BN_CTX_get() can fail - consistently check its return value.

There are currently cases where the return from each call is checked, the return from only the last call is checked and cases where it is not checked at all (including code in bn, ec and engine). Checking the last return value is valid as once the function fails it will continue to return NULL. However, in order to be consistent check each call with the same idiom. This makes it easy to verify. Note there are still a handful of cases that do not follow the idiom - these will be handled separately. ok beck@ doug@
author: jsing <> 2015-02-09 15:49:22 +0000
committer: jsing <> 2015-02-09 15:49:22 +0000
commit: 16f790d01f7a6fc6c94e2a033a67b80c8ec5291c (patch)
tree: d924c624d5eb949a9e7e395dc99d92616e911ce9 /src/lib/libcrypto/bn/bn_gcd.c
parent: 42f7780549de5b7b5e3e7943cfef87e0e41970fc (diff)
download: openbsd-16f790d01f7a6fc6c94e2a033a67b80c8ec5291c.tar.gz
openbsd-16f790d01f7a6fc6c94e2a033a67b80c8ec5291c.tar.bz2
openbsd-16f790d01f7a6fc6c94e2a033a67b80c8ec5291c.zip
1 files changed, 30 insertions, 20 deletions
diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c
index 379bea99ad..da9c29a8e5 100644
--- a/src/lib/libcrypto/bn/bn_gcd.c
+++ b/src/lib/libcrypto/bn/bn_gcd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_gcd.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -125,9 +125,9 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
        bn_check_top(in_b);
        BN_CTX_start(ctx);
-        a = BN_CTX_get(ctx);
+        if ((a = BN_CTX_get(ctx)) == NULL)
-        b = BN_CTX_get(ctx);
+                goto err;
-        if (a == NULL || b == NULL)
+        if ((b = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (BN_copy(a, in_a) == NULL)
@@ -247,14 +247,19 @@ BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
        bn_check_top(n);
        BN_CTX_start(ctx);
-        A = BN_CTX_get(ctx);
+        if ((A = BN_CTX_get(ctx)) == NULL)
-        B = BN_CTX_get(ctx);
+                goto err;
-        X = BN_CTX_get(ctx);
+        if ((B = BN_CTX_get(ctx)) == NULL)
-        D = BN_CTX_get(ctx);
+                goto err;
-        M = BN_CTX_get(ctx);
+        if ((X = BN_CTX_get(ctx)) == NULL)
-        Y = BN_CTX_get(ctx);
+                goto err;
-        T = BN_CTX_get(ctx);
+        if ((D = BN_CTX_get(ctx)) == NULL)
-        if (T == NULL)
+                goto err;
+        if ((M = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((Y = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((T = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (in == NULL)
@@ -537,14 +542,19 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
        bn_check_top(n);
        BN_CTX_start(ctx);
-        A = BN_CTX_get(ctx);
+        if ((A = BN_CTX_get(ctx)) == NULL)
-        B = BN_CTX_get(ctx);
+                goto err;
-        X = BN_CTX_get(ctx);
+        if ((B = BN_CTX_get(ctx)) == NULL)
-        D = BN_CTX_get(ctx);
+                goto err;
-        M = BN_CTX_get(ctx);
+        if ((X = BN_CTX_get(ctx)) == NULL)
-        Y = BN_CTX_get(ctx);
+                goto err;
-        T = BN_CTX_get(ctx);
+        if ((D = BN_CTX_get(ctx)) == NULL)
