* Generate a salt */ 396 arc4random_buf(iv, enc->iv_len); /* Generate a salt */
394 /* The 'iv' is used as the iv and as a salt. It is 397 /* The 'iv' is used as the iv and as a salt. It is
395 * NOT taken from the BytesToKey function */ 398 * NOT taken from the BytesToKey function */
@@ -400,8 +403,11 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
400 if (kstr == (unsigned char *)buf) 403 if (kstr == (unsigned char *)buf)
401 OPENSSL_cleanse(buf, PEM_BUFSIZE); 404 OPENSSL_cleanse(buf, PEM_BUFSIZE);
402 405
403 OPENSSL_assert(strlen(objstr) + 23 + 406 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) {
404 2 * enc->iv_len + 13 <= sizeof buf); 407 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,
408 ASN1_R_BUFFER_TOO_SMALL);
409 goto err;
410 }
405 411
406 buf[0] = '\0'; 412 buf[0] = '\0';
407 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); 413 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
diff --git a/src/lib/libssl/src/crypto/asn1/bio_asn1.c b/src/lib/libssl/src/crypto/asn1/bio_asn1.c
index 6670ef5c17..219810db82 100644
--- a/src/lib/libssl/src/crypto/asn1/bio_asn1.c
+++ b/src/lib/libssl/src/crypto/asn1/bio_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bio_asn1.c,v 1.10 2014/07/10 13:58:22 jsing Exp $ */ 1/* $OpenBSD: bio_asn1.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -200,7 +200,7 @@ static int
200asn1_bio_write(BIO *b, const char *in , int inl) 200asn1_bio_write(BIO *b, const char *in , int inl)
201{ 201{
202 BIO_ASN1_BUF_CTX *ctx; 202 BIO_ASN1_BUF_CTX *ctx;
203 int wrmax, wrlen, ret; 203 int wrmax, wrlen, ret, buflen;
204 unsigned char *p; 204 unsigned char *p;
205 205
206 if (!in || (inl < 0) || (b->next_bio == NULL)) 206 if (!in || (inl < 0) || (b->next_bio == NULL))
@@ -231,9 +231,10 @@ asn1_bio_write(BIO *b, const char *in , int inl)
231 break; 231 break;
232 232
233 case ASN1_STATE_HEADER: 233 case ASN1_STATE_HEADER:
234 ctx->buflen = 234 buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
235 ASN1_object_size(0, inl, ctx->asn1_tag) - inl; 235 if (buflen <= 0 || buflen > ctx->bufsize)
236 OPENSSL_assert(ctx->buflen <= ctx->bufsize); 236 return -1;
237 ctx->buflen = buflen;
237 p = ctx->buf; 238 p = ctx->buf;
238 ASN1_put_object(&p, 0, inl, 239 ASN1_put_object(&p, 0, inl,
239 ctx->asn1_tag, ctx->asn1_class); 240 ctx->asn1_tag, ctx->asn1_class);
diff --git a/src/lib/libssl/src/crypto/evp/digest.c b/src/lib/libssl/src/crypto/evp/digest.c
index 4a18aff657..c9fb60d49b 100644
--- a/src/lib/libssl/src/crypto/evp/digest.c
+++ b/src/lib/libssl/src/crypto/evp/digest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: digest.c,v 1.24 2014/11/09 19:12:18 miod Exp $ */ 1/* $OpenBSD: digest.c,v 1.25 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -249,7 +249,10 @@ EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
249{ 249{
250 int ret; 250 int ret;
251 251
252 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); 252 if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) {
253 EVPerr(EVP_F_EVP_DIGESTFINAL_EX, EVP_R_TOO_LARGE);
254 return 0;
255 }
253 ret = ctx->digest->final(ctx, md); 256 ret = ctx->digest->final(ctx, md);
254 if (size != NULL) 257 if (size != NULL)
255 *size = ctx->digest->md_size; 258 *size = ctx->digest->md_size;
diff --git a/src/lib/libssl/src/crypto/evp/e_rc2.c b/src/lib/libssl/src/crypto/evp/e_rc2.c
index 456a22eeeb..9052195ac2 100644
--- a/src/lib/libssl/src/crypto/evp/e_rc2.c
+++ b/src/lib/libssl/src/crypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_rc2.c,v 1.10 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: e_rc2.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -187,7 +187,11 @@ rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
187 187
188 if (type != NULL) { 188 if (type != NULL) {
