From 16f790d01f7a6fc6c94e2a033a67b80c8ec5291c Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 9 Feb 2015 15:49:22 +0000 Subject: BN_CTX_get() can fail - consistently check its return value. There are currently cases where the return from each call is checked, the return from only the last call is checked and cases where it is not checked at all (including code in bn, ec and engine). Checking the last return value is valid as once the function fails it will continue to return NULL. However, in order to be consistent check each call with the same idiom. This makes it easy to verify. Note there are still a handful of cases that do not follow the idiom - these will be handled separately. ok beck@ doug@ --- src/lib/libcrypto/bn/bn_div.c | 4 +- src/lib/libcrypto/bn/bn_exp.c | 32 ++++----- src/lib/libcrypto/bn/bn_exp2.c | 14 ++-- src/lib/libcrypto/bn/bn_gcd.c | 50 ++++++++------ src/lib/libcrypto/bn/bn_gf2m.c | 35 +++++----- src/lib/libcrypto/bn/bn_kron.c | 8 +-- src/lib/libcrypto/bn/bn_mont.c | 11 ++- src/lib/libcrypto/bn/bn_mul.c | 8 +-- src/lib/libcrypto/bn/bn_prime.c | 23 ++++--- src/lib/libcrypto/bn/bn_sqr.c | 4 +- src/lib/libcrypto/bn/bn_sqrt.c | 20 +++--- src/lib/libcrypto/bn/bn_x931p.c | 41 ++++++----- src/lib/libcrypto/dh/dh_gen.c | 8 +-- src/lib/libcrypto/dh/dh_key.c | 5 +- src/lib/libcrypto/dsa/dsa_gen.c | 26 ++++--- src/lib/libcrypto/ec/ec2_mult.c | 26 +++---- src/lib/libcrypto/ec/ec2_oct.c | 32 +++++---- src/lib/libcrypto/ec/ec2_smpl.c | 56 ++++++++------- src/lib/libcrypto/ec/ec_key.c | 9 ++- src/lib/libcrypto/ec/ec_lib.c | 33 +++++---- src/lib/libcrypto/ec/ec_mult.c | 5 +- src/lib/libcrypto/ec/ecp_oct.c | 30 +++++---- src/lib/libcrypto/ec/ecp_smpl.c | 101 ++++++++++++++++------------ src/lib/libcrypto/ecdh/ech_ossl.c | 8 ++- src/lib/libcrypto/engine/eng_rsax.c | 11 +-- src/lib/libcrypto/rsa/rsa_crpt.c | 11 +-- src/lib/libcrypto/rsa/rsa_eay.c | 6 +- src/lib/libcrypto/rsa/rsa_gen.c | 14 ++-- src/lib/libssl/src/crypto/bn/bn_div.c | 4 +- src/lib/libssl/src/crypto/bn/bn_exp.c | 32 ++++----- src/lib/libssl/src/crypto/bn/bn_exp2.c | 14 ++-- src/lib/libssl/src/crypto/bn/bn_gcd.c | 50 ++++++++------ src/lib/libssl/src/crypto/bn/bn_gf2m.c | 35 +++++----- src/lib/libssl/src/crypto/bn/bn_kron.c | 8 +-- src/lib/libssl/src/crypto/bn/bn_mont.c | 11 ++- src/lib/libssl/src/crypto/bn/bn_mul.c | 8 +-- src/lib/libssl/src/crypto/bn/bn_prime.c | 23 ++++--- src/lib/libssl/src/crypto/bn/bn_sqr.c | 4 +- src/lib/libssl/src/crypto/bn/bn_sqrt.c | 20 +++--- src/lib/libssl/src/crypto/bn/bn_x931p.c | 41 ++++++----- src/lib/libssl/src/crypto/dh/dh_gen.c | 8 +-- src/lib/libssl/src/crypto/dh/dh_key.c | 5 +- src/lib/libssl/src/crypto/dsa/dsa_gen.c | 26 ++++--- src/lib/libssl/src/crypto/ec/ec2_mult.c | 26 +++---- src/lib/libssl/src/crypto/ec/ec2_oct.c | 32 +++++---- src/lib/libssl/src/crypto/ec/ec2_smpl.c | 56 ++++++++------- src/lib/libssl/src/crypto/ec/ec_key.c | 9 ++- src/lib/libssl/src/crypto/ec/ec_lib.c | 33 +++++---- src/lib/libssl/src/crypto/ec/ec_mult.c | 5 +- src/lib/libssl/src/crypto/ec/ecp_oct.c | 30 +++++---- src/lib/libssl/src/crypto/ec/ecp_smpl.c | 101 ++++++++++++++++------------ src/lib/libssl/src/crypto/ecdh/ech_ossl.c | 8 ++- src/lib/libssl/src/crypto/engine/eng_rsax.c | 11 +-- src/lib/libssl/src/crypto/rsa/rsa_crpt.c | 11 +-- src/lib/libssl/src/crypto/rsa/rsa_eay.c | 6 +- src/lib/libssl/src/crypto/rsa/rsa_gen.c | 14 ++-- 56 files changed, 716 insertions(+), 546 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c index f4deccf77f..fefc53f9fa 100644 --- a/src/lib/libcrypto/bn/bn_div.c +++ b/src/lib/libcrypto/bn/bn_div.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_div.c,v 1.22 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_div.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -170,7 +170,7 @@ BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, res = BN_CTX_get(ctx); else res = dv; - if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL) + if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL) goto err; /* First we normalise the numbers */ diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c index 1aa5503dae..eecab5163b 100644 --- a/src/lib/libcrypto/bn/bn_exp.c +++ b/src/lib/libcrypto/bn/bn_exp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp.c,v 1.19 2014/07/11 15:01:49 miod Exp $ */ +/* $OpenBSD: bn_exp.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -272,9 +272,9 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - aa = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!aa || !val[0]) + if ((aa = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; BN_RECP_CTX_init(&recp); @@ -408,10 +408,11 @@ BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!d || !r || !val[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; /* If this is not done, things will break in the montgomery @@ -885,10 +886,11 @@ BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - if (d == NULL || r == NULL || t == NULL) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (in_mont != NULL) @@ -1003,9 +1005,9 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!d || !val[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_nnmod(val[0],a,m,ctx)) diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c index c8f0294f7a..38bf467a38 100644 --- a/src/lib/libcrypto/bn/bn_exp2.c +++ b/src/lib/libcrypto/bn/bn_exp2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp2.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_exp2.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -150,11 +150,13 @@ BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, bits = (bits1 > bits2) ? bits1 : bits2; BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - val1[0] = BN_CTX_get(ctx); - val2[0] = BN_CTX_get(ctx); - if (!d || !r || !val1[0] || !val2[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val1[0] = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val2[0] = BN_CTX_get(ctx)) == NULL) goto err; if (in_mont != NULL) diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c index 379bea99ad..da9c29a8e5 100644 --- a/src/lib/libcrypto/bn/bn_gcd.c +++ b/src/lib/libcrypto/bn/bn_gcd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gcd.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -125,9 +125,9 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) bn_check_top(in_b); BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - if (a == NULL || b == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) goto err; if (BN_copy(a, in_a) == NULL) @@ -247,14 +247,19 @@ BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) bn_check_top(n); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - D = BN_CTX_get(ctx); - M = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - T = BN_CTX_get(ctx); - if (T == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto err; + if ((B = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((D = BN_CTX_get(ctx)) == NULL) + goto err; + if ((M = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((T = BN_CTX_get(ctx)) == NULL) goto err; if (in == NULL) @@ -537,14 +542,19 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, bn_check_top(n); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - D = BN_CTX_get(ctx); - M = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - T = BN_CTX_get(ctx); - if (T == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto err; + if ((B = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((D = BN_CTX_get(ctx)) == NULL) + goto err; + if ((M = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((T = BN_CTX_get(ctx)) == NULL) goto err; if (in == NULL) diff --git a/src/lib/libcrypto/bn/bn_gf2m.c b/src/lib/libcrypto/bn/bn_gf2m.c index 1cd38c7797..4544369248 100644 --- a/src/lib/libcrypto/bn/bn_gf2m.c +++ b/src/lib/libcrypto/bn/bn_gf2m.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gf2m.c,v 1.16 2014/10/28 07:35:58 jsg Exp $ */ +/* $OpenBSD: bn_gf2m.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -840,8 +840,7 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, bn_check_top(p); BN_CTX_start(ctx); - xinv = BN_CTX_get(ctx); - if (xinv == NULL) + if ((xinv = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_inv(xinv, x, p, ctx)) @@ -875,11 +874,13 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - u = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - if (v == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) + goto err; + if ((u = BN_CTX_get(ctx)) == NULL) + goto err; + if ((v = BN_CTX_get(ctx)) == NULL) goto err; /* reduce x and y mod p */ @@ -1137,10 +1138,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], } BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - z = BN_CTX_get(ctx); - w = BN_CTX_get(ctx); - if (w == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z = BN_CTX_get(ctx)) == NULL) + goto err; + if ((w = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(a, a_, p)) @@ -1169,10 +1171,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], } else /* m is even */ { - rho = BN_CTX_get(ctx); - w2 = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - if (tmp == NULL) + if ((rho = BN_CTX_get(ctx)) == NULL) + goto err; + if ((w2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp = BN_CTX_get(ctx)) == NULL) goto err; do { if (!BN_rand(rho, p[0], 0, 0)) diff --git a/src/lib/libcrypto/bn/bn_kron.c b/src/lib/libcrypto/bn/bn_kron.c index 699cda55f0..274da5d186 100644 --- a/src/lib/libcrypto/bn/bn_kron.c +++ b/src/lib/libcrypto/bn/bn_kron.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_kron.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_kron.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -79,9 +79,9 @@ BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) bn_check_top(b); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - if (B == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto end; + if ((B = BN_CTX_get(ctx)) == NULL) goto end; err = !BN_copy(A, a); diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c index 5803ca493d..3eb9913a9e 100644 --- a/src/lib/libcrypto/bn/bn_mont.c +++ b/src/lib/libcrypto/bn/bn_mont.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mont.c,v 1.23 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_mont.c,v 1.24 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -149,8 +149,7 @@ BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, #endif BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - if (tmp == NULL) + if ((tmp = BN_CTX_get(ctx)) == NULL) goto err; bn_check_top(tmp); @@ -288,9 +287,9 @@ BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx) BIGNUM *t1, *t2; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_copy(t1, a)) diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c index daba02d6ca..7794d59707 100644 --- a/src/lib/libcrypto/bn/bn_mul.c +++ b/src/lib/libcrypto/bn/bn_mul.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mul.c,v 1.19 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_mul.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1012,8 +1012,7 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) j = 1 << (j - 1); assert(j <= al || j <= bl); k = j + j; - t = BN_CTX_get(ctx); - if (t == NULL) + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (al > j || bl > j) { if (bn_wexpand(t, k * 4) == NULL) @@ -1057,7 +1056,8 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) j = BN_num_bits_word((BN_ULONG)al); j = 1 << (j - 1); k = j + j; - t = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + goto err; if (al == j) /* exact multiple */ { if (bn_wexpand(t, k * 2) == NULL) diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c index e5cd315e47..02780d32e6 100644 --- a/src/lib/libcrypto/bn/bn_prime.c +++ b/src/lib/libcrypto/bn/bn_prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_prime.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: bn_prime.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -170,8 +170,7 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, if (ctx == NULL) goto err; BN_CTX_start(ctx); - t = BN_CTX_get(ctx); - if (!t) + if ((t = BN_CTX_get(ctx)) == NULL) goto err; loop: /* make a random number and set the top and bottom bits */ @@ -287,10 +286,11 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, A = t; } else A = a; - A1 = BN_CTX_get(ctx); - A1_odd = BN_CTX_get(ctx); - check = BN_CTX_get(ctx); - if (check == NULL) + if ((A1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((A1_odd = BN_CTX_get(ctx)) == NULL) + goto err; + if ((check = BN_CTX_get(ctx)) == NULL) goto err; /* compute A1 := A - 1 */ @@ -461,10 +461,11 @@ probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, bits--; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - qadd = BN_CTX_get(ctx); - if (qadd == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((q = BN_CTX_get(ctx)) == NULL) + goto err; + if ((qadd = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_rshift1(qadd, padd)) diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c index 5ea9fb083d..a0dce6ea81 100644 --- a/src/lib/libcrypto/bn/bn_sqr.c +++ b/src/lib/libcrypto/bn/bn_sqr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqr.c,v 1.11 2014/07/11 13:26:31 miod Exp $ */ +/* $OpenBSD: bn_sqr.c,v 1.12 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,7 +85,7 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) BN_CTX_start(ctx); rr = (a != r) ? r : BN_CTX_get(ctx); tmp = BN_CTX_get(ctx); - if (!rr || !tmp) + if (rr == NULL || tmp == NULL) goto err; max = 2 * al; /* Non-zero (from above) */ diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c index 9a59d56b3f..f94fa41094 100644 --- a/src/lib/libcrypto/bn/bn_sqrt.c +++ b/src/lib/libcrypto/bn/bn_sqrt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqrt.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_sqrt.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* Written by Lenka Fibikova * and Bodo Moeller for the OpenSSL project. */ /* ==================================================================== @@ -108,13 +108,17 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) } BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto end; + if ((b = BN_CTX_get(ctx)) == NULL) + goto end; + if ((q = BN_CTX_get(ctx)) == NULL) + goto end; + if ((t = BN_CTX_get(ctx)) == NULL) + goto end; + if ((x = BN_CTX_get(ctx)) == NULL) + goto end; + if ((y = BN_CTX_get(ctx)) == NULL) goto end; if (ret == NULL) diff --git a/src/lib/libcrypto/bn/bn_x931p.c b/src/lib/libcrypto/bn/bn_x931p.c index fc8d4c3c49..89c86c1ff7 100644 --- a/src/lib/libcrypto/bn/bn_x931p.c +++ b/src/lib/libcrypto/bn/bn_x931p.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_x931p.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ +/* $OpenBSD: bn_x931p.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -107,17 +107,21 @@ BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, const BIGNUM *Xp, return 0; BN_CTX_start(ctx); - if (!p1) - p1 = BN_CTX_get(ctx); - - if (!p2) - p2 = BN_CTX_get(ctx); - - t = BN_CTX_get(ctx); - - p1p2 = BN_CTX_get(ctx); + if (p1 != NULL) { + if ((p1 = BN_CTX_get(ctx)) == NULL) + goto err; + } + if (p2 != NULL) { + if ((p2 = BN_CTX_get(ctx)) == NULL) + goto err; + } - pm1 = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + goto err; + if ((p1p2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((pm1 = BN_CTX_get(ctx)) == NULL) + goto err; if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) goto err; @@ -213,7 +217,8 @@ BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx) return 0; BN_CTX_start(ctx); - t = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + return 0; for (i = 0; i < 1000; i++) { if (!BN_rand(Xq, nbits, 1, 0)) @@ -247,10 +252,14 @@ BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1, int ret = 0; BN_CTX_start(ctx); - if (!Xp1) - Xp1 = BN_CTX_get(ctx); - if (!Xp2) - Xp2 = BN_CTX_get(ctx); + if (Xp1 != NULL) { + if ((Xp1 = BN_CTX_get(ctx)) == NULL) + goto error; + } + if (Xp2 != NULL) { + if ((Xp2 = BN_CTX_get(ctx)) == NULL) + goto error; + } if (!BN_rand(Xp1, 101, 0, 0)) goto error; diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c index 1bc37b987e..de566802d3 100644 --- a/src/lib/libcrypto/dh/dh_gen.c +++ b/src/lib/libcrypto/dh/dh_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_gen.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: dh_gen.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -115,9 +115,9 @@ dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) if (ctx == NULL) goto err; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; /* Make sure 'ret' has the necessary elements */ diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c index b8352149e2..31bc7b3dfd 100644 --- a/src/lib/libcrypto/dh/dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_key.c,v 1.22 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: dh_key.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -195,7 +195,8 @@ compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) if (ctx == NULL) goto err; BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; if (dh->priv_key == NULL) { DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE); diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index 296a544c31..dcfa957884 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_gen.c,v 1.17 2014/10/22 13:02:04 jsing Exp $ */ +/* $OpenBSD: dsa_gen.c,v 1.18 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -148,14 +148,22 @@ dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd, goto err; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - g = BN_CTX_get(ctx); - W = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - c = BN_CTX_get(ctx); - p = BN_CTX_get(ctx); - test = BN_CTX_get(ctx); + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((g = BN_CTX_get(ctx)) == NULL) + goto err; + if ((W = BN_CTX_get(ctx)) == NULL) + goto err; + if ((q = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((c = BN_CTX_get(ctx)) == NULL) + goto err; + if ((p = BN_CTX_get(ctx)) == NULL) + goto err; + if ((test = BN_CTX_get(ctx)) == NULL) + goto err; if (!BN_lshift(test, BN_value_one(), bits - 1)) goto err; diff --git a/src/lib/libcrypto/ec/ec2_mult.c b/src/lib/libcrypto/ec/ec2_mult.c index dd113907be..8f0091efe1 100644 --- a/src/lib/libcrypto/ec/ec2_mult.c +++ b/src/lib/libcrypto/ec/ec2_mult.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_mult.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_mult.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -91,8 +91,7 @@ gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx) /* Since Mdouble is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - if (t1 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) goto err; if (!group->meth->field_sqr(group, x, x, ctx)) @@ -132,9 +131,9 @@ gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1, /* Since Madd is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_copy(t1, x)) @@ -191,10 +190,11 @@ gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIGNUM *x1, } /* Since Mxy is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t3 = BN_CTX_get(ctx); - t4 = BN_CTX_get(ctx); - t5 = BN_CTX_get(ctx); - if (t5 == NULL) + if ((t3 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t4 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t5 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_one(t5)) @@ -281,9 +281,9 @@ ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, /* Since point_multiply is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - x1 = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - if (z1 == NULL) + if ((x1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z1 = BN_CTX_get(ctx)) == NULL) goto err; x2 = &r->X; diff --git a/src/lib/libcrypto/ec/ec2_oct.c b/src/lib/libcrypto/ec/ec2_oct.c index c45d9c2219..72690b1bc7 100644 --- a/src/lib/libcrypto/ec/ec2_oct.c +++ b/src/lib/libcrypto/ec/ec2_oct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -109,11 +109,13 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point y_bit = (y_bit != 0) ? 1 : 0; BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - z = BN_CTX_get(ctx); - if (z == NULL) + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(x, x_, group->poly)) @@ -212,10 +214,11 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, } BN_CTX_start(ctx); used_ctx = 1; - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - yxi = BN_CTX_get(ctx); - if (yxi == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((yxi = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) @@ -329,10 +332,11 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - yxi = BN_CTX_get(ctx); - if (yxi == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((yxi = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) diff --git a/src/lib/libcrypto/ec/ec2_smpl.c b/src/lib/libcrypto/ec/ec2_smpl.c index b9c066c5c1..43f0afd5ae 100644 --- a/src/lib/libcrypto/ec/ec2_smpl.c +++ b/src/lib/libcrypto/ec/ec2_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_smpl.c,v 1.13 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_smpl.c,v 1.14 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -291,8 +291,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx) } } BN_CTX_start(ctx); - b = BN_CTX_get(ctx); - if (b == NULL) + if ((b = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(b, &group->b, group->poly)) @@ -464,15 +463,21 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, return 0; } BN_CTX_start(ctx); - x0 = BN_CTX_get(ctx); - y0 = BN_CTX_get(ctx); - x1 = BN_CTX_get(ctx); - y1 = BN_CTX_get(ctx); - x2 = BN_CTX_get(ctx); - y2 = BN_CTX_get(ctx); - s = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - if (t == NULL) + if ((x0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((s = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (a->Z_is_one) { @@ -611,9 +616,9 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX return -1; } BN_CTX_start(ctx); - y2 = BN_CTX_get(ctx); - lh = BN_CTX_get(ctx); - if (lh == NULL) + if ((y2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((lh = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -651,7 +656,8 @@ err: * 1 not equal */ int -ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx) +ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, + const EC_POINT *b, BN_CTX *ctx) { BIGNUM *aX, *aY, *bX, *bY; BN_CTX *new_ctx = NULL; @@ -672,11 +678,13 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * return -1; } BN_CTX_start(ctx); - aX = BN_CTX_get(ctx); - aY = BN_CTX_get(ctx); - bX = BN_CTX_get(ctx); - bY = BN_CTX_get(ctx); - if (bY == NULL) + if ((aX = BN_CTX_get(ctx)) == NULL) + goto err; + if ((aY = BN_CTX_get(ctx)) == NULL) + goto err; + if ((bX = BN_CTX_get(ctx)) == NULL) + goto err; + if ((bY = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx)) @@ -710,9 +718,9 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c index f9904b4ee9..45192c3231 100644 --- a/src/lib/libcrypto/ec/ec_key.c +++ b/src/lib/libcrypto/ec/ec_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_key.c,v 1.10 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec_key.c,v 1.11 2015/02/09 15:49:22 jsing Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -359,8 +359,11 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y) if (tmp_nid == NID_X9_62_characteristic_two_field) is_char_two = 1; - tx = BN_CTX_get(ctx); - ty = BN_CTX_get(ctx); + if ((tx = BN_CTX_get(ctx)) == NULL) + goto err; + if ((ty = BN_CTX_get(ctx)) == NULL) + goto err; + #ifndef OPENSSL_NO_EC2M if (is_char_two) { if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point, diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c index 47ccc614d1..8cf0f2241e 100644 --- a/src/lib/libcrypto/ec/ec_lib.c +++ b/src/lib/libcrypto/ec/ec_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: ec_lib.c,v 1.16 2015/02/09 15:49:22 jsing Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -497,18 +497,19 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) return -1; BN_CTX_start(ctx); - a1 = BN_CTX_get(ctx); - a2 = BN_CTX_get(ctx); - a3 = BN_CTX_get(ctx); - b1 = BN_CTX_get(ctx); - b2 = BN_CTX_get(ctx); - b3 = BN_CTX_get(ctx); - if (!b3) { - BN_CTX_end(ctx); - if (ctx_new) - BN_CTX_free(ctx); - return -1; - } + if ((a1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a3 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b3 = BN_CTX_get(ctx)) == NULL) + goto err; + /* * XXX This approach assumes that the external representation of * curves over the same field type is the same. @@ -544,6 +545,12 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) BN_CTX_free(ctx); return r; + +err: + BN_CTX_end(ctx); + if (ctx_new) + BN_CTX_free(ctx); + return -1; } diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c index 9e3aee13a2..e711413598 100644 --- a/src/lib/libcrypto/ec/ec_mult.c +++ b/src/lib/libcrypto/ec/ec_mult.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: ec_mult.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. */ @@ -753,8 +753,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx) goto err; } BN_CTX_start(ctx); - order = BN_CTX_get(ctx); - if (order == NULL) + if ((order = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_GROUP_get_order(group, order, ctx)) diff --git a/src/lib/libcrypto/ec/ecp_oct.c b/src/lib/libcrypto/ec/ecp_oct.c index abc31e6382..994f0b08b1 100644 --- a/src/lib/libcrypto/ec/ecp_oct.c +++ b/src/lib/libcrypto/ec/ecp_oct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ecp_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -67,8 +67,8 @@ #include "ec_lcl.h" int -ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * point, - const BIGNUM * x_, int y_bit, BN_CTX * ctx) +ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, + EC_POINT * point, const BIGNUM * x_, int y_bit, BN_CTX * ctx) { BN_CTX *new_ctx = NULL; BIGNUM *tmp1, *tmp2, *x, *y; @@ -85,11 +85,13 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin y_bit = (y_bit != 0); BN_CTX_start(ctx); - tmp1 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((tmp1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -239,9 +241,9 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co } BN_CTX_start(ctx); used_ctx = 1; - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) @@ -348,9 +350,9 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point, return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c index 7b3bb2364d..f6db4dc9b1 100644 --- a/src/lib/libcrypto/ec/ecp_smpl.c +++ b/src/lib/libcrypto/ec/ecp_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_smpl.c,v 1.14 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ecp_smpl.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -188,8 +188,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group, return 0; } BN_CTX_start(ctx); - tmp_a = BN_CTX_get(ctx); - if (tmp_a == NULL) + if ((tmp_a = BN_CTX_get(ctx)) == NULL) goto err; /* group->field */ @@ -294,12 +293,15 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx) } } BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - tmp_1 = BN_CTX_get(ctx); - tmp_2 = BN_CTX_get(ctx); - order = BN_CTX_get(ctx); - if (order == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp_1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp_2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((order = BN_CTX_get(ctx)) == NULL) goto err; if (group->meth->field_decode) { @@ -539,11 +541,13 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN return 0; } BN_CTX_start(ctx); - Z = BN_CTX_get(ctx); - Z_1 = BN_CTX_get(ctx); - Z_2 = BN_CTX_get(ctx); - Z_3 = BN_CTX_get(ctx); - if (Z_3 == NULL) + if ((Z = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_3 = BN_CTX_get(ctx)) == NULL) goto err; /* transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3) */ @@ -652,14 +656,19 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons return 0; } BN_CTX_start(ctx); - n0 = BN_CTX_get(ctx); - n1 = BN_CTX_get(ctx); - n2 = BN_CTX_get(ctx); - n3 = BN_CTX_get(ctx); - n4 = BN_CTX_get(ctx); - n5 = BN_CTX_get(ctx); - n6 = BN_CTX_get(ctx); - if (n6 == NULL) + if ((n0 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n1 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n2 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n3 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n4 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n5 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n6 = BN_CTX_get(ctx)) == NULL) goto end; /* @@ -834,11 +843,13 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C return 0; } BN_CTX_start(ctx); - n0 = BN_CTX_get(ctx); - n1 = BN_CTX_get(ctx); - n2 = BN_CTX_get(ctx); - n3 = BN_CTX_get(ctx); - if (n3 == NULL) + if ((n0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n3 = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -990,11 +1001,13 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX return -1; } BN_CTX_start(ctx); - rh = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - Z4 = BN_CTX_get(ctx); - Z6 = BN_CTX_get(ctx); - if (Z6 == NULL) + if ((rh = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z4 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z6 = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -1101,11 +1114,13 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b return -1; } BN_CTX_start(ctx); - tmp1 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - Za23 = BN_CTX_get(ctx); - Zb23 = BN_CTX_get(ctx); - if (Zb23 == NULL) + if ((tmp1 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((tmp2 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((Za23 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((Zb23 = BN_CTX_get(ctx)) == NULL) goto end; /* @@ -1184,9 +1199,9 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) @@ -1225,9 +1240,9 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT * return 0; } BN_CTX_start(ctx); - tmp0 = BN_CTX_get(ctx); - tmp1 = BN_CTX_get(ctx); - if (tmp0 == NULL || tmp1 == NULL) + if ((tmp0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp1 = BN_CTX_get(ctx)) == NULL) goto err; /* diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c index ee130edeee..4fae7cacfd 100644 --- a/src/lib/libcrypto/ecdh/ech_ossl.c +++ b/src/lib/libcrypto/ecdh/ech_ossl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ech_ossl.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: ech_ossl.c,v 1.9 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -120,8 +120,10 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, if ((ctx = BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; priv_key = EC_KEY_get0_private_key(ecdh); if (priv_key == NULL) diff --git a/src/lib/libcrypto/engine/eng_rsax.c b/src/lib/libcrypto/engine/eng_rsax.c index c33a776707..784b74a22f 100644 --- a/src/lib/libcrypto/engine/eng_rsax.c +++ b/src/lib/libcrypto/engine/eng_rsax.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eng_rsax.c,v 1.12 2014/11/19 13:35:37 krw Exp $ */ +/* $OpenBSD: eng_rsax.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (c) 2010-2010 Intel Corp. * Author: Vinodh.Gopal@intel.com * Jim Guilford @@ -519,9 +519,12 @@ e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) int ret = 0; BN_CTX_start(ctx); - r1 = BN_CTX_get(ctx); - m1 = BN_CTX_get(ctx); - vrfy = BN_CTX_get(ctx); + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((m1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((vrfy = BN_CTX_get(ctx)) == NULL) + goto err; { BIGNUM local_p, local_q; diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c index b057dd2201..cf7f9a328b 100644 --- a/src/lib/libcrypto/rsa/rsa_crpt.c +++ b/src/lib/libcrypto/rsa/rsa_crpt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_crpt.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: rsa_crpt.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -145,10 +145,11 @@ rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q, return NULL; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - if (r2 == NULL) + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_sub(r1, p, BN_value_one())) diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index f8031c87a2..0eb18cf3c7 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.36 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.37 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -181,7 +181,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = malloc(num); - if (!f || !ret || !buf) { + if (f == NULL || ret == NULL || buf == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE); goto err; } @@ -366,7 +366,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = malloc(num); - if (!f || !ret || !buf) { + if (f == NULL || ret == NULL || buf == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c index a3b9da4856..f6f051c442 100644 --- a/src/lib/libcrypto/rsa/rsa_gen.c +++ b/src/lib/libcrypto/rsa/rsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_gen.c,v 1.16 2014/07/11 08:44:49 jsing Exp $ */ +/* $OpenBSD: rsa_gen.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -99,11 +99,13 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) if (ctx == NULL) goto err; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - r3 = BN_CTX_get(ctx); - if (r3 == NULL) + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r3 = BN_CTX_get(ctx)) == NULL) goto err; bitsp = (bits + 1) / 2; diff --git a/src/lib/libssl/src/crypto/bn/bn_div.c b/src/lib/libssl/src/crypto/bn/bn_div.c index f4deccf77f..fefc53f9fa 100644 --- a/src/lib/libssl/src/crypto/bn/bn_div.c +++ b/src/lib/libssl/src/crypto/bn/bn_div.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_div.c,v 1.22 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_div.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -170,7 +170,7 @@ BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, res = BN_CTX_get(ctx); else res = dv; - if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL) + if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL) goto err; /* First we normalise the numbers */ diff --git a/src/lib/libssl/src/crypto/bn/bn_exp.c b/src/lib/libssl/src/crypto/bn/bn_exp.c index 1aa5503dae..eecab5163b 100644 --- a/src/lib/libssl/src/crypto/bn/bn_exp.c +++ b/src/lib/libssl/src/crypto/bn/bn_exp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp.c,v 1.19 2014/07/11 15:01:49 miod Exp $ */ +/* $OpenBSD: bn_exp.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -272,9 +272,9 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - aa = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!aa || !val[0]) + if ((aa = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; BN_RECP_CTX_init(&recp); @@ -408,10 +408,11 @@ BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!d || !r || !val[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; /* If this is not done, things will break in the montgomery @@ -885,10 +886,11 @@ BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - if (d == NULL || r == NULL || t == NULL) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (in_mont != NULL) @@ -1003,9 +1005,9 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!d || !val[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_nnmod(val[0],a,m,ctx)) diff --git a/src/lib/libssl/src/crypto/bn/bn_exp2.c b/src/lib/libssl/src/crypto/bn/bn_exp2.c index c8f0294f7a..38bf467a38 100644 --- a/src/lib/libssl/src/crypto/bn/bn_exp2.c +++ b/src/lib/libssl/src/crypto/bn/bn_exp2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp2.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_exp2.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -150,11 +150,13 @@ BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, bits = (bits1 > bits2) ? bits1 : bits2; BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - val1[0] = BN_CTX_get(ctx); - val2[0] = BN_CTX_get(ctx); - if (!d || !r || !val1[0] || !val2[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val1[0] = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val2[0] = BN_CTX_get(ctx)) == NULL) goto err; if (in_mont != NULL) diff --git a/src/lib/libssl/src/crypto/bn/bn_gcd.c b/src/lib/libssl/src/crypto/bn/bn_gcd.c index 379bea99ad..da9c29a8e5 100644 --- a/src/lib/libssl/src/crypto/bn/bn_gcd.c +++ b/src/lib/libssl/src/crypto/bn/bn_gcd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gcd.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -125,9 +125,9 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) bn_check_top(in_b); BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - if (a == NULL || b == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) goto err; if (BN_copy(a, in_a) == NULL) @@ -247,14 +247,19 @@ BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) bn_check_top(n); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - D = BN_CTX_get(ctx); - M = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - T = BN_CTX_get(ctx); - if (T == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto err; + if ((B = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((D = BN_CTX_get(ctx)) == NULL) + goto err; + if ((M = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((T = BN_CTX_get(ctx)) == NULL) goto err; if (in == NULL) @@ -537,14 +542,19 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, bn_check_top(n); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - D = BN_CTX_get(ctx); - M = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - T = BN_CTX_get(ctx); - if (T == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto err; + if ((B = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((D = BN_CTX_get(ctx)) == NULL) + goto err; + if ((M = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((T = BN_CTX_get(ctx)) == NULL) goto err; if (in == NULL) diff --git a/src/lib/libssl/src/crypto/bn/bn_gf2m.c b/src/lib/libssl/src/crypto/bn/bn_gf2m.c index 1cd38c7797..4544369248 100644 --- a/src/lib/libssl/src/crypto/bn/bn_gf2m.c +++ b/src/lib/libssl/src/crypto/bn/bn_gf2m.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gf2m.c,v 1.16 2014/10/28 07:35:58 jsg Exp $ */ +/* $OpenBSD: bn_gf2m.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -840,8 +840,7 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, bn_check_top(p); BN_CTX_start(ctx); - xinv = BN_CTX_get(ctx); - if (xinv == NULL) + if ((xinv = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_inv(xinv, x, p, ctx)) @@ -875,11 +874,13 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - u = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - if (v == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) + goto err; + if ((u = BN_CTX_get(ctx)) == NULL) + goto err; + if ((v = BN_CTX_get(ctx)) == NULL) goto err; /* reduce x and y mod p */ @@ -1137,10 +1138,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], } BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - z = BN_CTX_get(ctx); - w = BN_CTX_get(ctx); - if (w == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z = BN_CTX_get(ctx)) == NULL) + goto err; + if ((w = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(a, a_, p)) @@ -1169,10 +1171,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], } else /* m is even */ { - rho = BN_CTX_get(ctx); - w2 = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - if (tmp == NULL) + if ((rho = BN_CTX_get(ctx)) == NULL) + goto err; + if ((w2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp = BN_CTX_get(ctx)) == NULL) goto err; do { if (!BN_rand(rho, p[0], 0, 0)) diff --git a/src/lib/libssl/src/crypto/bn/bn_kron.c b/src/lib/libssl/src/crypto/bn/bn_kron.c index 699cda55f0..274da5d186 100644 --- a/src/lib/libssl/src/crypto/bn/bn_kron.c +++ b/src/lib/libssl/src/crypto/bn/bn_kron.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_kron.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_kron.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -79,9 +79,9 @@ BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) bn_check_top(b); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - if (B == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto end; + if ((B = BN_CTX_get(ctx)) == NULL) goto end; err = !BN_copy(A, a); diff --git a/src/lib/libssl/src/crypto/bn/bn_mont.c b/src/lib/libssl/src/crypto/bn/bn_mont.c index 5803ca493d..3eb9913a9e 100644 --- a/src/lib/libssl/src/crypto/bn/bn_mont.c +++ b/src/lib/libssl/src/crypto/bn/bn_mont.