Convert {DH,DSA}_new_method() to using calloc()

Due to OPENSSL_NO_ENGINE the engine member of dh and dsa is currently uninitialized. As a consequence, {DH,DSA}_get0_engine() will return a garbage pointer, which is particularly bad because the only reason we kept them in the first place is that they are used by some software... A side effect of freeing with {DH,DSA}_free() instead of a hand-rolled version is that we may call ->meth->finish() before ->meth->init() was called. We need a NULL check for ->meth to be on the safe side in case we should need to bring ENGINE back. with nits from djm ok deraadt djm
author: tb <> 2023-08-12 06:14:36 +0000
committer: tb <> 2023-08-12 06:14:36 +0000
commit: 7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566 (patch)
tree: 8a0516229988a4b4d44324162099ad13ebef80fa /src
parent: dc545d973cd674616909f2370a243a5ca42d85d1 (diff)
download: openbsd-7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566.tar.gz
openbsd-7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566.tar.bz2
openbsd-7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566.zip
2 files changed, 54 insertions, 83 deletions
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 987f0b1f7a..6e53df9177 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_lib.c,v 1.39 2023/07/08 15:29:03 beck Exp $ */
+/* $OpenBSD: dh_lib.c,v 1.40 2023/08/12 06:14:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -122,61 +122,47 @@ LCRYPTO_ALIAS(DH_new);
 DH *
 DH_new_method(ENGINE *engine)
 {
-        DH *ret;
+        DH *dh;
-        ret = malloc(sizeof(DH));
+        if ((dh = calloc(1, sizeof(*dh))) == NULL) {
-        if (ret == NULL) {
                DHerror(ERR_R_MALLOC_FAILURE);
-                return NULL;
+                goto err;
        }
-        ret->meth = DH_get_default_method();
+        dh->meth = DH_get_default_method();
+        dh->flags = dh->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
+        dh->references = 1;
 #ifndef OPENSSL_NO_ENGINE
-        if (engine) {
+        if (engine != NULL) {
                if (!ENGINE_init(engine)) {
                        DHerror(ERR_R_ENGINE_LIB);
-                        free(ret);
+                        goto err;
-                        return NULL;
                }
-                ret->engine = engine;
+                dh->engine = engine;
        } else
-                ret->engine = ENGINE_get_default_DH();
+                dh->engine = ENGINE_get_default_DH();
-        if(ret->engine) {
+        if (dh->engine != NULL) {
-                ret->meth = ENGINE_get_DH(ret->engine);
+                if ((dh->meth = ENGINE_get_DH(dh->engine)) == NULL) {
-                if (ret->meth == NULL) {
                        DHerror(ERR_R_ENGINE_LIB);
-                        ENGINE_finish(ret->engine);
+                        goto err;
-                        free(ret);
-                        return NULL;
                }
+                dh->flags = dh->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
        }
 #endif
-        ret->pad = 0;
+        if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, dh, &dh->ex_data))
-        ret->version = 0;
+                goto err;
-        ret->p = NULL;
-        ret->g = NULL;
+        if (dh->meth->init != NULL && !dh->meth->init(dh))
-        ret->length = 0;
+                goto err;
-        ret->pub_key = NULL;
-        ret->priv_key = NULL;
+        return dh;
-        ret->q = NULL;
-        ret->j = NULL;
+ err:
-        ret->seed = NULL;
+        DH_free(dh);
-        ret->seedlen = 0;
