diff options
| author | tb <> | 2022-08-31 07:12:30 +0000 |
|---|---|---|
| committer | tb <> | 2022-08-31 07:12:30 +0000 |
| commit | 77eac0ad9b595b925f07dc5b13a0538ec6557aba (patch) | |
| tree | 6bdb4af846630524bbd90f1bf47734971b790b25 /src/usr.bin | |
| parent | 7e8f0de8850e4d835fd9bc12ef540caeef22e9ad (diff) | |
| download | openbsd-77eac0ad9b595b925f07dc5b13a0538ec6557aba.tar.gz openbsd-77eac0ad9b595b925f07dc5b13a0538ec6557aba.tar.bz2 openbsd-77eac0ad9b595b925f07dc5b13a0538ec6557aba.zip | |
Check return values in ssl_print_tmp_key()
Use EVP_PKEY_get0_EC_KEY() instead of the get1 version to avoid an
EVP_PKEY_free(). Check return values: if either EVP_PKEY_get0_EC_KEY()
or EC_KEY_get0_group() fail, a NULL dereference occurs.
CID 43289
ok jsing
Diffstat (limited to 'src/usr.bin')
| -rw-r--r-- | src/usr.bin/openssl/s_cb.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/usr.bin/openssl/s_cb.c b/src/usr.bin/openssl/s_cb.c index ffaa4c5b4d..73f45c25c5 100644 --- a/src/usr.bin/openssl/s_cb.c +++ b/src/usr.bin/openssl/s_cb.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s_cb.c,v 1.19 2022/08/30 20:40:14 tb Exp $ */ | 1 | /* $OpenBSD: s_cb.c,v 1.20 2022/08/31 07:12:30 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -264,6 +264,7 @@ ssl_print_tmp_key(BIO *out, SSL *s) | |||
| 264 | const char *cname; | 264 | const char *cname; |
| 265 | EVP_PKEY *pkey; | 265 | EVP_PKEY *pkey; |
| 266 | EC_KEY *ec; | 266 | EC_KEY *ec; |
| 267 | const EC_GROUP *group; | ||
| 267 | int nid; | 268 | int nid; |
| 268 | 269 | ||
| 269 | if (!SSL_get_server_tmp_key(s, &pkey)) | 270 | if (!SSL_get_server_tmp_key(s, &pkey)) |
| @@ -276,9 +277,12 @@ ssl_print_tmp_key(BIO *out, SSL *s) | |||
| 276 | break; | 277 | break; |
| 277 | 278 | ||
| 278 | case EVP_PKEY_EC: | 279 | case EVP_PKEY_EC: |
| 279 | ec = EVP_PKEY_get1_EC_KEY(pkey); | 280 | if ((ec = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) |
| 280 | nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); | 281 | goto err; |
| 281 | EC_KEY_free(ec); | 282 | if ((group = EC_KEY_get0_group(ec)) == NULL) |
| 283 | goto err; | ||
| 284 | |||
| 285 | nid = EC_GROUP_get_curve_name(group); | ||
| 282 | 286 | ||
| 283 | if ((cname = EC_curve_nid2nist(nid)) == NULL) | 287 | if ((cname = EC_curve_nid2nist(nid)) == NULL) |
| 284 | cname = OBJ_nid2sn(nid); | 288 | cname = OBJ_nid2sn(nid); |
| @@ -291,6 +295,7 @@ ssl_print_tmp_key(BIO *out, SSL *s) | |||
| 291 | EVP_PKEY_bits(pkey)); | 295 | EVP_PKEY_bits(pkey)); |
| 292 | } | 296 | } |
| 293 | 297 | ||
| 298 | err: | ||
| 294 | EVP_PKEY_free(pkey); | 299 | EVP_PKEY_free(pkey); |
| 295 | return 1; | 300 | return 1; |
| 296 | } | 301 | } |