From 179abd81b4f15cbfccb4e7979a66e5a587063472 Mon Sep 17 00:00:00 2001 From: miod <> Date: Sat, 14 Feb 2015 15:49:51 +0000 Subject: 1.18 would introduce a possible out-of-bounds access in the error path; Coverity CID 105346 ok doug@ --- src/lib/libcrypto/evp/p5_crpt2.c | 12 +++++------- src/lib/libssl/src/crypto/evp/p5_crpt2.c | 12 +++++------- 2 files changed, 10 insertions(+), 14 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 6fc88a0437..afafb9551f 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p5_crpt2.c,v 1.19 2015/02/14 15:45:21 miod Exp $ */ +/* $OpenBSD: p5_crpt2.c,v 1.20 2015/02/14 15:49:51 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -236,19 +236,19 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET); - goto err; + return 0; } keylen = EVP_CIPHER_CTX_key_length(ctx); if (keylen > sizeof key) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH); - goto err; + return 0; } /* Decode parameter */ if (!param || (param->type != V_ASN1_SEQUENCE)) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); - goto err; + return 0; } pbuf = param->value.sequence->data; @@ -256,11 +256,9 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); - goto err; + return 0; } - keylen = EVP_CIPHER_CTX_key_length(ctx); - /* Now check the parameters of the kdf */ if (kdf->keylength && diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c index 6fc88a0437..afafb9551f 100644 --- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c +++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p5_crpt2.c,v 1.19 2015/02/14 15:45:21 miod Exp $ */ +/* $OpenBSD: p5_crpt2.c,v 1.20 2015/02/14 15:49:51 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -236,19 +236,19 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET); - goto err; + return 0; } keylen = EVP_CIPHER_CTX_key_length(ctx); if (keylen > sizeof key) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH); - goto err; + return 0; } /* Decode parameter */ if (!param || (param->type != V_ASN1_SEQUENCE)) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); - goto err; + return 0; } pbuf = param->value.sequence->data; @@ -256,11 +256,9 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); - goto err; + return 0; } - keylen = EVP_CIPHER_CTX_key_length(ctx); - /* Now check the parameters of the kdf */ if (kdf->keylength && -- cgit v1.2.3-55-g6feb