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mont.c,v 1.23 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_mont.c,v 1.24 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -149,8 +149,7 @@ BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, #endif BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - if (tmp == NULL) + if ((tmp = BN_CTX_get(ctx)) == NULL) goto err; bn_check_top(tmp); @@ -288,9 +287,9 @@ BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx) BIGNUM *t1, *t2; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_copy(t1, a)) diff --git a/src/lib/libssl/src/crypto/bn/bn_mul.c b/src/lib/libssl/src/crypto/bn/bn_mul.c index daba02d6ca..7794d59707 100644 --- a/src/lib/libssl/src/crypto/bn/bn_mul.c +++ b/src/lib/libssl/src/crypto/bn/bn_mul.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mul.c,v 1.19 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_mul.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1012,8 +1012,7 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) j = 1 << (j - 1); assert(j <= al || j <= bl); k = j + j; - t = BN_CTX_get(ctx); - if (t == NULL) + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (al > j || bl > j) { if (bn_wexpand(t, k * 4) == NULL) @@ -1057,7 +1056,8 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) j = BN_num_bits_word((BN_ULONG)al); j = 1 << (j - 1); k = j + j; - t = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + goto err; if (al == j) /* exact multiple */ { if (bn_wexpand(t, k * 2) == NULL) diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c index e5cd315e47..02780d32e6 100644 --- a/src/lib/libssl/src/crypto/bn/bn_prime.c +++ b/src/lib/libssl/src/crypto/bn/bn_prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_prime.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: bn_prime.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -170,8 +170,7 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, if (ctx == NULL) goto err; BN_CTX_start(ctx); - t = BN_CTX_get(ctx); - if (!t) + if ((t = BN_CTX_get(ctx)) == NULL) goto err; loop: /* make a random number and set the top and bottom bits */ @@ -287,10 +286,11 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, A = t; } else A = a; - A1 = BN_CTX_get(ctx); - A1_odd = BN_CTX_get(ctx); - check = BN_CTX_get(ctx); - if (check == NULL) + if ((A1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((A1_odd = BN_CTX_get(ctx)) == NULL) + goto err; + if ((check = BN_CTX_get(ctx)) == NULL) goto err; /* compute A1 := A - 1 */ @@ -461,10 +461,11 @@ probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, bits--; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - qadd = BN_CTX_get(ctx); - if (qadd == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((q = BN_CTX_get(ctx)) == NULL) + goto err; + if ((qadd = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_rshift1(qadd, padd)) diff --git a/src/lib/libssl/src/crypto/bn/bn_sqr.c b/src/lib/libssl/src/crypto/bn/bn_sqr.c index 5ea9fb083d..a0dce6ea81 100644 --- a/src/lib/libssl/src/crypto/bn/bn_sqr.c +++ b/src/lib/libssl/src/crypto/bn/bn_sqr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqr.c,v 1.11 2014/07/11 13:26:31 miod Exp $ */ +/* $OpenBSD: bn_sqr.c,v 1.12 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,7 +85,7 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) BN_CTX_start(ctx); rr = (a != r) ? r : BN_CTX_get(ctx); tmp = BN_CTX_get(ctx); - if (!rr || !tmp) + if (rr == NULL || tmp == NULL) goto err; max = 2 * al; /* Non-zero (from above) */ diff --git a/src/lib/libssl/src/crypto/bn/bn_sqrt.c b/src/lib/libssl/src/crypto/bn/bn_sqrt.c index 9a59d56b3f..f94fa41094 100644 --- a/src/lib/libssl/src/crypto/bn/bn_sqrt.c +++ b/src/lib/libssl/src/crypto/bn/bn_sqrt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqrt.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_sqrt.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* Written by Lenka Fibikova * and Bodo Moeller for the OpenSSL project. */ /* ==================================================================== @@ -108,13 +108,17 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) } BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto end; + if ((b = BN_CTX_get(ctx)) == NULL) + goto end; + if ((q = BN_CTX_get(ctx)) == NULL) + goto end; + if ((t = BN_CTX_get(ctx)) == NULL) + goto end; + if ((x = BN_CTX_get(ctx)) == NULL) + goto end; + if ((y = BN_CTX_get(ctx)) == NULL) goto end; if (ret == NULL) diff --git a/src/lib/libssl/src/crypto/bn/bn_x931p.c b/src/lib/libssl/src/crypto/bn/bn_x931p.c index fc8d4c3c49..89c86c1ff7 100644 --- a/src/lib/libssl/src/crypto/bn/bn_x931p.c +++ b/src/lib/libssl/src/crypto/bn/bn_x931p.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_x931p.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ +/* $OpenBSD: bn_x931p.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -107,17 +107,21 @@ BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, const BIGNUM *Xp, return 0; BN_CTX_start(ctx); - if (!p1) - p1 = BN_CTX_get(ctx); - - if (!p2) - p2 = BN_CTX_get(ctx); - - t = BN_CTX_get(ctx); - - p1p2 = BN_CTX_get(ctx); + if (p1 != NULL) { + if ((p1 = BN_CTX_get(ctx)) == NULL) + goto err; + } + if (p2 != NULL) { + if ((p2 = BN_CTX_get(ctx)) == NULL) + goto err; + } - pm1 = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + goto err; + if ((p1p2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((pm1 = BN_CTX_get(ctx)) == NULL) + goto err; if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) goto err; @@ -213,7 +217,8 @@ BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx) return 0; BN_CTX_start(ctx); - t = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + return 0; for (i = 0; i < 1000; i++) { if (!BN_rand(Xq, nbits, 1, 0)) @@ -247,10 +252,14 @@ BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1, int ret = 0; BN_CTX_start(ctx); - if (!Xp1) - Xp1 = BN_CTX_get(ctx); - if (!Xp2) - Xp2 = BN_CTX_get(ctx); + if (Xp1 != NULL) { + if ((Xp1 = BN_CTX_get(ctx)) == NULL) + goto error; + } + if (Xp2 != NULL) { + if ((Xp2 = BN_CTX_get(ctx)) == NULL) + goto error; + } if (!BN_rand(Xp1, 101, 0, 0)) goto error; diff --git a/src/lib/libssl/src/crypto/dh/dh_gen.c b/src/lib/libssl/src/crypto/dh/dh_gen.c index 1bc37b987e..de566802d3 100644 --- a/src/lib/libssl/src/crypto/dh/dh_gen.c +++ b/src/lib/libssl/src/crypto/dh/dh_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_gen.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: dh_gen.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -115,9 +115,9 @@ dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) if (ctx == NULL) goto err; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; /* Make sure 'ret' has the necessary elements */ diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c index b8352149e2..31bc7b3dfd 100644 --- a/src/lib/libssl/src/crypto/dh/dh_key.c +++ b/src/lib/libssl/src/crypto/dh/dh_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_key.c,v 1.22 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: dh_key.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -195,7 +195,8 @@ compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) if (ctx == NULL) goto err; BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; if (dh->priv_key == NULL) { DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE); diff --git a/src/lib/libssl/src/crypto/dsa/dsa_gen.c b/src/lib/libssl/src/crypto/dsa/dsa_gen.c index 296a544c31..dcfa957884 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_gen.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_gen.c,v 1.17 2014/10/22 13:02:04 jsing Exp $ */ +/* $OpenBSD: dsa_gen.c,v 1.18 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -148,14 +148,22 @@ dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd, goto err; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - g = BN_CTX_get(ctx); - W = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - c = BN_CTX_get(ctx); - p = BN_CTX_get(ctx); - test = BN_CTX_get(ctx); + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((g = BN_CTX_get(ctx)) == NULL) + goto err; + if ((W = BN_CTX_get(ctx)) == NULL) + goto err; + if ((q = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((c = BN_CTX_get(ctx)) == NULL) + goto err; + if ((p = BN_CTX_get(ctx)) == NULL) + goto err; + if ((test = BN_CTX_get(ctx)) == NULL) + goto err; if (!BN_lshift(test, BN_value_one(), bits - 1)) goto err; diff --git a/src/lib/libssl/src/crypto/ec/ec2_mult.c b/src/lib/libssl/src/crypto/ec/ec2_mult.c index dd113907be..8f0091efe1 100644 --- a/src/lib/libssl/src/crypto/ec/ec2_mult.c +++ b/src/lib/libssl/src/crypto/ec/ec2_mult.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_mult.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_mult.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -91,8 +91,7 @@ gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx) /* Since Mdouble is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - if (t1 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) goto err; if (!group->meth->field_sqr(group, x, x, ctx)) @@ -132,9 +131,9 @@ gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1, /* Since Madd is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_copy(t1, x)) @@ -191,10 +190,11 @@ gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIGNUM *x1, } /* Since Mxy is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t3 = BN_CTX_get(ctx); - t4 = BN_CTX_get(ctx); - t5 = BN_CTX_get(ctx); - if (t5 == NULL) + if ((t3 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t4 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t5 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_one(t5)) @@ -281,9 +281,9 @@ ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, /* Since point_multiply is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - x1 = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - if (z1 == NULL) + if ((x1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z1 = BN_CTX_get(ctx)) == NULL) goto err; x2 = &r->X; diff --git a/src/lib/libssl/src/crypto/ec/ec2_oct.c b/src/lib/libssl/src/crypto/ec/ec2_oct.c index c45d9c2219..72690b1bc7 100644 --- a/src/lib/libssl/src/crypto/ec/ec2_oct.c +++ b/src/lib/libssl/src/crypto/ec/ec2_oct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -109,11 +109,13 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point y_bit = (y_bit != 0) ? 1 : 0; BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - z = BN_CTX_get(ctx); - if (z == NULL) + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(x, x_, group->poly)) @@ -212,10 +214,11 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, } BN_CTX_start(ctx); used_ctx = 1; - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - yxi = BN_CTX_get(ctx); - if (yxi == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((yxi = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) @@ -329,10 +332,11 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - yxi = BN_CTX_get(ctx); - if (yxi == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((yxi = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) diff --git a/src/lib/libssl/src/crypto/ec/ec2_smpl.c b/src/lib/libssl/src/crypto/ec/ec2_smpl.c index b9c066c5c1..43f0afd5ae 100644 --- a/src/lib/libssl/src/crypto/ec/ec2_smpl.c +++ b/src/lib/libssl/src/crypto/ec/ec2_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_smpl.c,v 1.13 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_smpl.c,v 1.14 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -291,8 +291,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx) } } BN_CTX_start(ctx); - b = BN_CTX_get(ctx); - if (b == NULL) + if ((b = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(b, &group->b, group->poly)) @@ -464,15 +463,21 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, return 0; } BN_CTX_start(ctx); - x0 = BN_CTX_get(ctx); - y0 = BN_CTX_get(ctx); - x1 = BN_CTX_get(ctx); - y1 = BN_CTX_get(ctx); - x2 = BN_CTX_get(ctx); - y2 = BN_CTX_get(ctx); - s = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - if (t == NULL) + if ((x0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((s = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (a->Z_is_one) { @@ -611,9 +616,9 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX return -1; } BN_CTX_start(ctx); - y2 = BN_CTX_get(ctx); - lh = BN_CTX_get(ctx); - if (lh == NULL) + if ((y2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((lh = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -651,7 +656,8 @@ err: * 1 not equal */ int -ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx) +ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, + const EC_POINT *b, BN_CTX *ctx) { BIGNUM *aX, *aY, *bX, *bY; BN_CTX *new_ctx = NULL; @@ -672,11 +678,13 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * return -1; } BN_CTX_start(ctx); - aX = BN_CTX_get(ctx); - aY = BN_CTX_get(ctx); - bX = BN_CTX_get(ctx); - bY = BN_CTX_get(ctx); - if (bY == NULL) + if ((aX = BN_CTX_get(ctx)) == NULL) + goto err; + if ((aY = BN_CTX_get(ctx)) == NULL) + goto err; + if ((bX = BN_CTX_get(ctx)) == NULL) + goto err; + if ((bY = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx)) @@ -710,9 +718,9 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) diff --git a/src/lib/libssl/src/crypto/ec/ec_key.c b/src/lib/libssl/src/crypto/ec/ec_key.c index f9904b4ee9..45192c3231 100644 --- a/src/lib/libssl/src/crypto/ec/ec_key.c +++ b/src/lib/libssl/src/crypto/ec/ec_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_key.c,v 1.10 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec_key.c,v 1.11 2015/02/09 15:49:22 jsing Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -359,8 +359,11 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y) if (tmp_nid == NID_X9_62_characteristic_two_field) is_char_two = 1; - tx = BN_CTX_get(ctx); - ty = BN_CTX_get(ctx); + if ((tx = BN_CTX_get(ctx)) == NULL) + goto err; + if ((ty = BN_CTX_get(ctx)) == NULL) + goto err; + #ifndef OPENSSL_NO_EC2M if (is_char_two) { if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point, diff --git a/src/lib/libssl/src/crypto/ec/ec_lib.c b/src/lib/libssl/src/crypto/ec/ec_lib.c index 47ccc614d1..8cf0f2241e 100644 --- a/src/lib/libssl/src/crypto/ec/ec_lib.c +++ b/src/lib/libssl/src/crypto/ec/ec_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: ec_lib.c,v 1.16 2015/02/09 15:49:22 jsing Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -497,18 +497,19 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) return -1; BN_CTX_start(ctx); - a1 = BN_CTX_get(ctx); - a2 = BN_CTX_get(ctx); - a3 = BN_CTX_get(ctx); - b1 = BN_CTX_get(ctx); - b2 = BN_CTX_get(ctx); - b3 = BN_CTX_get(ctx); - if (!b3) { - BN_CTX_end(ctx); - if (ctx_new) - BN_CTX_free(ctx); - return -1; - } + if ((a1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a3 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b3 = BN_CTX_get(ctx)) == NULL) + goto err; + /* * XXX This approach assumes that the external representation of * curves over the same field type is the same. @@ -544,6 +545,12 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) BN_CTX_free(ctx); return r; + +err: + BN_CTX_end(ctx); + if (ctx_new) + BN_CTX_free(ctx); + return -1; } diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c index 9e3aee13a2..e711413598 100644 --- a/src/lib/libssl/src/crypto/ec/ec_mult.c +++ b/src/lib/libssl/src/crypto/ec/ec_mult.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: ec_mult.