From 9b099cfe9b8ff48ebf73f26baf1ffb356d3ab825 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Fri, 11 Jul 2014 13:41:59 +0000
Subject: More memory leaks and unchecked allocations; OpenSSL PR #3403 via
 OpenSSL trunk. (note we had already fixed some of the issues in that PR
 independently)

---
 src/lib/libcrypto/asn1/ameth_lib.c         | 9 +++++++--
 src/lib/libcrypto/asn1/asn_mime.c          | 4 +++-
 src/lib/libcrypto/asn1/asn_pack.c          | 7 +++++--
 src/lib/libcrypto/asn1/evp_asn1.c          | 6 ++++--
 src/lib/libssl/src/crypto/asn1/ameth_lib.c | 9 +++++++--
 src/lib/libssl/src/crypto/asn1/asn_mime.c  | 4 +++-
 src/lib/libssl/src/crypto/asn1/asn_pack.c  | 7 +++++--
 src/lib/libssl/src/crypto/asn1/evp_asn1.c  | 6 ++++--
 8 files changed, 38 insertions(+), 14 deletions(-)

diff --git a/src/lib/libcrypto/asn1/ameth_lib.c b/src/lib/libcrypto/asn1/ameth_lib.c
index 8701e97337..e9f73cb3a6 100644
--- a/src/lib/libcrypto/asn1/ameth_lib.c
+++ b/src/lib/libcrypto/asn1/ameth_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ameth_lib.c,v 1.12 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: ameth_lib.c,v 1.13 2014/07/11 13:41:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -242,11 +242,16 @@ int
 EVP_PKEY_asn1_add_alias(int to, int from)
 {
 	EVP_PKEY_ASN1_METHOD *ameth;
+
 	ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
 	if (!ameth)
 		return 0;
 	ameth->pkey_base_id = to;
-	return EVP_PKEY_asn1_add0(ameth);
+	if (!EVP_PKEY_asn1_add0(ameth)) {
+		EVP_PKEY_asn1_free(ameth);
+		return 0;
+	}
+	return 1;
 }
 
 int
diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c
index 41b39efa7b..994531837f 100644
--- a/src/lib/libcrypto/asn1/asn_mime.c
+++ b/src/lib/libcrypto/asn1/asn_mime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn_mime.c,v 1.20 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: asn_mime.c,v 1.21 2014/07/11 13:41:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -675,6 +675,8 @@ STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
 	int len, state, save_state = 0;
 
 	headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+	if (!headers)
+		return NULL;
 	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
 		/* If whitespace at line start then continuation line */
 		if (mhdr && isspace((unsigned char)linebuf[0]))
diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c
index 5d3fc3c34d..f010f87bbd 100644
--- a/src/lib/libcrypto/asn1/asn_pack.c
+++ b/src/lib/libcrypto/asn1/asn_pack.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn_pack.c,v 1.13 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: asn_pack.c,v 1.14 2014/07/11 13:41:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -155,8 +155,11 @@ ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
 		*oct = octmp;
 	return octmp;
 err:
-	if (!oct || octmp != *oct)
+	if (!oct || octmp != *oct) {
 		ASN1_STRING_free(octmp);
+		if (oct)
+			*oct = NULL;
+	}
 	return NULL;
 }
 
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
index 648fae9fbd..199c12f9a4 100644
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ b/src/lib/libcrypto/asn1/evp_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_asn1.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: evp_asn1.c,v 1.12 2014/07/11 13:41:59 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -70,8 +70,10 @@ ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
 
 	if ((os = M_ASN1_OCTET_STRING_new()) == NULL)
 		return (0);
-	if (!M_ASN1_OCTET_STRING_set(os, data, len))
+	if (!M_ASN1_OCTET_STRING_set(os, data, len)) {
+		M_ASN1_OCTET_STRING_free(os);
 		return (0);
+	}
 	ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os);
 	return (1);
 }
diff --git a/src/lib/libssl/src/crypto/asn1/ameth_lib.c b/src/lib/libssl/src/crypto/asn1/ameth_lib.c
index 8701e97337..e9f73cb3a6 100644
--- a/src/lib/libssl/src/crypto/asn1/ameth_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/ameth_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ameth_lib.c,v 1.12 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: ameth_lib.c,v 1.13 2014/07/11 13:41:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -242,11 +242,16 @@ int
 EVP_PKEY_asn1_add_alias(int to, int from)
 {
 	EVP_PKEY_ASN1_METHOD *ameth;
+
 	ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
 	if (!ameth)
 		return 0;
 	ameth->pkey_base_id = to;
-	return EVP_PKEY_asn1_add0(ameth);
+	if (!EVP_PKEY_asn1_add0(ameth)) {
+		EVP_PKEY_asn1_free(ameth);
+		return 0;
+	}
+	return 1;
 }
 
 int
diff --git a/src/lib/libssl/src/crypto/asn1/asn_mime.c b/src/lib/libssl/src/crypto/asn1/asn_mime.c
index 41b39efa7b..994531837f 100644
--- a/src/lib/libssl/src/crypto/asn1/asn_mime.c
+++ b/src/lib/libssl/src/crypto/asn1/asn_mime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn_mime.c,v 1.20 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: asn_mime.c,v 1.21 2014/07/11 13:41:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -675,6 +675,8 @@ STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
 	int len, state, save_state = 0;
 
 	headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+	if (!headers)
+		return NULL;
 	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
 		/* If whitespace at line start then continuation line */
 		if (mhdr && isspace((unsigned char)linebuf[0]))
diff --git a/src/lib/libssl/src/crypto/asn1/asn_pack.c b/src/lib/libssl/src/crypto/asn1/asn_pack.c
index 5d3fc3c34d..f010f87bbd 100644
--- a/src/lib/libssl/src/crypto/asn1/asn_pack.c
+++ b/src/lib/libssl/src/crypto/asn1/asn_pack.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn_pack.c,v 1.13 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: asn_pack.c,v 1.14 2014/07/11 13:41:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -155,8 +155,11 @@ ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
 		*oct = octmp;
 	return octmp;
 err:
-	if (!oct || octmp != *oct)
+	if (!oct || octmp != *oct) {
 		ASN1_STRING_free(octmp);
+		if (oct)
+			*oct = NULL;
+	}
 	return NULL;
 }
 
diff --git a/src/lib/libssl/src/crypto/asn1/evp_asn1.c b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
index 648fae9fbd..199c12f9a4 100644
--- a/src/lib/libssl/src/crypto/asn1/evp_asn1.c
+++ b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_asn1.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: evp_asn1.c,v 1.12 2014/07/11 13:41:59 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -70,8 +70,10 @@ ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
 
 	if ((os = M_ASN1_OCTET_STRING_new()) == NULL)
 		return (0);
-	if (!M_ASN1_OCTET_STRING_set(os, data, len))
+	if (!M_ASN1_OCTET_STRING_set(os, data, len)) {
+		M_ASN1_OCTET_STRING_free(os);
 		return (0);
+	}
 	ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os);
 	return (1);
 }
-- 
cgit v1.2.3-55-g6feb