189 l = EVP_CIPHER_CTX_iv_length(c); 189 l = EVP_CIPHER_CTX_iv_length(c);
190 OPENSSL_assert(l <= sizeof(iv)); 190 if (l > sizeof(iv)) {
191 EVPerr(EVP_F_RC2_GET_ASN1_TYPE_AND_IV,
192 EVP_R_IV_TOO_LARGE);
193 return -1;
194 }
191 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l); 195 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
192 if (i != (int)l) 196 if (i != (int)l)
193 return (-1); 197 return (-1);
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
index dd4d2245e6..6de762a4ff 100644
--- a/src/lib/libssl/src/crypto/evp/evp.h
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp.h,v 1.42 2015/02/08 22:22:13 miod Exp $ */ 1/* $OpenBSD: evp.h,v 1.43 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1353,13 +1353,19 @@ void ERR_load_EVP_strings(void);
1353#define EVP_F_EVP_AEAD_CTX_INIT 180 1353#define EVP_F_EVP_AEAD_CTX_INIT 180
1354#define EVP_F_EVP_AEAD_CTX_OPEN 190 1354#define EVP_F_EVP_AEAD_CTX_OPEN 190
1355#define EVP_F_EVP_AEAD_CTX_SEAL 191 1355#define EVP_F_EVP_AEAD_CTX_SEAL 191
1356#define EVP_F_EVP_BYTESTOKEY 200
1356#define EVP_F_EVP_CIPHERINIT_EX 123 1357#define EVP_F_EVP_CIPHERINIT_EX 123
1357#define EVP_F_EVP_CIPHER_CTX_COPY 163 1358#define EVP_F_EVP_CIPHER_CTX_COPY 163
1358#define EVP_F_EVP_CIPHER_CTX_CTRL 124 1359#define EVP_F_EVP_CIPHER_CTX_CTRL 124
1359#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 1360#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
1361#define EVP_F_EVP_CIPHER_GET_ASN1_IV 201
1362#define EVP_F_EVP_CIPHER_SET_ASN1_IV 202
1360#define EVP_F_EVP_DECRYPTFINAL_EX 101 1363#define EVP_F_EVP_DECRYPTFINAL_EX 101
1364#define EVP_F_EVP_DECRYPTUPDATE 199
1365#define EVP_F_EVP_DIGESTFINAL_EX 196
1361#define EVP_F_EVP_DIGESTINIT_EX 128 1366#define EVP_F_EVP_DIGESTINIT_EX 128
1362#define EVP_F_EVP_ENCRYPTFINAL_EX 127 1367#define EVP_F_EVP_ENCRYPTFINAL_EX 127
1368#define EVP_F_EVP_ENCRYPTUPDATE 198
1363#define EVP_F_EVP_MD_CTX_COPY_EX 110 1369#define EVP_F_EVP_MD_CTX_COPY_EX 110
1364#define EVP_F_EVP_MD_CTX_CTRL 195 1370#define EVP_F_EVP_MD_CTX_CTRL 195
1365#define EVP_F_EVP_MD_SIZE 162 1371#define EVP_F_EVP_MD_SIZE 162
@@ -1415,6 +1421,7 @@ void ERR_load_EVP_strings(void);
1415#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 1421#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
1416#define EVP_F_PKCS8_SET_BROKEN 112 1422#define EVP_F_PKCS8_SET_BROKEN 112
1417#define EVP_F_PKEY_SET_TYPE 158 1423#define EVP_F_PKEY_SET_TYPE 158
1424#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV 197
1418#define EVP_F_RC2_MAGIC_TO_METH 109 1425#define EVP_F_RC2_MAGIC_TO_METH 109
1419#define EVP_F_RC5_CTRL 125 1426#define EVP_F_RC5_CTRL 125
1420 1427
diff --git a/src/lib/libssl/src/crypto/evp/evp_enc.c b/src/lib/libssl/src/crypto/evp/evp_enc.c
index 49ceacefad..42ccfceec9 100644
--- a/src/lib/libssl/src/crypto/evp/evp_enc.c
+++ b/src/lib/libssl/src/crypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_enc.c,v 1.25 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: evp_enc.c,v 1.26 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -140,10 +140,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
140 const EVP_CIPHER *c = 140 const EVP_CIPHER *c =
141 ENGINE_get_cipher(impl, cipher->nid); 141 ENGINE_get_cipher(impl, cipher->nid);
142 if (!c) { 142 if (!c) {
143 /* One positive side-effect of US's export
144 * control history, is that we should at least
145 * be able to avoid using US mispellings of
146 * "initialisation"? */
147 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 143 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
148 EVP_R_INITIALIZATION_ERROR); 144 EVP_R_INITIALIZATION_ERROR);
149 return 0; 145 return 0;
@@ -186,9 +182,12 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
186skip_to_init: 182skip_to_init:
187#endif 183#endif
