EVP_PKEY_CTX_new_from_pkey() and EVP_CIPHER_CTX_new().
Otherwise may result in memory errors.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16892)
goto merr;
}
ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL) {
+ ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
if (EVP_EncryptInit_ex(ctx, kekciph, NULL, NULL, NULL) <= 0) {
ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
sig->r = BN_new();
if (sig->s == NULL)
sig->s = BN_new();
- if (ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) {
+ if (sig->r == NULL || sig->s == NULL
+ || ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) {
if (psig == NULL || *psig == NULL)
DSA_SIG_free(sig);
return NULL;
sig->r = BN_new();
if (sig->s == NULL)
sig->s = BN_new();
- if (ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) {
+ if (sig->r == NULL || sig->s == NULL
+ || ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) {
if (psig == NULL || *psig == NULL)
ECDSA_SIG_free(sig);
return NULL;
if (tmp_keymgmt == NULL) {
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pk, propquery);
+ if (ctx == NULL)
+ goto end;
tmp_keymgmt = ctx->keymgmt;
ctx->keymgmt = NULL;
EVP_PKEY_CTX_free(ctx);
#endif
EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();
+ if (cctx == NULL) {
+ ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
if (saltlen) {
#ifndef OPENSSL_NO_RC4
unsigned int magic;
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0
&& (pnum = sk_RSA_PRIME_INFO_num(rsa->prime_infos)) > 0) {
dupkey->prime_infos = sk_RSA_PRIME_INFO_new_reserve(NULL, pnum);
+ if (dupkey->prime_infos == NULL)
+ goto err;
for (i = 0; i < pnum; i++) {
const RSA_PRIME_INFO *pinfo = NULL;
RSA_PRIME_INFO *duppinfo = NULL;