capi_ctrl, capi_vtrace: check for NULL after allocating and free it

Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/engines/e_capi.c b/engines/e_capi.c
index 87a10dd4fcbdd06f7fe234ce43e0b4f83016c4a9..8a19ed05c70495bbdf70d9a4c033864a52e4f17c 100644 (file)
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -340,6 +340,11 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                }
        ctx = ENGINE_get_ex_data(e, capi_idx);
        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+       if (out == NULL)
+               {
+               CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_FILE_OPEN_ERROR);
+               return 0;
+               }
        switch (cmd)
                {
                case CAPI_CMD_LIST_CSPS:
@@ -406,6 +411,7 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
                if (i < 1 || i > 3)
                        {
                        CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_INVALID_LOOKUP_METHOD);
+                       BIO_free(out);
                        return 0;
                        }
                ctx->lookup_method = i;
@@ -1081,6 +1087,11 @@ static void capi_vtrace(CAPI_CTX *ctx, int level, char *format, va_list argptr)
        if (!ctx || (ctx->debug_level < level) || (!ctx->debug_file))
                return;
        out = BIO_new_file(ctx->debug_file, "a+");
+       if (out == NULL)
+               {
+               CAPIerr(CAPI_F_CAPI_VTRACE, CAPI_R_FILE_OPEN_ERROR);
+               return;
+               }
        BIO_vprintf(out, format, argptr);
        BIO_free(out);
        }

diff --git a/engines/e_capi_err.c b/engines/e_capi_err.c
index eaaefb261e2b9046f9202e88bd0b873b3b209dda..a36ada31569a2f8c5160968004d5104f43964cfe 100644 (file)
--- a/engines/e_capi_err.c
+++ b/engines/e_capi_err.c
@@ -1,6 +1,6 @@
 /* e_capi_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -86,6 +86,7 @@ static ERR_STRING_DATA CAPI_str_functs[]=
 {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_DEC),   "CAPI_RSA_PRIV_DEC"},
 {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_ENC),   "CAPI_RSA_PRIV_ENC"},
 {ERR_FUNC(CAPI_F_CAPI_RSA_SIGN),       "CAPI_RSA_SIGN"},
+{ERR_FUNC(CAPI_F_CAPI_VTRACE), "CAPI_VTRACE"},
 {ERR_FUNC(CAPI_F_CERT_SELECT_DIALOG),  "CERT_SELECT_DIALOG"},
 {ERR_FUNC(CAPI_F_CLIENT_CERT_SELECT),  "CLIENT_CERT_SELECT"},
 {ERR_FUNC(CAPI_F_WIDE_TO_ASC), "WIDE_TO_ASC"},
@@ -109,6 +110,7 @@ static ERR_STRING_DATA CAPI_str_reasons[]=
 {ERR_REASON(CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO),"error getting key provider info"},
 {ERR_REASON(CAPI_R_ERROR_OPENING_STORE)  ,"error opening store"},
 {ERR_REASON(CAPI_R_ERROR_SIGNING_HASH)   ,"error signing hash"},
+{ERR_REASON(CAPI_R_FILE_OPEN_ERROR)      ,"file open error"},
 {ERR_REASON(CAPI_R_FUNCTION_NOT_SUPPORTED),"function not supported"},
 {ERR_REASON(CAPI_R_GETUSERKEY_ERROR)     ,"getuserkey error"},
 {ERR_REASON(CAPI_R_INVALID_DIGEST_LENGTH),"invalid digest length"},

diff --git a/engines/e_capi_err.h b/engines/e_capi_err.h
index efa70010381d16b2685b24d8573beb09f3f207cc..1844bf073b7b7d8d9465a2ee034e3d304635966c 100644 (file)
--- a/engines/e_capi_err.h
+++ b/engines/e_capi_err.h
@@ -87,6 +87,7 @@ static void ERR_CAPI_error(int function, int reason, char *file, int line);
 #define CAPI_F_CAPI_RSA_PRIV_DEC                        110
 #define CAPI_F_CAPI_RSA_PRIV_ENC                        111
 #define CAPI_F_CAPI_RSA_SIGN                            112
+#define CAPI_F_CAPI_VTRACE                              118
 #define CAPI_F_CERT_SELECT_DIALOG                       117
 #define CAPI_F_CLIENT_CERT_SELECT                       116
 #define CAPI_F_WIDE_TO_ASC                              113
@@ -107,6 +108,7 @@ static void ERR_CAPI_error(int function, int reason, char *file, int line);
 #define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO          109
 #define CAPI_R_ERROR_OPENING_STORE                      110
 #define CAPI_R_ERROR_SIGNING_HASH                       111
+#define CAPI_R_FILE_OPEN_ERROR                          128
 #define CAPI_R_FUNCTION_NOT_SUPPORTED                   112
 #define CAPI_R_GETUSERKEY_ERROR                                 113
 #define CAPI_R_INVALID_DIGEST_LENGTH                    124