Now that it is safe to invoke X509_STORE_CTX_cleanup() if X509_STORE_CTX_init()

fails, check its return value and correctly mop up after ourselves.
ok beck@ doug@

4 files changed, 32 insertions, 16 deletions

diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c
index 25aa31ee4d..797877011c 100644
--- a/src/lib/libcrypto/ts/ts_rsp_verify.c
+++ b/src/lib/libcrypto/ts/ts_rsp_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_rsp_verify.c,v 1.14 2015/07/19 02:43:24 miod Exp $ */
+/* $OpenBSD: ts_rsp_verify.c,v 1.15 2015/07/19 05:42:55 miod Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -234,26 +234,32 @@ static int
 TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, X509 *signer,
     STACK_OF(X509) **chain)
 {
-        X509_STORE_CTX  cert_ctx;
+        X509_STORE_CTX cert_ctx;
         int i;
-        int ret = 1;
+        int ret = 0;
 
         /* chain is an out argument. */
         *chain = NULL;
-        X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted);
+        if (X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted) == 0) {
+                TSerr(TS_F_TS_VERIFY_CERT, ERR_R_X509_LIB);
+                goto err;
+        }
         X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
         i = X509_verify_cert(&cert_ctx);
         if (i <= 0) {
                 int j = X509_STORE_CTX_get_error(&cert_ctx);
+
                 TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
                 ERR_asprintf_error_data("Verify error:%s",
                     X509_verify_cert_error_string(j));
-                ret = 0;
+                goto err;
         } else {
                 /* Get a copy of the certificate chain. */
                 *chain = X509_STORE_CTX_get1_chain(&cert_ctx);
+                ret = 1;
         }
 
+err:
         X509_STORE_CTX_cleanup(&cert_ctx);
 
         return ret;
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index bc5905784d..f2dc356dc8 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.43 2015/07/19 01:44:16 doug Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.44 2015/07/19 05:42:55 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1091,8 +1091,10 @@ check_crl_path(X509_STORE_CTX *ctx, X509 *x)
         /* Don't allow recursive CRL path validation */
         if (ctx->parent)
                 return 0;
-        if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
-                return -1;
+        if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted)) {
+                ret = -1;
+                goto err;
+        }
 
         crl_ctx.crls = ctx->crls;
         /* Copy verify params across */
diff --git a/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c b/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c
index 25aa31ee4d..797877011c 100644
--- a/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c
+++ b/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_rsp_verify.c,v 1.14 2015/07/19 02:43:24 miod Exp $ */
+/* $OpenBSD: ts_rsp_verify.c,v 1.15 2015/07/19 05:42:55 miod Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -234,26 +234,32 @@ static int
 TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, X509 *signer,
     STACK_OF(X509) **chain)
 {
-        X509_STORE_CTX  cert_ctx;
+        X509_STORE_CTX cert_ctx;
         int i;
-        int ret = 1;
+        int ret = 0;
 
         /* chain is an out argument. */
         *chain = NULL;
-        X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted);
+        if (X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted) == 0) {
+                TSerr(TS_F_TS_VERIFY_CERT, ERR_R_X509_LIB);
+                goto err;
+        }
         X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
         i = X509_verify_cert(&cert_ctx);
         if (i <= 0) {
                 int j = X509_STORE_CTX_get_error(&cert_ctx);
+
                 TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
                 ERR_asprintf_error_data("Verify error:%s",
                     X509_verify_cert_error_string(j));
-                ret = 0;
+                goto err;
         } else {
                 /* Get a copy of the certificate chain. */
                 *chain = X509_STORE_CTX_get1_chain(&cert_ctx);
+                ret = 1;
         }
 
+err:
         X509_STORE_CTX_cleanup(&cert_ctx);
 
         return ret;
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c
index bc5905784d..f2dc356dc8 100644
--- a/src/lib/libssl/src/crypto/x509/x509_vfy.c
+++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.43 2015/07/19 01:44:16 doug Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.44 2015/07/19 05:42:55 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1091,8 +1091,10 @@ check_crl_path(X509_STORE_CTX *ctx, X509 *x)
         /* Don't allow recursive CRL path validation */
         if (ctx->parent)
                 return 0;
-        if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
-                return -1;
+        if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted)) {
+                ret = -1;
+                goto err;
+        }
 
         crl_ctx.crls = ctx->crls;
         /* Copy verify params across */