188 /* we assume block size is a power of 2 in *cryptUpdate */ 184 /* we assume block size is a power of 2 in *cryptUpdate */
189 OPENSSL_assert(ctx->cipher->block_size == 1 || 185 if (ctx->cipher->block_size != 1 &&
190 ctx->cipher->block_size == 8 || 186 ctx->cipher->block_size != 8 &&
191 ctx->cipher->block_size == 16); 187 ctx->cipher->block_size != 16) {
188 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH);
189 return 0;
190 }
192 191
193 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { 192 if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
194 switch (EVP_CIPHER_CTX_mode(ctx)) { 193 switch (EVP_CIPHER_CTX_mode(ctx)) {
@@ -205,8 +204,12 @@ skip_to_init:
205 204
206 case EVP_CIPH_CBC_MODE: 205 case EVP_CIPH_CBC_MODE:
207 206
208 OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= 207 if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
209 (int)sizeof(ctx->iv)); 208 sizeof(ctx->iv)) {
209 EVPerr(EVP_F_EVP_CIPHERINIT_EX,
210 EVP_R_IV_TOO_LARGE);
211 return 0;
212 }
210 if (iv) 213 if (iv)
211 memcpy(ctx->oiv, iv, 214 memcpy(ctx->oiv, iv,
212 EVP_CIPHER_CTX_iv_length(ctx)); 215 EVP_CIPHER_CTX_iv_length(ctx));
@@ -325,7 +328,11 @@ EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
325 } 328 }
326 i = ctx->buf_len; 329 i = ctx->buf_len;
327 bl = ctx->cipher->block_size; 330 bl = ctx->cipher->block_size;
328 OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); 331 if ((size_t)bl > sizeof(ctx->buf)) {
332 EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
333 *outl = 0;
334 return 0;
335 }
329 if (i != 0) { 336 if (i != 0) {
330 if (i + inl < bl) { 337 if (i + inl < bl) {
331 memcpy(&(ctx->buf[i]), in, inl); 338 memcpy(&(ctx->buf[i]), in, inl);
@@ -383,7 +390,10 @@ EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
383 } 390 }
384 391
385 b = ctx->cipher->block_size; 392 b = ctx->cipher->block_size;
386 OPENSSL_assert(b <= sizeof ctx->buf); 393 if (b > sizeof ctx->buf) {
394 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH);
395 return 0;
396 }
387 if (b == 1) { 397 if (b == 1) {
388 *outl = 0; 398 *outl = 0;
389 return 1; 399 return 1;
@@ -437,7 +447,10 @@ EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
437 return EVP_EncryptUpdate(ctx, out, outl, in, inl); 447 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
438 448
439 b = ctx->cipher->block_size; 449 b = ctx->cipher->block_size;
440 OPENSSL_assert(b <= sizeof ctx->final); 450 if (b > sizeof ctx->final) {
451 EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
452 return 0;
453 }
441 454
442 if (ctx->final_used) { 455 if (ctx->final_used) {
443 memcpy(out, ctx->final, b); 456 memcpy(out, ctx->final, b);
@@ -506,7 +519,11 @@ EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
506 EVP_R_WRONG_FINAL_BLOCK_LENGTH); 519 EVP_R_WRONG_FINAL_BLOCK_LENGTH);
507 return (0); 520 return (0);
508 } 521 }
509 OPENSSL_assert(b <= sizeof ctx->final); 522 if (b > sizeof ctx->final) {
523 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
524 EVP_R_BAD_BLOCK_LENGTH);
525 return 0;
526 }
510 n = ctx->final[b - 1]; 527 n = ctx->final[b - 1];
511 if (n == 0 || n > (int)b) { 528 if (n == 0 || n > (int)b) {
512 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT); 529 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c
index 1493ca9103..4718ab6175 100644
--- a/src/lib/libssl/src/crypto/evp/evp_key.c
+++ b/src/lib/libssl/src/crypto/evp/evp_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_key.c,v 1.20 2014/08/06 04:28:21 guenther Exp $ */ 1/* $OpenBSD: evp_key.c,v 1.21 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -59,6 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <string.h> 60#include <string.h>
61 61
62#include <openssl/err.h>
62#include <openssl/evp.h> 63#include <openssl/evp.h>
