Commit 9f114219 authored by Matt Caswell's avatar Matt Caswell
Browse files

Unchecked malloc fixes 



Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(cherry picked from commit 918bb865)

Conflicts:
	crypto/bio/bss_dgram.c

Conflicts:
	apps/cms.c
	apps/s_cb.c
	apps/s_server.c
	apps/speed.c
	crypto/dh/dh_pmeth.c
	ssl/s3_pkt.c
parent 51527f1e

apps/apps.c

+11 −0
Original line number Diff line number Diff line
@@ -572,6 +572,11 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) 
        char *prompt = NULL;



        prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);

        if(!prompt) {

            BIO_printf(bio_err, "Out of memory\n");

            UI_free(ui);

            return 0;

        }



        ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;

        UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
@@ -581,6 +586,12 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) 
                                     PW_MIN_LENGTH, bufsiz - 1);

        if (ok >= 0 && verify) {

            buff = (char *)OPENSSL_malloc(bufsiz);

            if(!buff) {

                BIO_printf(bio_err, "Out of memory\n");

                UI_free(ui);

                OPENSSL_free(prompt);

                return 0;

            }

            ok = UI_add_verify_string(ui, prompt, ui_flags, buff,

                                      PW_MIN_LENGTH, bufsiz - 1, buf);

        }

apps/ca.c

+8 −0
Original line number Diff line number Diff line
@@ -558,10 +558,18 @@ int MAIN(int argc, char **argv) 
#ifdef OPENSSL_SYS_VMS

        len = strlen(s) + sizeof(CONFIG_FILE);

        tofree = OPENSSL_malloc(len);

        if(!tofree) {

            BIO_printf(bio_err, "Out of memory\n");

            goto err;

        }

        strcpy(tofree, s);

#else

        len = strlen(s) + sizeof(CONFIG_FILE) + 1;

        tofree = OPENSSL_malloc(len);

        if(!tofree) {

            BIO_printf(bio_err, "Out of memory\n");

            goto err;

        }

        BUF_strlcpy(tofree, s, len);

        BUF_strlcat(tofree, "/", len);

#endif

apps/dgst.c

+5 −0
Original line number Diff line number Diff line
@@ -448,6 +448,11 @@ int MAIN(int argc, char **argv) 
            ERR_print_errors(bio_err);

            goto end;

        }

        if (!sigbuf) {

            BIO_printf(bio_err, "Out of memory\n");

            ERR_print_errors(bio_err);

            goto end;

        }

        siglen = BIO_read(sigbio, sigbuf, siglen);

        BIO_free(sigbio);

        if (siglen <= 0) {

apps/rsautl.c

+5 −0
Original line number Diff line number Diff line
@@ -268,6 +268,11 @@ int MAIN(int argc, char **argv) 


    rsa_in = OPENSSL_malloc(keysize * 2);

    rsa_out = OPENSSL_malloc(keysize);

    if (!rsa_in || !rsa_out) {

        BIO_printf(bio_err, "Out of memory\n");

        ERR_print_errors(bio_err);

        goto end;

    }



    /* Read the input data */

    rsa_inlen = BIO_read(in, rsa_in, keysize * 2);

apps/s_client.c

+5 −0
Original line number Diff line number Diff line
@@ -547,6 +547,11 @@ static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 
    PW_CB_DATA cb_tmp;

    int l;



    if(!pass) {

        BIO_printf(bio_err, "Malloc failure\n");

        return NULL;

    }



    cb_tmp.password = (char *)srp_arg->srppassin;

    cb_tmp.prompt_info = "SRP user";

    if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp)) < 0) {