Fix misc NULL derefs in sureware engine (96d96746) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

engines/e_sureware.c

+16 −11

Original line number	Diff line number	Diff line
		@@ -712,10 +712,12 @@ static EVP_PKEY sureware_load_public(ENGINE e, const char *key_id,
		/* set public big nums */
		rsatmp->e = BN_new();
		rsatmp->n = BN_new();
		if(!rsatmp->e \|\| !rsatmp->n)
		goto err;
		bn_expand2(rsatmp->e, el / sizeof(BN_ULONG));
		bn_expand2(rsatmp->n, el / sizeof(BN_ULONG));
		if (!rsatmp->e \|\| rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) \|\|
		!rsatmp->n \|\| rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
		if (rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) \|\|
		rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
		goto err;
		ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el,
		(unsigned long *)rsatmp->n->d,
		@@ -752,15 +754,16 @@ static EVP_PKEY sureware_load_public(ENGINE e, const char *key_id,
		dsatmp->p = BN_new();
		dsatmp->q = BN_new();
		dsatmp->g = BN_new();
		if(!dsatmp->pub_key \|\| !dsatmp->p \|\| !dsatmp->q \|\| !dsatmp->g)
		goto err;
		bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG));
		bn_expand2(dsatmp->p, el / sizeof(BN_ULONG));
		bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG));
		bn_expand2(dsatmp->g, el / sizeof(BN_ULONG));
		if (!dsatmp->pub_key
		\|\| dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
		\|\| !dsatmp->p \|\| dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
		\|\| !dsatmp->q \|\| dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
		\|\| !dsatmp->g \|\| dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
		if (dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
		\|\| dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
		\|\| dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
		\|\| dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
		goto err;

		ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el,
		@@ -1038,10 +1041,12 @@ static DSA_SIG surewarehk_dsa_do_sign(const unsigned char from, int flen,
		}
		psign->r = BN_new();
		psign->s = BN_new();
		if(!psign->r \|\| !psign->s)
		goto err;
		bn_expand2(psign->r, 20 / sizeof(BN_ULONG));
		bn_expand2(psign->s, 20 / sizeof(BN_ULONG));
		if (!psign->r \|\| psign->r->dmax != 20 / sizeof(BN_ULONG) \|\|
		!psign->s \|\| psign->s->dmax != 20 / sizeof(BN_ULONG))
		if (psign->r->dmax != 20 / sizeof(BN_ULONG) \|\|
		psign->s->dmax != 20 / sizeof(BN_ULONG))
		goto err;
		ret = p_surewarehk_Dsa_Sign(msg, flen, from,
		(unsigned long *)psign->r->d,
		@@ -1070,9 +1075,9 @@ static int surewarehk_modexp(BIGNUM r, const BIGNUM a, const BIGNUM *p,
		char msg[64] = "ENGINE_modexp";
		if (!p_surewarehk_Mod_Exp) {
		SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED);
		} else {
		} else if (r) {
		bn_expand2(r, m->top);
		if (r && r->dmax == m->top) {
		if (r->dmax == m->top) {
		/* do it */
		ret = p_surewarehk_Mod_Exp(msg,
		m->top * sizeof(BN_ULONG),