Check CMS API return value in openssl(1) cms

ok jsing@
author: inoguchi <> 2020-01-04 14:17:55 +0000
committer: inoguchi <> 2020-01-04 14:17:55 +0000
commit: 14041540b59c54f88f0da2ebddc34c220df63c5e (patch)
tree: 562bd6a2cc6c4f111b2f0fe5f2b180c6caf33002 /src
parent: a94d44e4bd5a37d23bbb015842ec2fa2ecca394f (diff)
download: openbsd-14041540b59c54f88f0da2ebddc34c220df63c5e.tar.gz
openbsd-14041540b59c54f88f0da2ebddc34c220df63c5e.tar.bz2
openbsd-14041540b59c54f88f0da2ebddc34c220df63c5e.zip
1 files changed, 21 insertions, 11 deletions
diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c
index 3762842b74..cad8556730 100644
--- a/src/usr.bin/openssl/cms.c
+++ b/src/usr.bin/openssl/cms.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms.c,v 1.16 2019/11/19 10:28:18 inoguchi Exp $ */
+/* $OpenBSD: cms.c,v 1.17 2020/01/04 14:17:55 inoguchi Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -734,7 +734,8 @@ cms_main(int argc, char **argv)
                }
                if (certsoutfile) {
                        STACK_OF(X509) *allcerts;
-                        allcerts = CMS_get1_certs(cms);
+                        if ((allcerts = CMS_get1_certs(cms)) == NULL)
+                                goto end;
                        if (!save_certs(certsoutfile, allcerts)) {
                                BIO_printf(bio_err,
                                    "Error writing certs to %s\n",
@@ -816,7 +817,8 @@ cms_main(int argc, char **argv)
                                goto end;
                        if (kparam != NULL) {
                                EVP_PKEY_CTX *pctx;
-                                pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+                                if ((pctx = CMS_RecipientInfo_get0_pkey_ctx(ri)) == NULL)
+                                        goto end;
                                if (!cms_set_pkey_param(pctx, kparam->param))
                                        goto end;
                        }
@@ -878,7 +880,8 @@ cms_main(int argc, char **argv)
                        if (!cms)
                                goto end;
                        if (econtent_type)
-                                CMS_set1_eContentType(cms, econtent_type);
+                                if (!CMS_set1_eContentType(cms, econtent_type))
+                                        goto end;
                        if (rr_to) {
                                rr = make_receipt_request(rr_to, rr_allorfirst,
@@ -917,7 +920,8 @@ cms_main(int argc, char **argv)
                                goto end;
                        if (kparam != NULL) {
                                EVP_PKEY_CTX *pctx;
-                                pctx = CMS_SignerInfo_get0_pkey_ctx(si);
+                                if ((pctx = CMS_SignerInfo_get0_pkey_ctx(si)) == NULL)
+                                        goto end;
                                if (!cms_set_pkey_param(pctx, kparam->param))
                                        goto end;
                        }
@@ -997,7 +1001,8 @@ cms_main(int argc, char **argv)
                }
                if (signerfile) {
                        STACK_OF(X509) *signers;
-                        signers = CMS_get0_signers(cms);
+                        if ((signers = CMS_get0_signers(cms)) == NULL)
+                                goto end;
                        if (!save_certs(signerfile, signers)) {
                                BIO_printf(bio_err,
                                    "Error writing signers to %s\n",
@@ -1019,8 +1024,9 @@ cms_main(int argc, char **argv)
                }
        } else {
                if (noout) {
-                        if (print)
+                        if (print &&
-                                CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
+                            !CMS_ContentInfo_print_ctx(out, cms, 0, NULL))
+                                goto end;
                } else if (outformat == FORMAT_SMIME) {
                        if (to)
                                BIO_printf(out, "To: %s\n", to);
@@ -1153,7 +1159,8 @@ receipt_request_print(BIO *out, CMS_ContentInfo *cms)
        ASN1_STRING *scid;
        int i, rv;
-        sis = CMS_get0_SignerInfos(cms);
+        if ((sis = CMS_get0_SignerInfos(cms)) == NULL)
+                return;
        for (i = 0; i < sk_CMS_SignerInfo_num(sis); i++) {
                si = sk_CMS_SignerInfo_value(sis, i);
                rv = CMS_get1_ReceiptRequest(si, &rr);
@@ -1242,8 +1249,11 @@ make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst,
                        goto err;
        } else
                rct_from = NULL;
-        rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
-            rct_to);
+        if ((rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
+            rct_to)) == NULL)
+                goto err;
        return rr;
 err:
author	inoguchi <>	2020-01-04 14:17:55 +0000
committer	inoguchi <>	2020-01-04 14:17:55 +0000
commit	14041540b59c54f88f0da2ebddc34c220df63c5e (patch)
tree	562bd6a2cc6c4f111b2f0fe5f2b180c6caf33002 /src
parent	a94d44e4bd5a37d23bbb015842ec2fa2ecca394f (diff)
download	openbsd-14041540b59c54f88f0da2ebddc34c220df63c5e.tar.gz openbsd-14041540b59c54f88f0da2ebddc34c220df63c5e.tar.bz2 openbsd-14041540b59c54f88f0da2ebddc34c220df63c5e.zip

diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c index 3762842b74..cad8556730 100644 --- a/src/usr.bin/openssl/cms.c +++ b/src/usr.bin/openssl/cms.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: cms.c,v 1.16 2019/11/19 10:28:18 inoguchi Exp $ */	1	/* $OpenBSD: cms.c,v 1.17 2020/01/04 14:17:55 inoguchi Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project.	3	* project.
