diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2015-02-09 15:49:23 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2015-02-09 15:49:23 +0000 |
| commit | 6cbf53f9a6696e529e5224265cfa1741775d5cfa (patch) | |
| tree | 7e9f6e4f5a2e4ca31dd5118e845b28f43df1db26 /lib/libcrypto | |
| parent | d566de171fae9cff9702bb783eefe844380a4f04 (diff) | |
BN_CTX_get() can fail - consistently check its return value.
There are currently cases where the return from each call is checked,
the return from only the last call is checked and cases where it is not
checked at all (including code in bn, ec and engine).
Checking the last return value is valid as once the function fails it will
continue to return NULL. However, in order to be consistent check each
call with the same idiom. This makes it easy to verify.
Note there are still a handful of cases that do not follow the idiom -
these will be handled separately.
ok beck@ doug@
Diffstat (limited to 'lib/libcrypto')
28 files changed, 358 insertions, 273 deletions
diff --git a/lib/libcrypto/bn/bn_div.c b/lib/libcrypto/bn/bn_div.c index f4deccf77fe..fefc53f9fad 100644 --- a/lib/libcrypto/bn/bn_div.c +++ b/lib/libcrypto/bn/bn_div.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_div.c,v 1.22 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_div.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -170,7 +170,7 @@ BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, res = BN_CTX_get(ctx); else res = dv; - if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL) + if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL) goto err; /* First we normalise the numbers */ diff --git a/lib/libcrypto/bn/bn_exp.c b/lib/libcrypto/bn/bn_exp.c index 1aa5503daec..eecab5163b0 100644 --- a/lib/libcrypto/bn/bn_exp.c +++ b/lib/libcrypto/bn/bn_exp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp.c,v 1.19 2014/07/11 15:01:49 miod Exp $ */ +/* $OpenBSD: bn_exp.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -272,9 +272,9 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - aa = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!aa || !val[0]) + if ((aa = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; BN_RECP_CTX_init(&recp); @@ -408,10 +408,11 @@ BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!d || !r || !val[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; /* If this is not done, things will break in the montgomery @@ -885,10 +886,11 @@ BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - if (d == NULL || r == NULL || t == NULL) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (in_mont != NULL) @@ -1003,9 +1005,9 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, } BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - val[0] = BN_CTX_get(ctx); - if (!d || !val[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val[0] = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_nnmod(val[0],a,m,ctx)) diff --git a/lib/libcrypto/bn/bn_exp2.c b/lib/libcrypto/bn/bn_exp2.c index c8f0294f7aa..38bf467a38d 100644 --- a/lib/libcrypto/bn/bn_exp2.c +++ b/lib/libcrypto/bn/bn_exp2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp2.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_exp2.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -150,11 +150,13 @@ BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, bits = (bits1 > bits2) ? bits1 : bits2; BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - val1[0] = BN_CTX_get(ctx); - val2[0] = BN_CTX_get(ctx); - if (!d || !r || !val1[0] || !val2[0]) + if ((d = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val1[0] = BN_CTX_get(ctx)) == NULL) + goto err; + if ((val2[0] = BN_CTX_get(ctx)) == NULL) goto err; if (in_mont != NULL) diff --git a/lib/libcrypto/bn/bn_gcd.c b/lib/libcrypto/bn/bn_gcd.c index 379bea99ada..da9c29a8e56 100644 --- a/lib/libcrypto/bn/bn_gcd.c +++ b/lib/libcrypto/bn/bn_gcd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gcd.c,v 1.9 2014/07/11 08:44:47 jsing Exp $ */ +/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -125,9 +125,9 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) bn_check_top(in_b); BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - if (a == NULL || b == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) goto err; if (BN_copy(a, in_a) == NULL) @@ -247,14 +247,19 @@ BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) bn_check_top(n); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - D = BN_CTX_get(ctx); - M = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - T = BN_CTX_get(ctx); - if (T == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto err; + if ((B = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((D = BN_CTX_get(ctx)) == NULL) + goto err; + if ((M = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((T = BN_CTX_get(ctx)) == NULL) goto err; if (in == NULL) @@ -537,14 +542,19 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, bn_check_top(n); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - D = BN_CTX_get(ctx); - M = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - T = BN_CTX_get(ctx); - if (T == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto err; + if ((B = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((D = BN_CTX_get(ctx)) == NULL) + goto err; + if ((M = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((T = BN_CTX_get(ctx)) == NULL) goto err; if (in == NULL) diff --git a/lib/libcrypto/bn/bn_gf2m.c b/lib/libcrypto/bn/bn_gf2m.c index 1cd38c77977..4544369248d 100644 --- a/lib/libcrypto/bn/bn_gf2m.c +++ b/lib/libcrypto/bn/bn_gf2m.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gf2m.c,v 1.16 2014/10/28 07:35:58 jsg Exp $ */ +/* $OpenBSD: bn_gf2m.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -840,8 +840,7 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, bn_check_top(p); BN_CTX_start(ctx); - xinv = BN_CTX_get(ctx); - if (xinv == NULL) + if ((xinv = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_inv(xinv, x, p, ctx)) @@ -875,11 +874,13 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - u = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - if (v == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) + goto err; + if ((u = BN_CTX_get(ctx)) == NULL) + goto err; + if ((v = BN_CTX_get(ctx)) == NULL) goto err; /* reduce x and y mod p */ @@ -1137,10 +1138,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], } BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - z = BN_CTX_get(ctx); - w = BN_CTX_get(ctx); - if (w == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z = BN_CTX_get(ctx)) == NULL) + goto err; + if ((w = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(a, a_, p)) @@ -1169,10 +1171,11 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], } else /* m is even */ { - rho = BN_CTX_get(ctx); - w2 = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - if (tmp == NULL) + if ((rho = BN_CTX_get(ctx)) == NULL) + goto err; + if ((w2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp = BN_CTX_get(ctx)) == NULL) goto err; do { if (!BN_rand(rho, p[0], 0, 0)) diff --git a/lib/libcrypto/bn/bn_kron.c b/lib/libcrypto/bn/bn_kron.c index 699cda55f0c..274da5d1868 100644 --- a/lib/libcrypto/bn/bn_kron.c +++ b/lib/libcrypto/bn/bn_kron.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_kron.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_kron.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -79,9 +79,9 @@ BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) bn_check_top(b); BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - if (B == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto end; + if ((B = BN_CTX_get(ctx)) == NULL) goto end; err = !BN_copy(A, a); diff --git a/lib/libcrypto/bn/bn_mont.c b/lib/libcrypto/bn/bn_mont.c index 5803ca493d1..3eb9913a9ed 100644 --- a/lib/libcrypto/bn/bn_mont.c +++ b/lib/libcrypto/bn/bn_mont.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mont.c,v 1.23 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_mont.c,v 1.24 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -149,8 +149,7 @@ BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, #endif BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - if (tmp == NULL) + if ((tmp = BN_CTX_get(ctx)) == NULL) goto err; bn_check_top(tmp); @@ -288,9 +287,9 @@ BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx) BIGNUM *t1, *t2; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_copy(t1, a)) diff --git a/lib/libcrypto/bn/bn_mul.c b/lib/libcrypto/bn/bn_mul.c index daba02d6ca7..7794d597077 100644 --- a/lib/libcrypto/bn/bn_mul.c +++ b/lib/libcrypto/bn/bn_mul.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mul.c,v 1.19 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_mul.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1012,8 +1012,7 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) j = 1 << (j - 1); assert(j <= al || j <= bl); k = j + j; - t = BN_CTX_get(ctx); - if (t == NULL) + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (al > j || bl > j) { if (bn_wexpand(t, k * 4) == NULL) @@ -1057,7 +1056,8 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) j = BN_num_bits_word((BN_ULONG)al); j = 1 << (j - 1); k = j + j; - t = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + goto err; if (al == j) /* exact multiple */ { if (bn_wexpand(t, k * 2) == NULL) diff --git a/lib/libcrypto/bn/bn_prime.c b/lib/libcrypto/bn/bn_prime.c index e5cd315e47b..02780d32e6a 100644 --- a/lib/libcrypto/bn/bn_prime.c +++ b/lib/libcrypto/bn/bn_prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_prime.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: bn_prime.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -170,8 +170,7 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, if (ctx == NULL) goto err; BN_CTX_start(ctx); - t = BN_CTX_get(ctx); - if (!t) + if ((t = BN_CTX_get(ctx)) == NULL) goto err; loop: /* make a random number and set the top and bottom bits */ @@ -287,10 +286,11 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, A = t; } else A = a; - A1 = BN_CTX_get(ctx); - A1_odd = BN_CTX_get(ctx); - check = BN_CTX_get(ctx); - if (check == NULL) + if ((A1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((A1_odd = BN_CTX_get(ctx)) == NULL) + goto err; + if ((check = BN_CTX_get(ctx)) == NULL) goto err; /* compute A1 := A - 1 */ @@ -461,10 +461,11 @@ probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, bits--; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - qadd = BN_CTX_get(ctx); - if (qadd == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((q = BN_CTX_get(ctx)) == NULL) + goto err; + if ((qadd = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_rshift1(qadd, padd)) diff --git a/lib/libcrypto/bn/bn_sqr.c b/lib/libcrypto/bn/bn_sqr.c index 5ea9fb083d6..a0dce6ea817 100644 --- a/lib/libcrypto/bn/bn_sqr.c +++ b/lib/libcrypto/bn/bn_sqr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqr.c,v 1.11 2014/07/11 13:26:31 miod Exp $ */ +/* $OpenBSD: bn_sqr.c,v 1.12 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,7 +85,7 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) BN_CTX_start(ctx); rr = (a != r) ? r : BN_CTX_get(ctx); tmp = BN_CTX_get(ctx); - if (!rr || !tmp) + if (rr == NULL || tmp == NULL) goto err; max = 2 * al; /* Non-zero (from above) */ diff --git a/lib/libcrypto/bn/bn_sqrt.c b/lib/libcrypto/bn/bn_sqrt.c index 9a59d56b3f1..f94fa410941 100644 --- a/lib/libcrypto/bn/bn_sqrt.c +++ b/lib/libcrypto/bn/bn_sqrt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqrt.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */ +/* $OpenBSD: bn_sqrt.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> * and Bodo Moeller for the OpenSSL project. */ /* ==================================================================== @@ -108,13 +108,17 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) } BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((A = BN_CTX_get(ctx)) == NULL) + goto end; + if ((b = BN_CTX_get(ctx)) == NULL) + goto end; + if ((q = BN_CTX_get(ctx)) == NULL) + goto end; + if ((t = BN_CTX_get(ctx)) == NULL) + goto end; + if ((x = BN_CTX_get(ctx)) == NULL) + goto end; + if ((y = BN_CTX_get(ctx)) == NULL) goto end; if (ret == NULL) diff --git a/lib/libcrypto/bn/bn_x931p.c b/lib/libcrypto/bn/bn_x931p.c index fc8d4c3c494..89c86c1ff70 100644 --- a/lib/libcrypto/bn/bn_x931p.c +++ b/lib/libcrypto/bn/bn_x931p.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_x931p.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ +/* $OpenBSD: bn_x931p.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -107,17 +107,21 @@ BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, const BIGNUM *Xp, return 0; BN_CTX_start(ctx); - if (!p1) - p1 = BN_CTX_get(ctx); - - if (!p2) - p2 = BN_CTX_get(ctx); - - t = BN_CTX_get(ctx); - - p1p2 = BN_CTX_get(ctx); + if (p1 != NULL) { + if ((p1 = BN_CTX_get(ctx)) == NULL) + goto err; + } + if (p2 != NULL) { + if ((p2 = BN_CTX_get(ctx)) == NULL) + goto err; + } - pm1 = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + goto err; + if ((p1p2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((pm1 = BN_CTX_get(ctx)) == NULL) + goto err; if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) goto err; @@ -213,7 +217,8 @@ BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx) return 0; BN_CTX_start(ctx); - t = BN_CTX_get(ctx); + if ((t = BN_CTX_get(ctx)) == NULL) + return 0; for (i = 0; i < 1000; i++) { if (!BN_rand(Xq, nbits, 1, 0)) @@ -247,10 +252,14 @@ BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1, int ret = 0; BN_CTX_start(ctx); - if (!Xp1) - Xp1 = BN_CTX_get(ctx); - if (!Xp2) - Xp2 = BN_CTX_get(ctx); + if (Xp1 != NULL) { + if ((Xp1 = BN_CTX_get(ctx)) == NULL) + goto error; + } + if (Xp2 != NULL) { + if ((Xp2 = BN_CTX_get(ctx)) == NULL) + goto error; + } if (!BN_rand(Xp1, 101, 0, 0)) goto error; diff --git a/lib/libcrypto/dh/dh_gen.c b/lib/libcrypto/dh/dh_gen.c index 1bc37b987e5..de566802d32 100644 --- a/lib/libcrypto/dh/dh_gen.c +++ b/lib/libcrypto/dh/dh_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_gen.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: dh_gen.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -115,9 +115,9 @@ dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) if (ctx == NULL) goto err; BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; /* Make sure 'ret' has the necessary elements */ diff --git a/lib/libcrypto/dh/dh_key.c b/lib/libcrypto/dh/dh_key.c index b8352149e27..31bc7b3dfd5 100644 --- a/lib/libcrypto/dh/dh_key.c +++ b/lib/libcrypto/dh/dh_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_key.c,v 1.22 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: dh_key.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -195,7 +195,8 @@ compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) if (ctx == NULL) goto err; BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; if (dh->priv_key == NULL) { DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE); diff --git a/lib/libcrypto/dsa/dsa_gen.c b/lib/libcrypto/dsa/dsa_gen.c index 296a544c319..dcfa9578841 100644 --- a/lib/libcrypto/dsa/dsa_gen.c +++ b/lib/libcrypto/dsa/dsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_gen.c,v 1.17 2014/10/22 13:02:04 jsing Exp $ */ +/* $OpenBSD: dsa_gen.c,v 1.18 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -148,14 +148,22 @@ dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd, goto err; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - g = BN_CTX_get(ctx); - W = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - c = BN_CTX_get(ctx); - p = BN_CTX_get(ctx); - test = BN_CTX_get(ctx); + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((g = BN_CTX_get(ctx)) == NULL) + goto err; + if ((W = BN_CTX_get(ctx)) == NULL) + goto err; + if ((q = BN_CTX_get(ctx)) == NULL) + goto err; + if ((X = BN_CTX_get(ctx)) == NULL) + goto err; + if ((c = BN_CTX_get(ctx)) == NULL) + goto err; + if ((p = BN_CTX_get(ctx)) == NULL) + goto err; + if ((test = BN_CTX_get(ctx)) == NULL) + goto err; if (!BN_lshift(test, BN_value_one(), bits - 1)) goto err; diff --git a/lib/libcrypto/ec/ec2_mult.c b/lib/libcrypto/ec/ec2_mult.c index dd113907be1..8f0091efe1c 100644 --- a/lib/libcrypto/ec/ec2_mult.c +++ b/lib/libcrypto/ec/ec2_mult.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_mult.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_mult.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -91,8 +91,7 @@ gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx) /* Since Mdouble is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - if (t1 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) goto err; if (!group->meth->field_sqr(group, x, x, ctx)) @@ -132,9 +131,9 @@ gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1, /* Since Madd is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t2 == NULL) + if ((t1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_copy(t1, x)) @@ -191,10 +190,11 @@ gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIGNUM *x1, } /* Since Mxy is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - t3 = BN_CTX_get(ctx); - t4 = BN_CTX_get(ctx); - t5 = BN_CTX_get(ctx); - if (t5 == NULL) + if ((t3 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t4 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t5 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_one(t5)) @@ -281,9 +281,9 @@ ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, /* Since point_multiply is static we can guarantee that ctx != NULL. */ BN_CTX_start(ctx); - x1 = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - if (z1 == NULL) + if ((x1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z1 = BN_CTX_get(ctx)) == NULL) goto err; x2 = &r->X; diff --git a/lib/libcrypto/ec/ec2_oct.c b/lib/libcrypto/ec/ec2_oct.c index c45d9c22190..72690b1bc7f 100644 --- a/lib/libcrypto/ec/ec2_oct.c +++ b/lib/libcrypto/ec/ec2_oct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -109,11 +109,13 @@ ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point y_bit = (y_bit != 0) ? 