From a50ada071c44ffc00ef0d3ed509d23aa02005dd5 Mon Sep 17 00:00:00 2001 From: miod <> Date: Sat, 14 Feb 2015 15:10:39 +0000 Subject: Check for allocation error in RSA_eay_mod_exp(). Coverity CID 25217. ok jsing@ --- src/lib/libcrypto/rsa/rsa.h | 3 ++- src/lib/libcrypto/rsa/rsa_eay.c | 6 +++++- src/lib/libssl/src/crypto/rsa/rsa.h | 3 ++- src/lib/libssl/src/crypto/rsa/rsa_eay.c | 6 +++++- 4 files changed, 14 insertions(+), 4 deletions(-) diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index 8139db0b7d..4045a6cbf3 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.26 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: rsa.h,v 1.27 2015/02/14 15:10:39 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -444,6 +444,7 @@ void ERR_load_RSA_strings(void); #define RSA_F_PKEY_RSA_VERIFYRECOVER 141 #define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 +#define RSA_F_RSA_EAY_MOD_EXP 157 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 0eb18cf3c7..74d40611ee 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.37 2015/02/09 15:49:22 jsing Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.38 2015/02/14 15:10:39 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -730,6 +730,10 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) r1 = BN_CTX_get(ctx); m1 = BN_CTX_get(ctx); vrfy = BN_CTX_get(ctx); + if (r1 == NULL || m1 == NULL || vrfy == NULL) { + RSAerr(RSA_F_RSA_EAY_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; + } { BIGNUM local_p, local_q; diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h index 8139db0b7d..4045a6cbf3 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa.h +++ b/src/lib/libssl/src/crypto/rsa/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.26 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: rsa.h,v 1.27 2015/02/14 15:10:39 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -444,6 +444,7 @@ void ERR_load_RSA_strings(void); #define RSA_F_PKEY_RSA_VERIFYRECOVER 141 #define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 +#define RSA_F_RSA_EAY_MOD_EXP 157 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c index 0eb18cf3c7..74d40611ee 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.37 2015/02/09 15:49:22 jsing Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.38 2015/02/14 15:10:39 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -730,6 +730,10 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) r1 = BN_CTX_get(ctx); m1 = BN_CTX_get(ctx); vrfy = BN_CTX_get(ctx); + if (r1 == NULL || m1 == NULL || vrfy == NULL) { + RSAerr(RSA_F_RSA_EAY_MOD_EXP, ERR_R_MALLOC_FAILURE); + goto err; + } { BIGNUM local_p, local_q; -- cgit v1.2.3-55-g6feb