From fb4b9046bf049484f0a34a724bc5b6c7a17f967a Mon Sep 17 00:00:00 2001
From: miod <>
Date: Sat, 18 Jul 2015 14:40:59 +0000
Subject: Check the return value of ASN1_STRING_set(), for it may fail to
 allocate memory. Coverity CID 24810, 24846. ok bcook@ doug@

---
 src/lib/libcrypto/asn1/asn1_gen.c          | 13 +++++++++----
 src/lib/libcrypto/pkcs7/pk7_doit.c         |  7 +++++--
 src/lib/libssl/src/crypto/asn1/asn1_gen.c  | 13 +++++++++----
 src/lib/libssl/src/crypto/pkcs7/pk7_doit.c |  7 +++++--
 4 files changed, 28 insertions(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/asn1/asn1_gen.c b/src/lib/libcrypto/asn1/asn1_gen.c
index 384088308f..08a5dec4a6 100644
--- a/src/lib/libcrypto/asn1/asn1_gen.c
+++ b/src/lib/libcrypto/asn1/asn1_gen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1_gen.c,v 1.13 2015/02/12 06:04:24 jsg Exp $ */
+/* $OpenBSD: asn1_gen.c,v 1.14 2015/07/18 14:40:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2002.
  */
@@ -740,9 +740,14 @@ asn1_str2type(const char *str, int format, int utype)
 			atmp->value.asn1_string->length = rdlen;
 			atmp->value.asn1_string->type = utype;
 
-		} else if (format == ASN1_GEN_FORMAT_ASCII)
-			ASN1_STRING_set(atmp->value.asn1_string, str, -1);
-		else if ((format == ASN1_GEN_FORMAT_BITLIST) &&
+		} else if (format == ASN1_GEN_FORMAT_ASCII) {
+			if (ASN1_STRING_set(atmp->value.asn1_string, str,
+			    -1) == 0) {
+				ASN1err(ASN1_F_ASN1_STR2TYPE,
+				    ERR_R_MALLOC_FAILURE);
+				goto bad_str;
+			}
+		} else if ((format == ASN1_GEN_FORMAT_BITLIST) &&
 		    (utype == V_ASN1_BIT_STRING)) {
 			if (!CONF_parse_list(str, ',', 1, bitstr_cb,
 			    atmp->value.bit_string)) {
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index 5631d35712..d6fcaca745 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pk7_doit.c,v 1.33 2015/07/15 17:44:20 miod Exp $ */
+/* $OpenBSD: pk7_doit.c,v 1.34 2015/07/18 14:40:59 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -850,12 +850,15 @@ PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 	} else if (i == NID_pkcs7_digest) {
 		unsigned char md_data[EVP_MAX_MD_SIZE];
 		unsigned int md_len;
+
 		if (!PKCS7_find_digest(&mdc, bio,
 		    OBJ_obj2nid(p7->d.digest->md->algorithm)))
 			goto err;
 		if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
 			goto err;
-		M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
+		if (M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data,
+		    md_len) == 0)
+			goto err;
 	}
 
 	if (!PKCS7_is_detached(p7)) {
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_gen.c b/src/lib/libssl/src/crypto/asn1/asn1_gen.c
index 384088308f..08a5dec4a6 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_gen.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_gen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1_gen.c,v 1.13 2015/02/12 06:04:24 jsg Exp $ */
+/* $OpenBSD: asn1_gen.c,v 1.14 2015/07/18 14:40:59 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2002.
  */
@@ -740,9 +740,14 @@ asn1_str2type(const char *str, int format, int utype)
 			atmp->value.asn1_string->length = rdlen;
 			atmp->value.asn1_string->type = utype;
 
-		} else if (format == ASN1_GEN_FORMAT_ASCII)
-			ASN1_STRING_set(atmp->value.asn1_string, str, -1);
-		else if ((format == ASN1_GEN_FORMAT_BITLIST) &&
+		} else if (format == ASN1_GEN_FORMAT_ASCII) {
+			if (ASN1_STRING_set(atmp->value.asn1_string, str,
+			    -1) == 0) {
+				ASN1err(ASN1_F_ASN1_STR2TYPE,
+				    ERR_R_MALLOC_FAILURE);
+				goto bad_str;
+			}
+		} else if ((format == ASN1_GEN_FORMAT_BITLIST) &&
 		    (utype == V_ASN1_BIT_STRING)) {
 			if (!CONF_parse_list(str, ',', 1, bitstr_cb,
 			    atmp->value.bit_string)) {
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
index 5631d35712..d6fcaca745 100644
--- a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pk7_doit.c,v 1.33 2015/07/15 17:44:20 miod Exp $ */
+/* $OpenBSD: pk7_doit.c,v 1.34 2015/07/18 14:40:59 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -850,12 +850,15 @@ PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 	} else if (i == NID_pkcs7_digest) {
 		unsigned char md_data[EVP_MAX_MD_SIZE];
 		unsigned int md_len;
+
 		if (!PKCS7_find_digest(&mdc, bio,
 		    OBJ_obj2nid(p7->d.digest->md->algorithm)))
 			goto err;
 		if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
 			goto err;
-		M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
+		if (M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data,
+		    md_len) == 0)
+			goto err;
 	}
 
 	if (!PKCS7_is_detached(p7)) {
-- 
cgit v1.2.3-55-g6feb