4	*/	4	*/
@@ -734,7 +734,8 @@ cms_main(int argc, char **argv)
734	}	734	}
735	if (certsoutfile) {	735	if (certsoutfile) {
736	STACK_OF(X509) *allcerts;	736	STACK_OF(X509) *allcerts;
737	allcerts = CMS_get1_certs(cms);	737	if ((allcerts = CMS_get1_certs(cms)) == NULL)
		738	goto end;
738	if (!save_certs(certsoutfile, allcerts)) {	739	if (!save_certs(certsoutfile, allcerts)) {
739	BIO_printf(bio_err,	740	BIO_printf(bio_err,
740	"Error writing certs to %s\n",	741	"Error writing certs to %s\n",
@@ -816,7 +817,8 @@ cms_main(int argc, char **argv)
816	goto end;	817	goto end;
817	if (kparam != NULL) {	818	if (kparam != NULL) {
818	EVP_PKEY_CTX *pctx;	819	EVP_PKEY_CTX *pctx;
819	pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);	820	if ((pctx = CMS_RecipientInfo_get0_pkey_ctx(ri)) == NULL)
		821	goto end;
820	if (!cms_set_pkey_param(pctx, kparam->param))	822	if (!cms_set_pkey_param(pctx, kparam->param))
821	goto end;	823	goto end;
822	}	824	}
@@ -878,7 +880,8 @@ cms_main(int argc, char **argv)
878	if (!cms)	880	if (!cms)
879	goto end;	881	goto end;
880	if (econtent_type)	882	if (econtent_type)
881	CMS_set1_eContentType(cms, econtent_type);	883	if (!CMS_set1_eContentType(cms, econtent_type))
		884	goto end;
882		885
883	if (rr_to) {	886	if (rr_to) {
884	rr = make_receipt_request(rr_to, rr_allorfirst,	887	rr = make_receipt_request(rr_to, rr_allorfirst,
@@ -917,7 +920,8 @@ cms_main(int argc, char **argv)
917	goto end;	920	goto end;
918	if (kparam != NULL) {	921	if (kparam != NULL) {
919	EVP_PKEY_CTX *pctx;	922	EVP_PKEY_CTX *pctx;
920	pctx = CMS_SignerInfo_get0_pkey_ctx(si);	923	if ((pctx = CMS_SignerInfo_get0_pkey_ctx(si)) == NULL)
		924	goto end;
921	if (!cms_set_pkey_param(pctx, kparam->param))	925	if (!cms_set_pkey_param(pctx, kparam->param))
922	goto end;	926	goto end;
923	}	927	}
@@ -997,7 +1001,8 @@ cms_main(int argc, char **argv)
997	}	1001	}
998	if (signerfile) {	1002	if (signerfile) {
999	STACK_OF(X509) *signers;	1003	STACK_OF(X509) *signers;
1000	signers = CMS_get0_signers(cms);	1004	if ((signers = CMS_get0_signers(cms)) == NULL)
		1005	goto end;
1001	if (!save_certs(signerfile, signers)) {	1006	if (!save_certs(signerfile, signers)) {
1002	BIO_printf(bio_err,	1007	BIO_printf(bio_err,
1003	"Error writing signers to %s\n",	1008	"Error writing signers to %s\n",
@@ -1019,8 +1024,9 @@ cms_main(int argc, char **argv)
1019	}	1024	}
1020	} else {	1025	} else {
1021	if (noout) {	1026	if (noout) {
1022	if (print)	1027	if (print &&
1023	CMS_ContentInfo_print_ctx(out, cms, 0, NULL);	1028	!CMS_ContentInfo_print_ctx(out, cms, 0, NULL))
		1029	goto end;
1024	} else if (outformat == FORMAT_SMIME) {	1030	} else if (outformat == FORMAT_SMIME) {
1025	if (to)	1031	if (to)
1026	BIO_printf(out, "To: %s\n", to);	1032	BIO_printf(out, "To: %s\n", to);
@@ -1153,7 +1159,8 @@ receipt_request_print(BIO out, CMS_ContentInfo cms)
1153	ASN1_STRING *scid;	1159	ASN1_STRING *scid;
1154	int i, rv;	1160	int i, rv;
1155		1161
1156	sis = CMS_get0_SignerInfos(cms);	1162	if ((sis = CMS_get0_SignerInfos(cms)) == NULL)
		1163	return;
1157	for (i = 0; i < sk_CMS_SignerInfo_num(sis); i++) {	1164	for (i = 0; i < sk_CMS_SignerInfo_num(sis); i++) {
1158	si = sk_CMS_SignerInfo_value(sis, i);	1165	si = sk_CMS_SignerInfo_value(sis, i);
1159	rv = CMS_get1_ReceiptRequest(si, &rr);	1166	rv = CMS_get1_ReceiptRequest(si, &rr);
@@ -1242,8 +1249,11 @@ make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst,
1242	goto err;	1249	goto err;
1243	} else	1250	} else
1244	rct_from = NULL;	1251	rct_from = NULL;
1245	rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,	1252
1246	rct_to);	1253	if ((rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
		1254	rct_to)) == NULL)
		1255	goto err;
		1256
1247	return rr;	1257	return rr;
1248		1258
1249	err:	1259	err: