Commit 37cad7e6 authored by FdaSilvaYY's avatar FdaSilvaYY Committed by Pauli
Browse files

Fix CID 1434549: Unchecked return value in test/evp_test.c 



5. check_return: Calling EVP_EncodeUpdate without checking return value
(as is done elsewhere 4 out of 5 times).

Fix CID 1371695, 1371698: Resource leak in test/evp_test.c

- leaked_storage: Variable edata going out of scope leaks the storage it
points to.

- leaked_storage: Variable encode_ctx going out of scope leaks the
storage it points to

Fix CID 1430437, 1430426, 1430429 : Dereference before null check in test/drbg_cavs_test.c

check_after_deref: Null-checking drbg suggests that it
may be null, but it has already been dereferenced on all paths leading
to the check

Fix CID 1440765: Dereference before null check in test/ssltestlib.c

check_after_deref: Null-checking ctx suggests that it may be null, but
it has already been dereferenced on all paths leading to the check.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7993)

(cherry picked from commit 760e2d60)
parent 25eb9299

test/drbg_cavs_test.c

+10 −19
Original line number Diff line number Diff line 
/*

 * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy
@@ -104,12 +104,9 @@ static int single_kat_no_reseed(const struct drbg_kat *td) 
        failures++;



err:

    if (buff != NULL)

    OPENSSL_free(buff);

    if (drbg != NULL) {

    RAND_DRBG_uninstantiate(drbg);

    RAND_DRBG_free(drbg);

    }

    return failures == 0;

}
@@ -172,12 +169,9 @@ static int single_kat_pr_false(const struct drbg_kat *td) 
        failures++;



err:

    if (buff != NULL)

    OPENSSL_free(buff);

    if (drbg != NULL) {

    RAND_DRBG_uninstantiate(drbg);

    RAND_DRBG_free(drbg);

    }

    return failures == 0;

}
@@ -243,12 +237,9 @@ static int single_kat_pr_true(const struct drbg_kat *td) 
        failures++;



err:

    if (buff != NULL)

    OPENSSL_free(buff);

    if (drbg != NULL) {

    RAND_DRBG_uninstantiate(drbg);

    RAND_DRBG_free(drbg);

    }

    return failures == 0;

}

test/evp_test.c

+12 −9
Original line number Diff line number Diff line 
/*

 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy
@@ -1559,15 +1559,18 @@ static int encode_test_init(EVP_TEST *t, const char *encoding) 
    } else if (strcmp(encoding, "invalid") == 0) {

        edata->encoding = BASE64_INVALID_ENCODING;

        if (!TEST_ptr(t->expected_err = OPENSSL_strdup("DECODE_ERROR")))

            return 0;

            goto err;

    } else {

        TEST_error("Bad encoding: %s."

                   " Should be one of {canonical, valid, invalid}",

                   encoding);

        return 0;

        goto err;

    }

    t->data = edata;

    return 1;

err:

    OPENSSL_free(edata);

    return 0;

}



static void encode_test_cleanup(EVP_TEST *t)
@@ -1596,7 +1599,7 @@ static int encode_test_run(EVP_TEST *t) 
    ENCODE_DATA *expected = t->data;

    unsigned char *encode_out = NULL, *decode_out = NULL;

    int output_len, chunk_len;

    EVP_ENCODE_CTX *decode_ctx;

    EVP_ENCODE_CTX *decode_ctx = NULL, *encode_ctx = NULL;



    if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) {

        t->err = "INTERNAL_ERROR";
@@ -1604,7 +1607,6 @@ static int encode_test_run(EVP_TEST *t) 
    }



    if (expected->encoding == BASE64_CANONICAL_ENCODING) {

        EVP_ENCODE_CTX *encode_ctx;



        if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new())

                || !TEST_ptr(encode_out =
@@ -1612,15 +1614,15 @@ static int encode_test_run(EVP_TEST *t) 
            goto err;



        EVP_EncodeInit(encode_ctx);

        EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,

                         expected->input, expected->input_len);

        if (!TEST_true(EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len,

                                        expected->input, expected->input_len)))

            goto err;



        output_len = chunk_len;



        EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len);

        output_len += chunk_len;



        EVP_ENCODE_CTX_free(encode_ctx);



        if (!memory_err_compare(t, "BAD_ENCODING",

                                expected->output, expected->output_len,

                                encode_out, output_len))
@@ -1658,6 +1660,7 @@ static int encode_test_run(EVP_TEST *t) 
    OPENSSL_free(encode_out);

    OPENSSL_free(decode_out);

    EVP_ENCODE_CTX_free(decode_ctx);

    EVP_ENCODE_CTX_free(encode_ctx);

    return 1;

}

test/ssltestlib.c

+4 −2
Original line number Diff line number Diff line 
/*

 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy
@@ -428,7 +428,7 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, 
{

    MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);

    MEMPACKET *thispkt = NULL, *looppkt, *nextpkt, *allpkts[3];

    int i, duprec = ctx->duprec > 0;

    int i, duprec;

    const unsigned char *inu = (const unsigned char *)in;

    size_t len = ((inu[RECORD_LEN_HI] << 8) | inu[RECORD_LEN_LO])

                 + DTLS1_RT_HEADER_LENGTH;
@@ -441,6 +441,8 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, 


    if ((size_t)inl == len)

        duprec = 0;

    else

        duprec = ctx->duprec > 0;



    /* We don't support arbitrary injection when duplicating records */

    if (duprec && pktnum != -1)