coverity 1462549 Dereference before null check
authorPauli <paul.dale@oracle.com>
Sun, 26 Apr 2020 22:33:27 +0000 (08:33 +1000)
committerPauli <paul.dale@oracle.com>
Thu, 30 Apr 2020 10:21:32 +0000 (20:21 +1000)
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11651)

crypto/err/openssl.txt
crypto/evp/evp_err.c
crypto/evp/pkey_mac.c
include/openssl/evperr.h

index 122542f..4978ce7 100644 (file)
@@ -2559,6 +2559,7 @@ EVP_R_NO_KEYMGMT_AVAILABLE:199:no keymgmt available
 EVP_R_NO_KEYMGMT_PRESENT:196:no keymgmt present
 EVP_R_NO_KEY_SET:154:no key set
 EVP_R_NO_OPERATION_SET:149:no operation set
+EVP_R_NULL_MAC_PKEY_CTX:208:null mac pkey ctx
 EVP_R_ONLY_ONESHOT_SUPPORTED:177:only oneshot supported
 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
        operation not supported for this keytype
index 3f2b814..5b7b4b5 100644 (file)
@@ -114,6 +114,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_KEYMGMT_PRESENT), "no keymgmt present"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_KEY_SET), "no key set"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_OPERATION_SET), "no operation set"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NULL_MAC_PKEY_CTX), "null mac pkey ctx"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ONLY_ONESHOT_SUPPORTED),
     "only oneshot supported"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
index bfd8cd6..56231e3 100644 (file)
@@ -493,13 +493,24 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 }
 
 static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
-                              const char *type, const char *value)
+                             const char *type, const char *value)
 {
     MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);
-    const EVP_MAC *mac = EVP_MAC_CTX_mac(hctx->ctx);
+    const EVP_MAC *mac;
     OSSL_PARAM params[2];
     int ok = 0;
 
+    if (hctx == NULL) {
+        EVPerr(0, EVP_R_NULL_MAC_PKEY_CTX);
+        return 0;
+    }
+    if (hctx->ctx == NULL) {
+        /* This actually means the fetch failed during the init call */
+        EVPerr(0, EVP_R_FETCH_FAILED);
+        return 0;
+    }
+    mac = EVP_MAC_CTX_mac(hctx->ctx);
+
     /*
      * Translation of some control names that are equivalent to a single
      * parameter name.
@@ -520,12 +531,6 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
         return 0;
     params[1] = OSSL_PARAM_construct_end();
 
-    if (hctx->ctx == NULL) {
-        /* This actually means the fetch failed during the init call */
-        EVPerr(0, EVP_R_FETCH_FAILED);
-        return 0;
-    }
-
     ok = EVP_MAC_CTX_set_params(hctx->ctx, params);
     OPENSSL_free(params[0].data);
     return ok;
index 9290cff..b8799a6 100644 (file)
@@ -10,6 +10,7 @@
 
 #ifndef OPENSSL_EVPERR_H
 # define OPENSSL_EVPERR_H
+# pragma once
 
 # include <openssl/opensslconf.h>
 # include <openssl/symhacks.h>
@@ -223,6 +224,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_NO_KEYMGMT_PRESENT                         196
 # define EVP_R_NO_KEY_SET                                 154
 # define EVP_R_NO_OPERATION_SET                           149
+# define EVP_R_NULL_MAC_PKEY_CTX                          208
 # define EVP_R_ONLY_ONESHOT_SUPPORTED                     177
 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
 # define EVP_R_OPERATON_NOT_INITIALIZED                   151