63#include <openssl/objects.h> 64#include <openssl/objects.h>
64#include <openssl/ui.h> 65#include <openssl/ui.h>
@@ -129,10 +130,18 @@ EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
129 int niv, nkey, addmd = 0; 130 int niv, nkey, addmd = 0;
130 unsigned int mds = 0, i; 131 unsigned int mds = 0, i;
131 int rv = 0; 132 int rv = 0;
133
132 nkey = type->key_len; 134 nkey = type->key_len;
133 niv = type->iv_len; 135 niv = type->iv_len;
134 OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); 136
135 OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); 137 if ((size_t)nkey > EVP_MAX_KEY_LENGTH) {
138 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_BAD_KEY_LENGTH);
139 return 0;
140 }
141 if ((size_t)niv > EVP_MAX_IV_LENGTH) {
142 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_IV_TOO_LARGE);
143 return 0;
144 }
136 145
137 if (data == NULL) 146 if (data == NULL)
138 return (nkey); 147 return (nkey);
diff --git a/src/lib/libssl/src/crypto/evp/evp_lib.c b/src/lib/libssl/src/crypto/evp/evp_lib.c
index 310252d0e8..491c8d6f67 100644
--- a/src/lib/libssl/src/crypto/evp/evp_lib.c
+++ b/src/lib/libssl/src/crypto/evp/evp_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_lib.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: evp_lib.c,v 1.14 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -99,7 +99,11 @@ EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
99 99
100 if (type != NULL) { 100 if (type != NULL) {
101 l = EVP_CIPHER_CTX_iv_length(c); 101 l = EVP_CIPHER_CTX_iv_length(c);
102 OPENSSL_assert(l <= sizeof(c->iv)); 102 if (l > sizeof(c->iv)) {
103 EVPerr(EVP_F_EVP_CIPHER_GET_ASN1_IV,
104 EVP_R_IV_TOO_LARGE);
105 return 0;
106 }
103 i = ASN1_TYPE_get_octetstring(type, c->oiv, l); 107 i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
104 if (i != (int)l) 108 if (i != (int)l)
105 return (-1); 109 return (-1);
@@ -117,7 +121,11 @@ EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
117 121
118 if (type != NULL) { 122 if (type != NULL) {
119 j = EVP_CIPHER_CTX_iv_length(c); 123 j = EVP_CIPHER_CTX_iv_length(c);
120 OPENSSL_assert(j <= sizeof(c->iv)); 124 if (j > sizeof(c->iv)) {
125 EVPerr(EVP_F_EVP_CIPHER_SET_ASN1_IV,
126 EVP_R_IV_TOO_LARGE);
127 return 0;
128 }
121 i = ASN1_TYPE_set_octetstring(type, c->oiv, j); 129 i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
122 } 130 }
123 return (i); 131 return (i);
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt.c b/src/lib/libssl/src/crypto/evp/p5_crpt.c
index 3b1419b545..112a69114c 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_crpt.c,v 1.14 2014/07/13 12:46:44 miod Exp $ */ 1/* $OpenBSD: p5_crpt.c,v 1.15 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -134,9 +134,15 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
134 if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL)) 134 if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
135 goto err; 135 goto err;
136 } 136 }
137 OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp)); 137 if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) {
138 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
139 goto err;
140 }
138 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); 141 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
139 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); 142 if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) {
143 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_IV_TOO_LARGE);
144 goto err;
145 }
140 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), 146 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
141 EVP_CIPHER_iv_length(cipher)); 147 EVP_CIPHER_iv_length(cipher));
142 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) 148 if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