1 : 0; BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - z = BN_CTX_get(ctx); - if (z == NULL) + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((z = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(x, x_, group->poly)) @@ -212,10 +214,11 @@ ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, } BN_CTX_start(ctx); used_ctx = 1; - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - yxi = BN_CTX_get(ctx); - if (yxi == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((yxi = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) @@ -329,10 +332,11 @@ ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - yxi = BN_CTX_get(ctx); - if (yxi == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; + if ((yxi = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) diff --git a/lib/libcrypto/ec/ec2_smpl.c b/lib/libcrypto/ec/ec2_smpl.c index b9c066c5c16..43f0afd5ae9 100644 --- a/lib/libcrypto/ec/ec2_smpl.c +++ b/lib/libcrypto/ec/ec2_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec2_smpl.c,v 1.13 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec2_smpl.c,v 1.14 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -291,8 +291,7 @@ ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx) } } BN_CTX_start(ctx); - b = BN_CTX_get(ctx); - if (b == NULL) + if ((b = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_GF2m_mod_arr(b, &group->b, group->poly)) @@ -464,15 +463,21 @@ ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, return 0; } BN_CTX_start(ctx); - x0 = BN_CTX_get(ctx); - y0 = BN_CTX_get(ctx); - x1 = BN_CTX_get(ctx); - y1 = BN_CTX_get(ctx); - x2 = BN_CTX_get(ctx); - y2 = BN_CTX_get(ctx); - s = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - if (t == NULL) + if ((x0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((s = BN_CTX_get(ctx)) == NULL) + goto err; + if ((t = BN_CTX_get(ctx)) == NULL) goto err; if (a->Z_is_one) { @@ -611,9 +616,9 @@ ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX return -1; } BN_CTX_start(ctx); - y2 = BN_CTX_get(ctx); - lh = BN_CTX_get(ctx); - if (lh == NULL) + if ((y2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((lh = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -651,7 +656,8 @@ err: * 1 not equal */ int -ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx) +ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, + const EC_POINT *b, BN_CTX *ctx) { BIGNUM *aX, *aY, *bX, *bY; BN_CTX *new_ctx = NULL; @@ -672,11 +678,13 @@ ec_GF2m_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * return -1; } BN_CTX_start(ctx); - aX = BN_CTX_get(ctx); - aY = BN_CTX_get(ctx); - bX = BN_CTX_get(ctx); - bY = BN_CTX_get(ctx); - if (bY == NULL) + if ((aX = BN_CTX_get(ctx)) == NULL) + goto err; + if ((aY = BN_CTX_get(ctx)) == NULL) + goto err; + if ((bX = BN_CTX_get(ctx)) == NULL) + goto err; + if ((bY = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx)) @@ -710,9 +718,9 @@ ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ct return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) diff --git a/lib/libcrypto/ec/ec_key.c b/lib/libcrypto/ec/ec_key.c index f9904b4ee9d..45192c3231b 100644 --- a/lib/libcrypto/ec/ec_key.c +++ b/lib/libcrypto/ec/ec_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_key.c,v 1.10 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ec_key.c,v 1.11 2015/02/09 15:49:22 jsing Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -359,8 +359,11 @@ EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y) if (tmp_nid == NID_X9_62_characteristic_two_field) is_char_two = 1; - tx = BN_CTX_get(ctx); - ty = BN_CTX_get(ctx); + if ((tx = BN_CTX_get(ctx)) == NULL) + goto err; + if ((ty = BN_CTX_get(ctx)) == NULL) + goto err; + #ifndef OPENSSL_NO_EC2M if (is_char_two) { if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point, diff --git a/lib/libcrypto/ec/ec_lib.c b/lib/libcrypto/ec/ec_lib.c index 47ccc614d1a..8cf0f2241ee 100644 --- a/lib/libcrypto/ec/ec_lib.c +++ b/lib/libcrypto/ec/ec_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_lib.c,v 1.15 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: ec_lib.c,v 1.16 2015/02/09 15:49:22 jsing Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -497,18 +497,19 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) return -1; BN_CTX_start(ctx); - a1 = BN_CTX_get(ctx); - a2 = BN_CTX_get(ctx); - a3 = BN_CTX_get(ctx); - b1 = BN_CTX_get(ctx); - b2 = BN_CTX_get(ctx); - b3 = BN_CTX_get(ctx); - if (!b3) { - BN_CTX_end(ctx); - if (ctx_new) - BN_CTX_free(ctx); - return -1; - } + if ((a1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((a3 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b3 = BN_CTX_get(ctx)) == NULL) + goto err; + /* * XXX This approach assumes that the external representation of * curves over the same field type is the same. @@ -544,6 +545,12 @@ EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx) BN_CTX_free(ctx); return r; + +err: + BN_CTX_end(ctx); + if (ctx_new) + BN_CTX_free(ctx); + return -1; } diff --git a/lib/libcrypto/ec/ec_mult.c b/lib/libcrypto/ec/ec_mult.c index 9e3aee13a29..e7114135983 100644 --- a/lib/libcrypto/ec/ec_mult.c +++ b/lib/libcrypto/ec/ec_mult.