-        ret->counter = NULL;
+        return NULL;
-        ret->method_mont_p=NULL;
-        ret->references = 1;
-        ret->flags = ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
-        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-        if (ret->meth->init != NULL && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-                ENGINE_finish(ret->engine);
-#endif
-                CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-                free(ret);
-                ret = NULL;
-        }
-        return ret;
 }
 LCRYPTO_ALIAS(DH_new_method);
@@ -191,7 +177,7 @@ DH_free(DH *r)
        if (i > 0)
                return;
-        if (r->meth->finish)
+        if (r->meth != NULL && r->meth->finish != NULL)
                r->meth->finish(r);
 #ifndef OPENSSL_NO_ENGINE
        ENGINE_finish(r->engine);
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 46a7dbcfbe..a9d2179aeb 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_lib.c,v 1.43 2023/07/08 14:28:15 beck Exp $ */
+/* $OpenBSD: dsa_lib.c,v 1.44 2023/08/12 06:14:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -127,61 +127,46 @@ LCRYPTO_ALIAS(DSA_set_method);
 DSA *
 DSA_new_method(ENGINE *engine)
 {
-        DSA *ret;
+        DSA *dsa;
-        ret = malloc(sizeof(DSA));
+        if ((dsa = calloc(1, sizeof(DSA))) == NULL) {
-        if (ret == NULL) {
                DSAerror(ERR_R_MALLOC_FAILURE);
-                return NULL;
+                goto err;
        }
-        ret->meth = DSA_get_default_method();
+        dsa->meth = DSA_get_default_method();
+        dsa->flags = dsa->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
+        dsa->references = 1;
 #ifndef OPENSSL_NO_ENGINE
        if (engine) {
                if (!ENGINE_init(engine)) {
                        DSAerror(ERR_R_ENGINE_LIB);
-                        free(ret);
+                        goto err;
-                        return NULL;
                }
-                ret->engine = engine;
+                dsa->engine = engine;
        } else
-                ret->engine = ENGINE_get_default_DSA();
+                dsa->engine = ENGINE_get_default_DSA();
-        if (ret->engine) {
+        if (dsa->engine != NULL) {
-                ret->meth = ENGINE_get_DSA(ret->engine);
+                if ((dsa->meth = ENGINE_get_DSA(dsa->engine)) == NULL) {
-                if (ret->meth == NULL) {
                        DSAerror(ERR_R_ENGINE_LIB);
-                        ENGINE_finish(ret->engine);
+                        goto err;
-                        free(ret);
-                        return NULL;
                }
+                dsa->flags = dsa->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
        }
 #endif
-        ret->pad = 0;
+        if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data))
-        ret->version = 0;
+                goto err;
-        ret->p = NULL;
+        if (dsa->meth->init != NULL && !dsa->meth->init(dsa))
-        ret->q = NULL;
+                goto err;
-        ret->g = NULL;
-        ret->pub_key = NULL;
-        ret->priv_key = NULL;
-        ret->kinv = NULL;
+        return dsa;
-        ret->r = NULL;
-        ret->method_mont_p = NULL;
-        ret->references = 1;
+ err:
-        ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
+        DSA_free(dsa);
-        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-        if (ret->meth->init != NULL && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-                ENGINE_finish(ret->engine);
-#endif