index 61eadec804..c9eef8f49a 100644
--- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c
+++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_crpt2.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: p5_crpt2.c,v 1.18 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -255,7 +255,10 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
255 goto err; 255 goto err;
256 } 256 }
257 keylen = EVP_CIPHER_CTX_key_length(ctx); 257 keylen = EVP_CIPHER_CTX_key_length(ctx);
258 OPENSSL_assert(keylen <= sizeof key); 258 if (keylen > sizeof key) {
259 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
260 goto err;
261 }
259 262
260 /* Decode parameter */ 263 /* Decode parameter */
261 264
diff --git a/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c b/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
index 859c0884d6..c7d4dc10ae 100644
--- a/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
+++ b/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_pmeth.c,v 1.6 2014/11/13 20:29:55 miod Exp $ */ 1/* $OpenBSD: gostr341001_pmeth.c,v 1.7 2015/02/10 09:52:35 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -248,7 +248,10 @@ pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
248 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL); 248 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL);
249 return 0; 249 return 0;
250 } 250 }
251 OPENSSL_assert(tbs_len == 32 || tbs_len == 64); 251 if (tbs_len != 32 && tbs_len != 64) {
252 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EVP_R_BAD_BLOCK_LENGTH);
253 return 0;
254 }
252 md = GOST_le2bn(tbs, tbs_len, NULL); 255 md = GOST_le2bn(tbs, tbs_len, NULL);
253 if (md == NULL) 256 if (md == NULL)
254 return 0; 257 return 0;
@@ -411,11 +414,23 @@ pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
411 414
412 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher); 415 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher);
413 416
414 OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); 417 if (gkt->key_agreement_info->eph_iv->length != 8) {
418 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
419 GOST_R_INVALID_IV_LENGTH);
420 goto err;
421 }
415 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); 422 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
416 OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); 423 if (gkt->key_info->encrypted_key->length != 32) {
424 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
425 EVP_R_BAD_KEY_LENGTH);
426 goto err;
427 }
417 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); 428 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
418 OPENSSL_assert(gkt->key_info->imit->length == 4); 429 if (gkt->key_info->imit->length != 4) {
430 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
431 ERR_R_INTERNAL_ERROR);
432 goto err;
433 }
419 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); 434 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
420 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0) 435 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0)
421 goto err; 436 goto err;
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c
index f2e5f149e0..155e32a540 100644
--- a/src/lib/libssl/src/crypto/hmac/hmac.c
+++ b/src/lib/libssl/src/crypto/hmac/hmac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: hmac.c,v 1.21 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: hmac.c,v 1.22 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -60,6 +60,7 @@
60#include <stdlib.h> 60#include <stdlib.h>
61#include <string.h> 61#include <string.h>
62 62
63#include <openssl/err.h>
63#include <openssl/hmac.h> 64#include <openssl/hmac.h>
64 65
65int 66int
@@ -78,7 +79,10 @@ HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
78 if (key != NULL) { 79 if (key != NULL) {