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_mult.c,v 1.16 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: ec_mult.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. */ @@ -753,8 +753,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx) goto err; } BN_CTX_start(ctx); - order = BN_CTX_get(ctx); - if (order == NULL) + if ((order = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_GROUP_get_order(group, order, ctx)) diff --git a/lib/libcrypto/ec/ecp_oct.c b/lib/libcrypto/ec/ecp_oct.c index abc31e63821..994f0b08b1b 100644 --- a/lib/libcrypto/ec/ecp_oct.c +++ b/lib/libcrypto/ec/ecp_oct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_oct.c,v 1.6 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ecp_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */ /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -67,8 +67,8 @@ #include "ec_lcl.h" int -ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * point, - const BIGNUM * x_, int y_bit, BN_CTX * ctx) +ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, + EC_POINT * point, const BIGNUM * x_, int y_bit, BN_CTX * ctx) { BN_CTX *new_ctx = NULL; BIGNUM *tmp1, *tmp2, *x, *y; @@ -85,11 +85,13 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group, EC_POINT * poin y_bit = (y_bit != 0); BN_CTX_start(ctx); - tmp1 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((tmp1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -239,9 +241,9 @@ ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_co } BN_CTX_start(ctx); used_ctx = 1; - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) @@ -348,9 +350,9 @@ ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point, return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) diff --git a/lib/libcrypto/ec/ecp_smpl.c b/lib/libcrypto/ec/ecp_smpl.c index 7b3bb2364d9..f6db4dc9b19 100644 --- a/lib/libcrypto/ec/ecp_smpl.c +++ b/lib/libcrypto/ec/ecp_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_smpl.c,v 1.14 2015/02/08 22:25:03 miod Exp $ */ +/* $OpenBSD: ecp_smpl.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */ /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -188,8 +188,7 @@ ec_GFp_simple_group_set_curve(EC_GROUP * group, return 0; } BN_CTX_start(ctx); - tmp_a = BN_CTX_get(ctx); - if (tmp_a == NULL) + if ((tmp_a = BN_CTX_get(ctx)) == NULL) goto err; /* group->field */ @@ -294,12 +293,15 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx) } } BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - tmp_1 = BN_CTX_get(ctx); - tmp_2 = BN_CTX_get(ctx); - order = BN_CTX_get(ctx); - if (order == NULL) + if ((a = BN_CTX_get(ctx)) == NULL) + goto err; + if ((b = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp_1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp_2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((order = BN_CTX_get(ctx)) == NULL) goto err; if (group->meth->field_decode) { @@ -539,11 +541,13 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POIN return 0; } BN_CTX_start(ctx); - Z = BN_CTX_get(ctx); - Z_1 = BN_CTX_get(ctx); - Z_2 = BN_CTX_get(ctx); - Z_3 = BN_CTX_get(ctx); - if (Z_3 == NULL) + if ((Z = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z_3 = BN_CTX_get(ctx)) == NULL) goto err; /* transform (X, Y, Z) into (x, y) := (X/Z^2, Y/Z^3) */ @@ -652,14 +656,19 @@ ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, cons return 0; } BN_CTX_start(ctx); - n0 = BN_CTX_get(ctx); - n1 = BN_CTX_get(ctx); - n2 = BN_CTX_get(ctx); - n3 = BN_CTX_get(ctx); - n4 = BN_CTX_get(ctx); - n5 = BN_CTX_get(ctx); - n6 = BN_CTX_get(ctx); - if (n6 == NULL) + if ((n0 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n1 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n2 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n3 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n4 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n5 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((n6 = BN_CTX_get(ctx)) == NULL) goto end; /* @@ -834,11 +843,13 @@ ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_C return 0; } BN_CTX_start(ctx); - n0 = BN_CTX_get(ctx); - n1 = BN_CTX_get(ctx); - n2 = BN_CTX_get(ctx); - n3 = BN_CTX_get(ctx); - if (n3 == NULL) + if ((n0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((n3 = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -990,11 +1001,13 @@ ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX return -1; } BN_CTX_start(ctx); - rh = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - Z4 = BN_CTX_get(ctx); - Z6 = BN_CTX_get(ctx); - if (Z6 == NULL) + if ((rh = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z4 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((Z6 = BN_CTX_get(ctx)) == NULL) goto err; /* @@ -1101,11 +1114,13 @@ ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b return -1; } BN_CTX_start(ctx); - tmp1 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - Za23 = BN_CTX_get(ctx); - Zb23 = BN_CTX_get(ctx); - if (Zb23 == NULL) + if ((tmp1 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((tmp2 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((Za23 = BN_CTX_get(ctx)) == NULL) + goto end; + if ((Zb23 = BN_CTX_get(ctx)) == NULL) goto end; /* @@ -1184,9 +1199,9 @@ ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx return 0; } BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - if (y == NULL) + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) @@ -1225,9 +1240,9 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT * return 0; } BN_CTX_start(ctx); - tmp0 = BN_CTX_get(ctx); - tmp1 = BN_CTX_get(ctx); - if (tmp0 == NULL || tmp1 == NULL) + if ((tmp0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((tmp1 = BN_CTX_get(ctx)) == NULL) goto err; /* diff --git a/lib/libcrypto/ecdh/ech_ossl.c b/lib/libcrypto/ecdh/ech_ossl.c index ee130edeee4..4fae7cacfdb 100644 --- a/lib/libcrypto/ecdh/ech_ossl.c +++ b/lib/libcrypto/ecdh/ech_ossl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ech_ossl.c,v 1.8 2014/07/12 16:03:37 miod Exp $ */ +/* $OpenBSD: ech_ossl.c,v 1.9 2015/02/09 15:49:22 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -120,8 +120,10 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, if ((ctx = BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); + if ((x = BN_CTX_get(ctx)) == NULL) + goto err; + if ((y = BN_CTX_get(ctx)) == NULL) + goto err; priv_key = EC_KEY_get0_private_key(ecdh); if (priv_key == NULL) diff --git a/lib/libcrypto/engine/eng_rsax.c b/lib/libcrypto/engine/eng_rsax.c index c33a776707c..784b74a22f2 100644 --- a/lib/libcrypto/engine/eng_rsax.c +++ b/lib/libcrypto/engine/eng_rsax.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eng_rsax.c,v 1.12 2014/11/19 13:35:37 krw Exp $ */ +/* $OpenBSD: eng_rsax.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (c) 2010-2010 Intel Corp. * Author: Vinodh.Gopal@intel.com * Jim Guilford @@ -519,9 +519,12 @@ e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) int ret = 0; BN_CTX_start(ctx); - r1 = BN_CTX_get(ctx); - m1 = BN_CTX_get(ctx); - vrfy = BN_CTX_get(ctx); + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((m1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((vrfy = BN_CTX_get(ctx)) == NULL) + goto err; { BIGNUM local_p, local_q; diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c index b057dd2201d..cf7f9a328b4 100644 --- a/lib/libcrypto/rsa/rsa_crpt.c +++ b/lib/libcrypto/rsa/rsa_crpt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_crpt.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: rsa_crpt.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -145,10 +145,11 @@ rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q, return NULL; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - if (r2 == NULL) + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r2 = BN_CTX_get(ctx)) == NULL) goto err; if (!BN_sub(r1, p, BN_value_one())) diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c index f8031c87a27..0eb18cf3c79 100644 --- a/lib/libcrypto/rsa/rsa_eay.c +++ b/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.36 2014/10/18 17:20:40 jsing Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.37 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -181,7 +181,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = malloc(num); - if (!f || !ret || !buf) { + if (f == NULL || ret == NULL || buf == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE); goto err; } @@ -366,7 +366,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = malloc(num); - if (!f || !ret || !buf) { + if (f == NULL || ret == NULL || buf == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/lib/libcrypto/rsa/rsa_gen.c b/lib/libcrypto/rsa/rsa_gen.c index a3b9da4856e..f6f051c4427 100644 --- a/lib/libcrypto/rsa/rsa_gen.c +++ b/lib/libcrypto/rsa/rsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_gen.c,v 1.16 2014/07/11 08:44:49 jsing Exp $ */ +/* $OpenBSD: rsa_gen.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -99,11 +99,13 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) if (ctx == NULL) goto err; BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - r3 = BN_CTX_get(ctx); - if (r3 == NULL) + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r2 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r3 = BN_CTX_get(ctx)) == NULL) goto err; bitsp = (bits + 1) / 2; |