-                CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-                free(ret);
-                ret = NULL;
-        }
-        return ret;
+        return NULL;
 }
 LCRYPTO_ALIAS(DSA_new_method);
@@ -197,7 +182,7 @@ DSA_free(DSA *r)
        if (i > 0)
                return;
-        if (r->meth->finish)
+        if (r->meth != NULL && r->meth->finish != NULL)
                r->meth->finish(r);
 #ifndef OPENSSL_NO_ENGINE
        ENGINE_finish(r->engine);
author	tb <>	2023-08-12 06:14:36 +0000
committer	tb <>	2023-08-12 06:14:36 +0000
commit	7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566 (patch)
tree	8a0516229988a4b4d44324162099ad13ebef80fa /src
parent	dc545d973cd674616909f2370a243a5ca42d85d1 (diff)
download	openbsd-7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566.tar.gz openbsd-7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566.tar.bz2 openbsd-7dd9dcbc7a655f702d9a2f3f641a158d5f2d2566.zip

diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c index 987f0b1f7a..6e53df9177 100644 --- a/src/lib/libcrypto/dh/dh_lib.c +++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dh_lib.c,v 1.39 2023/07/08 15:29:03 beck Exp $ */	1	/* $OpenBSD: dh_lib.c,v 1.40 2023/08/12 06:14:36 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -122,61 +122,47 @@ LCRYPTO_ALIAS(DH_new);
122	DH *	122	DH *
123	DH_new_method(ENGINE *engine)	123	DH_new_method(ENGINE *engine)
124	{	124	{
125	DH *ret;	125	DH *dh;
126		126
127	ret = malloc(sizeof(DH));	127	if ((dh = calloc(1, sizeof(*dh))) == NULL) {
128	if (ret == NULL) {
129	DHerror(ERR_R_MALLOC_FAILURE);	128	DHerror(ERR_R_MALLOC_FAILURE);
130	return NULL;	129	goto err;
131	}	130	}
132		131
133	ret->meth = DH_get_default_method();	132	dh->meth = DH_get_default_method();
		133	dh->flags = dh->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
		134	dh->references = 1;
		135
134	#ifndef OPENSSL_NO_ENGINE	136	#ifndef OPENSSL_NO_ENGINE
135	if (engine) {	137	if (engine != NULL) {
136	if (!ENGINE_init(engine)) {	138	if (!ENGINE_init(engine)) {
137	DHerror(ERR_R_ENGINE_LIB);	139	DHerror(ERR_R_ENGINE_LIB);
138	free(ret);	140	goto err;
139	return NULL;
140	}	141	}
141	ret->engine = engine;	142	dh->engine = engine;
142	} else	143	} else
143	ret->engine = ENGINE_get_default_DH();	144	dh->engine = ENGINE_get_default_DH();
144	if(ret->engine) {	145	if (dh->engine != NULL) {
145	ret->meth = ENGINE_get_DH(ret->engine);	146	if ((dh->meth = ENGINE_get_DH(dh->engine)) == NULL) {
146	if (ret->meth == NULL) {
147	DHerror(ERR_R_ENGINE_LIB);	147	DHerror(ERR_R_ENGINE_LIB);
148	ENGINE_finish(ret->engine);	148	goto err;
149	free(ret);
150	return NULL;
151	}	149	}
		150	dh->flags = dh->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
152	}	151	}
153	#endif	152	#endif
154		153
155	ret->pad = 0;	154	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, dh, &dh->ex_data))
156	ret->version = 0;	155	goto err;
157	ret->p = NULL;	156
158	ret->g = NULL;	157	if (dh->meth->init != NULL && !dh->meth->init(dh))
159	ret->length = 0;	158	goto err;
160	ret->pub_key = NULL;	159
161	ret->priv_key = NULL;	160	return dh;
162	ret->q = NULL;	161
163	ret->j = NULL;	162	err:
164	ret->seed = NULL;	163	DH_free(dh);
165	ret->seedlen = 0;	164
166	ret->counter = NULL;	165	return NULL;
167	ret->method_mont_p=NULL;
168	ret->references = 1;
169	ret->flags = ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
170	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
171	if (ret->meth->init != NULL && !ret->meth->init(ret)) {
172	#ifndef OPENSSL_NO_ENGINE
173	ENGINE_finish(ret->engine);
174	#endif
175	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