-        if (T == NULL)
+                goto err;
+        if ((M = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((Y = BN_CTX_get(ctx)) == NULL)
+                goto err;
+        if ((T = BN_CTX_get(ctx)) == NULL)
                goto err;
        if (in == NULL)
author	jsing <>	2015-02-09 15:49:22 +0000
committer	jsing <>	2015-02-09 15:49:22 +0000
commit	16f790d01f7a6fc6c94e2a033a67b80c8ec5291c (patch)
tree	d924c624d5eb949a9e7e395dc99d92616e911ce9 /src/lib/libcrypto/bn/bn_gcd.c
parent	42f7780549de5b7b5e3e7943cfef87e0e41970fc (diff)
download	openbsd-16f790d01f7a6fc6c94e2a033a67b80c8ec5291c.tar.gz openbsd-16f790d01f7a6fc6c94e2a033a67b80c8ec5291c.tar.bz2 openbsd-16f790d01f7a6fc6c94e2a033a67b80c8ec5291c.zip

diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c index 379bea99ad..da9c29a8e5 100644 --- a/src/lib/libcrypto/bn/bn_gcd.c +++ b/src/lib/libcrypto/bn/bn_gcd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_gcd.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */	1	/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -125,9 +125,9 @@ BN_gcd(BIGNUM r, const BIGNUM in_a, const BIGNUM in_b, BN_CTX ctx)
125	bn_check_top(in_b);	125	bn_check_top(in_b);
126		126
127	BN_CTX_start(ctx);	127	BN_CTX_start(ctx);
128	a = BN_CTX_get(ctx);	128	if ((a = BN_CTX_get(ctx)) == NULL)
129	b = BN_CTX_get(ctx);	129	goto err;
130	if (a == NULL \|\| b == NULL)	130	if ((b = BN_CTX_get(ctx)) == NULL)
131	goto err;	131	goto err;
132		132
133	if (BN_copy(a, in_a) == NULL)	133	if (BN_copy(a, in_a) == NULL)
@@ -247,14 +247,19 @@ BN_mod_inverse(BIGNUM in, const BIGNUM a, const BIGNUM n, BN_CTX ctx)
247	bn_check_top(n);	247	bn_check_top(n);
248		248
249	BN_CTX_start(ctx);	249	BN_CTX_start(ctx);
250	A = BN_CTX_get(ctx);	250	if ((A = BN_CTX_get(ctx)) == NULL)
251	B = BN_CTX_get(ctx);	251	goto err;
252	X = BN_CTX_get(ctx);	252	if ((B = BN_CTX_get(ctx)) == NULL)
253	D = BN_CTX_get(ctx);	253	goto err;
254	M = BN_CTX_get(ctx);	254	if ((X = BN_CTX_get(ctx)) == NULL)
255	Y = BN_CTX_get(ctx);	255	goto err;
256	T = BN_CTX_get(ctx);	256	if ((D = BN_CTX_get(ctx)) == NULL)
257	if (T == NULL)	257	goto err;
		258	if ((M = BN_CTX_get(ctx)) == NULL)
		259	goto err;
		260	if ((Y = BN_CTX_get(ctx)) == NULL)
		261	goto err;
		262	if ((T = BN_CTX_get(ctx)) == NULL)
258	goto err;	263	goto err;
259		264
260	if (in == NULL)	265	if (in == NULL)
@@ -537,14 +542,19 @@ BN_mod_inverse_no_branch(BIGNUM in, const BIGNUM a, const BIGNUM *n,
537	bn_check_top(n);	542	bn_check_top(n);
538		543
539	BN_CTX_start(ctx);	544	BN_CTX_start(ctx);
540	A = BN_CTX_get(ctx);	545	if ((A = BN_CTX_get(ctx)) == NULL)
541	B = BN_CTX_get(ctx);	546	goto err;
542	X = BN_CTX_get(ctx);	547	if ((B = BN_CTX_get(ctx)) == NULL)
543	D = BN_CTX_get(ctx);	548	goto err;
544	M = BN_CTX_get(ctx);	549	if ((X = BN_CTX_get(ctx)) == NULL)
545	Y = BN_CTX_get(ctx);	550	goto err;
546	T = BN_CTX_get(ctx);	551	if ((D = BN_CTX_get(ctx)) == NULL)
547	if (T == NULL)	552	goto err;
		553	if ((M = BN_CTX_get(ctx)) == NULL)
		554	goto err;
		555	if ((Y = BN_CTX_get(ctx)) == NULL)
		556	goto err;
		557	if ((T = BN_CTX_get(ctx)) == NULL)
548	goto err;	558	goto err;
549		559
550	if (in == NULL)	560	if (in == NULL)