rsa_priv_encode: plug leak on PKCS8_pkey_set0() failure

Change the code to use safer idioms and avoid nested function calls. ok jsing
author: tb <> 2023-08-10 09:36:37 +0000
committer: tb <> 2023-08-10 09:36:37 +0000
commit: 0c08015642e4fb2a5ce32565ab942ffc9579d487 (patch)
tree: 645163b671a71474f8e6f2df15ee1b735dce1d07 /src
parent: 6fffbab1235c36f552a36cd026ebffdfdc63bd59 (diff)
download: openbsd-0c08015642e4fb2a5ce32565ab942ffc9579d487.tar.gz
openbsd-0c08015642e4fb2a5ce32565ab942ffc9579d487.tar.bz2
openbsd-0c08015642e4fb2a5ce32565ab942ffc9579d487.zip
1 files changed, 19 insertions, 15 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_ameth.c b/src/lib/libcrypto/rsa/rsa_ameth.c
index 825a9f4447..737bba7366 100644
--- a/src/lib/libcrypto/rsa/rsa_ameth.c
+++ b/src/lib/libcrypto/rsa/rsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_ameth.c,v 1.30 2023/07/07 06:59:18 tb Exp $ */
+/* $OpenBSD: rsa_ameth.c,v 1.31 2023/08/10 09:36:37 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -212,29 +212,33 @@ old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
 static int
 rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
 {
-        unsigned char *rk = NULL;
+        ASN1_STRING *str = NULL;
-        int rklen;
+        ASN1_OBJECT *aobj;
-        ASN1_STRING *str;
        int strtype;
+        unsigned char *rk = NULL;
+        int rklen = 0;
        if (!rsa_param_encode(pkey, &str, &strtype))
-                return 0;
+                goto err;
+        if ((rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk)) <= 0) {
-        rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
-        if (rklen <= 0) {
                RSAerror(ERR_R_MALLOC_FAILURE);
-                ASN1_STRING_free(str);
+                rklen = 0;
-                return 0;
+                goto err;
        }
+        if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL)
-        if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0,
+                goto err;
-            strtype, str, rk, rklen)) {
+        if (!PKCS8_pkey_set0(p8, aobj, 0, strtype, str, rk, rklen)) {
                RSAerror(ERR_R_MALLOC_FAILURE);
-                ASN1_STRING_free(str);
+                goto err;
-                return 0;
        }
        return 1;
+ err:
+        ASN1_STRING_free(str);
+        freezero(rk, rklen);
+        return 0;
 }
 static int
author	tb <>	2023-08-10 09:36:37 +0000
committer	tb <>	2023-08-10 09:36:37 +0000
commit	0c08015642e4fb2a5ce32565ab942ffc9579d487 (patch)
tree	645163b671a71474f8e6f2df15ee1b735dce1d07 /src
parent	6fffbab1235c36f552a36cd026ebffdfdc63bd59 (diff)
download	openbsd-0c08015642e4fb2a5ce32565ab942ffc9579d487.tar.gz openbsd-0c08015642e4fb2a5ce32565ab942ffc9579d487.tar.bz2 openbsd-0c08015642e4fb2a5ce32565ab942ffc9579d487.zip

diff --git a/src/lib/libcrypto/rsa/rsa_ameth.c b/src/lib/libcrypto/rsa/rsa_ameth.c index 825a9f4447..737bba7366 100644 --- a/src/lib/libcrypto/rsa/rsa_ameth.c +++ b/src/lib/libcrypto/rsa/rsa_ameth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_ameth.c,v 1.30 2023/07/07 06:59:18 tb Exp $ */	1	/* $OpenBSD: rsa_ameth.c,v 1.31 2023/08/10 09:36:37 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -212,29 +212,33 @@ old_rsa_priv_encode(const EVP_PKEY pkey, unsigned char *pder)
212	static int	212	static int
213	rsa_priv_encode(PKCS8_PRIV_KEY_INFO p8, const EVP_PKEY pkey)	213	rsa_priv_encode(PKCS8_PRIV_KEY_INFO p8, const EVP_PKEY pkey)
214	{	214	{
215	unsigned char *rk = NULL;	215	ASN1_STRING *str = NULL;
216	int rklen;	216	ASN1_OBJECT *aobj;
217	ASN1_STRING *str;
218	int strtype;	217	int strtype;
		218	unsigned char *rk = NULL;
		219	int rklen = 0;
219		220
220	if (!rsa_param_encode(pkey, &str, &strtype))	221	if (!rsa_param_encode(pkey, &str, &strtype))
221	return 0;	222	goto err;
222		223	if ((rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk)) <= 0) {
223	rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
224	if (rklen <= 0) {
225	RSAerror(ERR_R_MALLOC_FAILURE);	224	RSAerror(ERR_R_MALLOC_FAILURE);
226	ASN1_STRING_free(str);	225	rklen = 0;
227	return 0;	226	goto err;
228	}	227	}
229		228	if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL)
230	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0,	229	goto err;
231	strtype, str, rk, rklen)) {	230	if (!PKCS8_pkey_set0(p8, aobj, 0, strtype, str, rk, rklen)) {
232	RSAerror(ERR_R_MALLOC_FAILURE);	231	RSAerror(ERR_R_MALLOC_FAILURE);
233	ASN1_STRING_free(str);	232	goto err;
234	return 0;
235	}	233	}
236		234
237	return 1;	235	return 1;
		236
		237	err:
		238	ASN1_STRING_free(str);
		239	freezero(rk, rklen);
		240
		241	return 0;
238	}	242	}
239		243
240	static int	244	static int