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. */ @@ -753,8 +753,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx) goto err; } BN_CTX_start(ctx); - order = BN_CTX_get(ctx); - if (order == NULL) + if ((order = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_GROUP_get_order(group, order, ctx)) diff --git a/src/lib/libssl/src/crypto/ec/ecp_oct.c b/src/lib/libssl/src/crypto/ec/ecp_oct.c index abc31e6382..994f0b08b1 100644 --- a/src/lib/libssl/src/crypto/ec/ecp_oct.c +++ b/src/lib/libssl/src/crypto/ec/ecp_oct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ecp_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -67,8 +67,8 @@ #include "ec_lcl.h" int -ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * point, - const BIGNUM * x_, int y_bit, BN_CTX * ctx) +ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, + EC_POINT * point, const BIGNUM * x_, int y_bit, BN_CTX * ctx) { BN_CTX *new_ctx = NULL; BIGNUM *tmp1, *tmp2, *x, *y; @@ -85,11 +85,13 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin y_bit = (y_bit != 0); BN_CTX_start(ctx); - tmp1 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((tmp1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -239,9 +241,9 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co } BN_CTX_start(ctx); used_ctx = 1; - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) @@ -348,9 +350,9 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point, return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) diff --git a/src/lib/libssl/src/crypto/ec/ecp_smpl.c b/src/lib/libssl/src/crypto/ec/ecp_smpl.c index 7b3bb2364d..f6db4dc9b1 100644 --- a/src/lib/libssl/src/crypto/ec/ecp_smpl.c +++ b/src/lib/libssl/src/crypto/ec/ecp_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_smpl.c,v 1.14 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ecp_smpl.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -188,8 +188,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group, return 0; } BN_CTX_start(ctx); - tmp_a = BN_CTX_get(ctx); - if (tmp_a == NULL) + if ((tmp_a = BN_CTX_get(ctx)) == NULL) goto err; /* group->field */ @@ -294,12 +293,15 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx) } } BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - tmp_1 = BN_CTX_get(ctx); - tmp_2 = BN_CTX_get(ctx); - order = BN_CTX_get(ctx); - if (order == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp_1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp_2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((order = BN_CTX_get(ctx)) == NULL) goto err; if (group->meth->field_decode) { @@ -539,11 +541,13 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN return 0; } BN_CTX_start(ctx); - Z = BN_CTX_get(ctx); - Z_1 = BN_CTX_get(ctx); - Z_2 = BN_CTX_get(ctx); - Z_3 = BN_CTX_get(ctx); - if (Z_3 == NULL) + if ((Z = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_3 = BN_CTX_get(ctx)) == NULL) goto err; /* transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3) */ @@ -652,14 +656,19 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons return 0; } BN_CTX_start(ctx); - n0 = BN_CTX_get(ctx); - n1 = BN_CTX_get(ctx); - n2 = BN_CTX_get(ctx); - n3 = BN_CTX_get(ctx); - n4 = BN_CTX_get(ctx); - n5 = BN_CTX_get(ctx); - n6 = BN_CTX_get(ctx); - if (n6 == NULL) + if ((n0 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n1 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n2 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n3 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n4 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n5 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n6 = BN_CTX_get(ctx)) == NULL) goto end; /* @@ -834,11 +843,13 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C return 0; } BN_CTX_start(ctx); - n0 = BN_CTX_get(ctx); - n1 = BN_CTX_get(ctx); - n2 = BN_CTX_get(ctx); - n3 = BN_CTX_get(ctx); - if (n3 == NULL) + if ((n0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n3 = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -990,11 +1001,13 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX return -1; } BN_CTX_start(ctx); - rh = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - Z4 = BN_CTX_get(ctx); - Z6 = BN_CTX_get(ctx); - if (Z6 == NULL) + if ((rh = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z4 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z6 = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -1101,11 +1114,13 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b return -1; } BN_CTX_start(ctx); - tmp1 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - Za23 = BN_CTX_get(ctx); - Zb23 = BN_CTX_get(ctx); - if (Zb23 == NULL) + if ((tmp1 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((tmp2 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((Za23 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((Zb23 = BN_CTX_get(ctx)) == NULL) goto end; /* @@ -1184,9 +1199,9 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) @@ -1225,9 +1240,9 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT * return 0; } BN_CTX_start(ctx); - tmp0 = BN_CTX_get(ctx); - tmp1 = BN_CTX_get(ctx); - if (tmp0 == NULL || tmp1 == NULL) + if ((tmp0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp1 = BN_CTX_get(ctx)) == NULL) goto err; /* diff --git a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c index ee130edeee..4fae7cacfd 100644 --- a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c +++ b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ech_ossl.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: ech_ossl.c,v 1.9 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -120,8 +120,10 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, if ((ctx = BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; priv_key = EC_KEY_get0_private_key(ecdh); if (priv_key == NULL) diff --git a/src/lib/libssl/src/crypto/engine/eng_rsax.c b/src/lib/libssl/src/crypto/engine/eng_rsax.c index c33a776707..784b74a22f 100644 --- a/src/lib/libssl/src/crypto/engine/eng_rsax.c +++ b/src/lib/libssl/src/crypto/engine/eng_rsax.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eng_rsax.c,v 1.12 2014/11/19 13:35:37 krw Exp $ */ +/* $OpenBSD: eng_rsax.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (c) 2010-2010 Intel Corp. * Author: Vinodh.Gopal@intel.com * Jim Guilford @@ -519,9 +519,12 @@ e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) int ret = 0; BN_CTX_start(ctx); - r1 = BN_CTX_get(ctx); - m1 = BN_CTX_get(ctx); - vrfy = BN_CTX_get(ctx); + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((m1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((vrfy = BN_CTX_get(ctx)) == NULL) + goto err; { BIGNUM local_p, local_q; diff --git a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c index b057dd2201..cf7f9a328b 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_crpt.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: rsa_crpt.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -145,10 +145,11 @@ rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q, return NULL; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - if (r2 == NULL) + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_sub(r1, p, BN_value_one())) diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c index f8031c87a2..0eb18cf3c7 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.36 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.37 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -181,7 +181,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = malloc(num); - if (!f || !ret || !buf) { + if (f == NULL || ret == NULL || buf == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE); goto err; } @@ -366,7 +366,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = malloc(num); - if (!f || !ret || !buf) { + if (f == NULL || ret == NULL || buf == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/src/lib/libssl/src/crypto/rsa/rsa_gen.c b/src/lib/libssl/src/crypto/rsa/rsa_gen.c index a3b9da4856..f6f051c442 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_gen.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_gen.c,v 1.16 2014/07/11 08:44:49 jsing Exp $ */ +/* $OpenBSD: rsa_gen.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -99,11 +99,13 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) if (ctx == NULL) goto err; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - r3 = BN_CTX_get(ctx); - if (r3 == NULL) + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r3 = BN_CTX_get(ctx)) == NULL) goto err; bitsp = (bits + 1) / 2; -- cgit v1.2.3-55-g6feb