176	free(ret);
177	ret = NULL;
178	}
179	return ret;
180	}	166	}
181	LCRYPTO_ALIAS(DH_new_method);	167	LCRYPTO_ALIAS(DH_new_method);
182		168
@@ -191,7 +177,7 @@ DH_free(DH *r)
191	if (i > 0)	177	if (i > 0)
192	return;	178	return;
193		179
194	if (r->meth->finish)	180	if (r->meth != NULL && r->meth->finish != NULL)
195	r->meth->finish(r);	181	r->meth->finish(r);
196	#ifndef OPENSSL_NO_ENGINE	182	#ifndef OPENSSL_NO_ENGINE
197	ENGINE_finish(r->engine);	183	ENGINE_finish(r->engine);


diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c index 46a7dbcfbe..a9d2179aeb 100644 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dsa_lib.c,v 1.43 2023/07/08 14:28:15 beck Exp $ */	1	/* $OpenBSD: dsa_lib.c,v 1.44 2023/08/12 06:14:36 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -127,61 +127,46 @@ LCRYPTO_ALIAS(DSA_set_method);
127	DSA *	127	DSA *
128	DSA_new_method(ENGINE *engine)	128	DSA_new_method(ENGINE *engine)
129	{	129	{
130	DSA *ret;	130	DSA *dsa;
131		131
132	ret = malloc(sizeof(DSA));	132	if ((dsa = calloc(1, sizeof(DSA))) == NULL) {
133	if (ret == NULL) {
134	DSAerror(ERR_R_MALLOC_FAILURE);	133	DSAerror(ERR_R_MALLOC_FAILURE);
135	return NULL;	134	goto err;
136	}	135	}
137	ret->meth = DSA_get_default_method();	136
		137	dsa->meth = DSA_get_default_method();
		138	dsa->flags = dsa->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
		139	dsa->references = 1;
		140
138	#ifndef OPENSSL_NO_ENGINE	141	#ifndef OPENSSL_NO_ENGINE
139	if (engine) {	142	if (engine) {
140	if (!ENGINE_init(engine)) {	143	if (!ENGINE_init(engine)) {
141	DSAerror(ERR_R_ENGINE_LIB);	144	DSAerror(ERR_R_ENGINE_LIB);
142	free(ret);	145	goto err;
143	return NULL;
144	}	146	}
145	ret->engine = engine;	147	dsa->engine = engine;
146	} else	148	} else
147	ret->engine = ENGINE_get_default_DSA();	149	dsa->engine = ENGINE_get_default_DSA();
148	if (ret->engine) {	150	if (dsa->engine != NULL) {
149	ret->meth = ENGINE_get_DSA(ret->engine);	151	if ((dsa->meth = ENGINE_get_DSA(dsa->engine)) == NULL) {
150	if (ret->meth == NULL) {
151	DSAerror(ERR_R_ENGINE_LIB);	152	DSAerror(ERR_R_ENGINE_LIB);
152	ENGINE_finish(ret->engine);	153	goto err;
153	free(ret);
154	return NULL;
155	}	154	}
		155	dsa->flags = dsa->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
156	}	156	}
157	#endif	157	#endif
158		158
159	ret->pad = 0;	159	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data))
160	ret->version = 0;	160	goto err;
161	ret->p = NULL;	161	if (dsa->meth->init != NULL && !dsa->meth->init(dsa))
162	ret->q = NULL;	162	goto err;
163	ret->g = NULL;
164
165	ret->pub_key = NULL;
166	ret->priv_key = NULL;
167		163
168	ret->kinv = NULL;	164	return dsa;
169	ret->r = NULL;
170	ret->method_mont_p = NULL;
171		165
172	ret->references = 1;	166	err:
173	ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;	167	DSA_free(dsa);
174	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
175	if (ret->meth->init != NULL && !ret->meth->init(ret)) {
176	#ifndef OPENSSL_NO_ENGINE
177	ENGINE_finish(ret->engine);
178	#endif
179	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
180	free(ret);
181	ret = NULL;
182	}
183		168
184	return ret;	169	return NULL;
185	}	170	}
186	LCRYPTO_ALIAS(DSA_new_method);	171	LCRYPTO_ALIAS(DSA_new_method);
187		172
@@ -197,7 +182,7 @@ DSA_free(DSA *r)
197	if (i > 0)	182	if (i > 0)
198	return;	183	return;
199		184
200	if (r->meth->finish)	185	if (r->meth != NULL && r->meth->finish != NULL)
201	r->meth->finish(r);	186	r->meth->finish(r);
202	#ifndef OPENSSL_NO_ENGINE	187	#ifndef OPENSSL_NO_ENGINE
203	ENGINE_finish(r->engine);	188	ENGINE_finish(r->engine);