79 reset = 1; 80 reset = 1;
80 j = EVP_MD_block_size(md); 81 j = EVP_MD_block_size(md);
81 OPENSSL_assert(j <= (int)sizeof(ctx->key)); 82 if ((size_t)j > sizeof(ctx->key)) {
83 EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_BAD_BLOCK_LENGTH);
84 goto err;
85 }
82 if (j < len) { 86 if (j < len) {
83 if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl)) 87 if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
84 goto err; 88 goto err;
@@ -88,8 +92,11 @@ HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
88 &ctx->key_length)) 92 &ctx->key_length))
89 goto err; 93 goto err;
90 } else { 94 } else {
91 OPENSSL_assert(len >= 0 && 95 if ((size_t)len > sizeof(ctx->key)) {
92 len <= (int)sizeof(ctx->key)); 96 EVPerr(EVP_F_HMAC_INIT_EX,
97 EVP_R_BAD_KEY_LENGTH);
98 goto err;
99 }
93 memcpy(ctx->key, key, len); 100 memcpy(ctx->key, key, len);
94 ctx->key_length = len; 101 ctx->key_length = len;
95 } 102 }
diff --git a/src/lib/libssl/src/crypto/pem/pem_info.c b/src/lib/libssl/src/crypto/pem/pem_info.c
index 9ddcb56596..6fe72ce742 100644
--- a/src/lib/libssl/src/crypto/pem/pem_info.c
+++ b/src/lib/libssl/src/crypto/pem/pem_info.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_info.c,v 1.19 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: pem_info.c,v 1.20 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -361,8 +361,12 @@ PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
361 } 361 }
362 362
363 /* create the right magic header stuff */ 363 /* create the right magic header stuff */
364 OPENSSL_assert(strlen(objstr) + 23 + 364 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 >
365 2 * enc->iv_len + 13 <= sizeof buf); 365 sizeof buf) {
366 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
367 ASN1_R_BUFFER_TOO_SMALL);
368 goto err;
369 }
366 buf[0] = '\0'; 370 buf[0] = '\0';
367 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); 371 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
368 PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); 372 PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c
index 1ebae53e74..e3629762f9 100644
--- a/src/lib/libssl/src/crypto/pem/pem_lib.c
+++ b/src/lib/libssl/src/crypto/pem/pem_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_lib.c,v 1.35 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: pem_lib.c,v 1.36 2015/02/10 09:52:35 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -389,7 +389,10 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
389 } 389 }
390 kstr = (unsigned char *)buf; 390 kstr = (unsigned char *)buf;
391 } 391 }
392 OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); 392 if ((size_t)enc->iv_len > sizeof(iv)) {
393 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, EVP_R_IV_TOO_LARGE);
394 goto err;
395 }
393 arc4random_buf(iv, enc->iv_len); /* Generate a salt */ 396 arc4random_buf(iv, enc->iv_len); /* Generate a salt */
394 /* The 'iv' is used as the iv and as a salt. It is 397 /* The 'iv' is used as the iv and as a salt. It is
395 * NOT taken from the BytesToKey function */ 398 * NOT taken from the BytesToKey function */
@@ -400,8 +403,11 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
400 if (kstr == (unsigned char *)buf) 403 if (kstr == (unsigned char *)buf)
401 OPENSSL_cleanse(buf, PEM_BUFSIZE); 404 OPENSSL_cleanse(buf, PEM_BUFSIZE);
402 405
403 OPENSSL_assert(strlen(objstr) + 23 + 406 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) {
404 2 * enc->iv_len + 13 <= sizeof buf); 407 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,
408 ASN1_R_BUFFER_TOO_SMALL);
409 goto err;
410 }
405 411
406 buf[0] = '\0'; 412 buf[0] = '\0';
407 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); 413 PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 23:51:20 +0000