From 16f790d01f7a6fc6c94e2a033a67b80c8ec5291c Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 9 Feb 2015 15:49:22 +0000 Subject: BN_CTX_get() can fail - consistently check its return value. There are currently cases where the return from each call is checked, the return from only the last call is checked and cases where it is not checked at all (including code in bn, ec and engine). Checking the last return value is valid as once the function fails it will continue to return NULL. However, in order to be consistent check each call with the same idiom. This makes it easy to verify. Note there are still a handful of cases that do not follow the idiom - these will be handled separately. ok beck@ doug@ --- src/lib/libcrypto/ec/ec_lib.c | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) (limited to 'src/lib/libcrypto/ec/ec_lib.c') diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c index 47ccc614d1..8cf0f2241e 100644 --- a/src/lib/libcrypto/ec/ec_lib.c +++ b/src/lib/libcrypto/ec/ec_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: ec_lib.c,v 1.16 2015/02/09 15:49:22 jsing Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -497,18 +497,19 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) return -1; BN_CTX_start(ctx); - a1 = BN_CTX_get(ctx); - a2 = BN_CTX_get(ctx); - a3 = BN_CTX_get(ctx); - b1 = BN_CTX_get(ctx); - b2 = BN_CTX_get(ctx); - b3 = BN_CTX_get(ctx); - if (!b3) { - BN_CTX_end(ctx); - if (ctx_new) - BN_CTX_free(ctx); - return -1; - } + if ((a1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a3 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b3 = BN_CTX_get(ctx)) == NULL) + goto err; + /* * XXX This approach assumes that the external representation of * curves over the same field type is the same. @@ -544,6 +545,12 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) BN_CTX_free(ctx); return r; + +err: + BN_CTX_end(ctx); + if (ctx_new) + BN_CTX_free(ctx); + return -1; } -- cgit v1.2.3-55-g6feb