summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
authorjsg <>2015-05-15 11:00:14 +0000
committerjsg <>2015-05-15 11:00:14 +0000
commitf8e03ddcf892381c04c6d2274d698a4db936d93b (patch)
treef00dd64612742b35f7b46f91be93e5056960a0c1 /src/lib/libc
parenteb08145f1507a91cb0eb09f433adc7743d7c3bea (diff)
downloadopenbsd-f8e03ddcf892381c04c6d2274d698a4db936d93b.tar.gz
openbsd-f8e03ddcf892381c04c6d2274d698a4db936d93b.tar.bz2
openbsd-f8e03ddcf892381c04c6d2274d698a4db936d93b.zip
Fix return paths with missing EVP_CIPHER_CTX_cleanup() calls.
ok doug@
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/cms/cms_pwri.c8
-rw-r--r--src/lib/libcrypto/pem/pvkfmt.c12
-rw-r--r--src/lib/libcrypto/pkcs12/p12_decr.c5
3 files changed, 12 insertions, 13 deletions
diff --git a/src/lib/libcrypto/cms/cms_pwri.c b/src/lib/libcrypto/cms/cms_pwri.c
index 89f7925938..11509e3c11 100644
--- a/src/lib/libcrypto/cms/cms_pwri.c
+++ b/src/lib/libcrypto/cms/cms_pwri.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_pwri.c,v 1.8 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: cms_pwri.c,v 1.9 2015/05/15 11:00:14 jsg Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -332,14 +332,14 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
332 332
333 if (!pwri->pass) { 333 if (!pwri->pass) {
334 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD); 334 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
335 return 0; 335 goto err;
336 } 336 }
337 algtmp = pwri->keyEncryptionAlgorithm; 337 algtmp = pwri->keyEncryptionAlgorithm;
338 338
339 if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) { 339 if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
340 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, 340 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
341 CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM); 341 CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
342 return 0; 342 goto err;
343 } 343 }
344 344
345 if (algtmp->parameter->type == V_ASN1_SEQUENCE) { 345 if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
@@ -350,7 +350,7 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
350 if (kekalg == NULL) { 350 if (kekalg == NULL) {
351 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, 351 CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
352 CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER); 352 CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
353 return 0; 353 goto err;
354 } 354 }
355 355
356 kekcipher = EVP_get_cipherbyobj(kekalg->algorithm); 356 kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c
index 2009c9db80..025381bcc0 100644
--- a/src/lib/libcrypto/pem/pvkfmt.c
+++ b/src/lib/libcrypto/pem/pvkfmt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pvkfmt.c,v 1.12 2014/10/22 13:02:04 jsing Exp $ */ 1/* $OpenBSD: pvkfmt.c,v 1.13 2015/05/15 11:00:14 jsg Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005. 3 * project 2005.
4 */ 4 */
@@ -731,17 +731,16 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen,
731 inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); 731 inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
732 if (inlen <= 0) { 732 if (inlen <= 0) {
733 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ); 733 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);
734 return NULL; 734 goto err;
735 } 735 }
736 enctmp = malloc(keylen + 8); 736 enctmp = malloc(keylen + 8);
737 if (!enctmp) { 737 if (!enctmp) {
738 PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE); 738 PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
739 return NULL; 739 goto err;
740 } 740 }
741 if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf, 741 if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf,
742 inlen)) { 742 inlen)) {
743 free(enctmp); 743 goto err;
744 return NULL;
745 } 744 }
746 p += saltlen; 745 p += saltlen;
747 /* Copy BLOBHEADER across, decrypt rest */ 746 /* Copy BLOBHEADER across, decrypt rest */
@@ -749,8 +748,7 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen,
749 p += 8; 748 p += 8;
750 if (keylen < 8) { 749 if (keylen < 8) {
751 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); 750 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
752 free(enctmp); 751 goto err;
753 return NULL;
754 } 752 }
755 inlen = keylen - 8; 753 inlen = keylen - 8;
756 q = enctmp + 8; 754 q = enctmp + 8;
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c
index 13be237b4c..4cccf43d3f 100644
--- a/src/lib/libcrypto/pkcs12/p12_decr.c
+++ b/src/lib/libcrypto/pkcs12/p12_decr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p12_decr.c,v 1.14 2015/02/14 12:43:07 miod Exp $ */ 1/* $OpenBSD: p12_decr.c,v 1.15 2015/05/15 11:00:14 jsg Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -77,9 +77,10 @@ PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen,
77 /* Decrypt data */ 77 /* Decrypt data */
78 if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, 78 if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
79 algor->parameter, &ctx, en_de)) { 79 algor->parameter, &ctx, en_de)) {
80 out = NULL;
80 PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, 81 PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
81 PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); 82 PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
82 return NULL; 83 goto err;
83 } 84 }
84 85
85 if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { 86 if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-02 10:42:28 +0000