From aac751832ad9bb43fdaaf5ee719bdb0f7048074e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 9 Dec 2009 13:38:20 +0000 Subject: [PATCH] PR: 2124 Submitted by: Jan Pechanec Check for memory allocation failures. --- crypto/evp/digest.c | 16 +++++++++++++--- crypto/lhash/lhash.c | 33 +++++++++++++++++++++++++++++---- crypto/rsa/rsa_lib.c | 11 ++++++++++- crypto/x509/x509_lu.c | 8 +++++++- 4 files changed, 59 insertions(+), 9 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index acada47fda..d6abcfe1d6 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -126,7 +126,8 @@ EVP_MD_CTX *EVP_MD_CTX_create(void) { EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx); - EVP_MD_CTX_init(ctx); + if (ctx) + EVP_MD_CTX_init(ctx); return ctx; } @@ -286,8 +287,17 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) if (in->md_data && out->digest->ctx_size) { - if (tmp_buf) out->md_data = tmp_buf; - else out->md_data=OPENSSL_malloc(out->digest->ctx_size); + if (tmp_buf) + out->md_data = tmp_buf; + else + { + out->md_data=OPENSSL_malloc(out->digest->ctx_size); + if (!out->md_data) + { + EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE); + return 0; + } + } memcpy(out->md_data,in->md_data,out->digest->ctx_size); } diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 47f748081b..528f9c7cef 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -310,16 +310,40 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg) static void expand(_LHASH *lh) { LHASH_NODE **n,**n1,**n2,*np; - unsigned int p,i,j; + unsigned int p,i,j,pmax; unsigned long hash,nni; + p=(int)lh->p++; + nni=lh->num_alloc_nodes; + pmax=lh->pmax; + + if ((lh->p) >= lh->pmax) + { + j=(int)lh->num_alloc_nodes*2; + n=(LHASH_NODE **)OPENSSL_realloc(lh->b, + (int)sizeof(LHASH_NODE *)*j); + if (n == NULL) + { +/* fputs("realloc error in lhash",stderr); */ + lh->error++; + lh->p=0; + return; + } + /* else */ + for (i=(int)lh->num_alloc_nodes; ipmax=lh->num_alloc_nodes; + lh->num_alloc_nodes=j; + lh->num_expand_reallocs++; + lh->p=0; + lh->b=n; + } + lh->num_nodes++; lh->num_expands++; - p=(int)lh->p++; n1= &(lh->b[p]); - n2= &(lh->b[p+(int)lh->pmax]); + n2= &(lh->b[p+pmax]); *n2=NULL; /* 27/07/92 - eay - undefined pointer bug */ - nni=lh->num_alloc_nodes; for (np= *n1; np != NULL; ) { @@ -388,6 +412,7 @@ static void contract(_LHASH *lh) else lh->p--; + lh->b[idx] = NULL; lh->num_nodes--; lh->num_contracts++; diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index e334e506fb..de45088d76 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -182,7 +182,16 @@ RSA *RSA_new_method(ENGINE *engine) ret->mt_blinding=NULL; ret->bignum_data=NULL; ret->flags=ret->meth->flags; - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) + { +#ifndef OPENSSL_NO_ENGINE + if (ret->engine) + ENGINE_finish(ret->engine); +#endif + OPENSSL_free(ret); + return(NULL); + } + if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { #ifndef OPENSSL_NO_ENGINE diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index fb7d23bbd0..7e38544e5f 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -200,7 +200,13 @@ X509_STORE *X509_STORE_new(void) ret->lookup_crls = 0; ret->cleanup = 0; - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data); + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) + { + sk_X509_OBJECT_free(ret->objs); + OPENSSL_free(ret); + return NULL; + } + ret->references=1; return ret; } -- 2.40.0