Fix some warnings caused by __owur. Temporarily (I hope) remove the more
authorBen Laurie <ben@openssl.org>
Mon, 14 Nov 2011 00:36:10 +0000 (00:36 +0000)
committerBen Laurie <ben@openssl.org>
Mon, 14 Nov 2011 00:36:10 +0000 (00:36 +0000)
aspirational __owur annotations.

12 files changed:
Configure
apps/enc.c
apps/ts.c
crypto/cms/cms_pwri.c
crypto/ecdsa/ecdsatest.c
crypto/evp/evp.h
crypto/hmac/hmac.h
crypto/rc4/rc4test.c
crypto/x509/x509_cmp.c
doc/crypto/EVP_BytesToKey.pod
engines/e_padlock.c
ssl/s2_srvr.c

index 16feb67..21c6bc3 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -170,6 +170,7 @@ my %table=(
 "debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
 "debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
 "debug-ben-debug",     "gcc:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe::(unknown)::::::",
+"debug-ben-macos",     "cc:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::",
 "debug-ben-no-opt",    "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
 "debug-ben-strict",    "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
index 076225c..8c55277 100644 (file)
@@ -549,9 +549,13 @@ bad:
                                sptr = salt;
                        }
 
-                       EVP_BytesToKey(cipher,dgst,sptr,
-                               (unsigned char *)str,
-                               strlen(str),1,key,iv);
+                       if (!EVP_BytesToKey(cipher,dgst,sptr,
+                                           (unsigned char *)str,
+                                           strlen(str),1,key,iv))
+                               {
+                               BIO_printf(bio_err, "EVP_BytesToKey failed\n");
+                               goto end;
+                               }
                        /* zero the complete buffer or the string
                         * passed from the command line
                         * bug picked up by
index 5fa9f7f..ae7604c 100644 (file)
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -618,7 +618,8 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md,
                        {
                        EVP_DigestUpdate(&md_ctx, buffer, length);
                        }
-               EVP_DigestFinal(&md_ctx, *md_value, NULL);
+               if (!EVP_DigestFinal(&md_ctx, *md_value, NULL))
+                       return 0;
                }
        else
                {
index b79612a..8a57461 100644 (file)
@@ -239,21 +239,22 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
                }
        tmp = OPENSSL_malloc(inlen);
        /* setup IV by decrypting last two blocks */
-       EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
-                               in  + inlen - 2 * blocklen, blocklen * 2);
+       if (!EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
+                              in  + inlen - 2 * blocklen, blocklen * 2)
        /* Do a decrypt of last decrypted block to set IV to correct value
         * output it to start of buffer so we don't corrupt decrypted block
         * this works because buffer is at least two block lengths long.
         */
-       EVP_DecryptUpdate(ctx, tmp, &outl,
-                               tmp  + inlen - blocklen, blocklen);
+           || !EVP_DecryptUpdate(ctx, tmp, &outl,
+                                 tmp  + inlen - blocklen, blocklen)
        /* Can now decrypt first n - 1 blocks */
-       EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
+           || !EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen)
 
        /* Reset IV to original value */
-       EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+           || !EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL)
        /* Decrypt again */
-       EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
+           || !EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen))
+               goto err;
        /* Check check bytes */
        if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff)
                {
@@ -308,8 +309,9 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
                if (olen > inlen + 4)
                        RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen);
                /* Encrypt twice */
-               EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
-               EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+               if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen)
+                   || !EVP_EncryptUpdate(ctx, out, &dummy, out, olen))
+                       return 0;
                }
 
        *outlen = olen;
index c5b6ed2..42852ce 100644 (file)
@@ -196,9 +196,10 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
 
        EVP_MD_CTX_init(&md_ctx);
        /* get the message digest */
-       EVP_DigestInit(&md_ctx, EVP_ecdsa());
-       EVP_DigestUpdate(&md_ctx, (const void*)message, 3);
-       EVP_DigestFinal(&md_ctx, digest, &dgst_len);
+       if (!EVP_DigestInit(&md_ctx, EVP_ecdsa())
+           || !EVP_DigestUpdate(&md_ctx, (const void*)message, 3)
+           || !EVP_DigestFinal(&md_ctx, digest, &dgst_len))
+               goto x962_int_err;
 
        BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
        /* create the key */
index 3b38ecd..de910ae 100644 (file)
@@ -559,7 +559,7 @@ void BIO_set_md(BIO *,const EVP_MD *md);
 #define BIO_get_cipher_status(b)       BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
 #define BIO_get_cipher_ctx(b,c_pp)     BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
 
-__owur int EVP_Cipher(EVP_CIPHER_CTX *c,
+/*__owur*/ int EVP_Cipher(EVP_CIPHER_CTX *c,
                unsigned char *out,
                const unsigned char *in,
                unsigned int inl);
@@ -577,19 +577,19 @@ void      EVP_MD_CTX_init(EVP_MD_CTX *ctx);
 int    EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
 EVP_MD_CTX *EVP_MD_CTX_create(void);
 void   EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-__owur int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
+/*__owur*/ int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
 void   EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
 void   EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
 int    EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags);
-__owur int     EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
-__owur int     EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
+/*__owur*/ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+/*__owur*/ int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
                         size_t cnt);
-__owur int     EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
-__owur int     EVP_Digest(const void *data, size_t count,
+/*__owur*/ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+/*__owur*/ int EVP_Digest(const void *data, size_t count,
                unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
 
-__owur int     EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-__owur int     EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+/*__owur*/ int     EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
+/*__owur*/ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 __owur int     EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
 
 int    EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
@@ -607,26 +607,26 @@ int       EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
 
 __owur int     EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
                const unsigned char *key, const unsigned char *iv);
-__owur int     EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+/*__owur*/ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
                const unsigned char *key, const unsigned char *iv);
-__owur int     EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+/*__owur*/ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
                int *outl, const unsigned char *in, int inl);
-__owur int     EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-__owur int     EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+/*__owur*/ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+/*__owur*/ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 
 __owur int     EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
                const unsigned char *key, const unsigned char *iv);
-__owur int     EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+/*__owur*/ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
                const unsigned char *key, const unsigned char *iv);
-__owur int     EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+/*__owur*/ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
                int *outl, const unsigned char *in, int inl);
 __owur int     EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-__owur int     EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+/*__owur*/ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
 
 __owur int     EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
                       const unsigned char *key,const unsigned char *iv,
                       int enc);
-__owur int     EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+/*__owur*/ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
                       const unsigned char *key,const unsigned char *iv,
                       int enc);
 __owur int     EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -640,7 +640,7 @@ __owur int  EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
 __owur int     EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf,
                unsigned int siglen,EVP_PKEY *pkey);
 
-__owur int     EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+/*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
 __owur int     EVP_DigestSignFinal(EVP_MD_CTX *ctx,
                        unsigned char *sigret, size_t *siglen);
index eedf0a5..68c9e0f 100644 (file)
@@ -92,10 +92,10 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
 
 __owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
               const EVP_MD *md); /* deprecated */
-__owur int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+/*__owur*/ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
                  const EVP_MD *md, ENGINE *impl);
-__owur int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
-__owur int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+/*__owur*/ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
+/*__owur*/ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
                    const unsigned char *d, size_t n, unsigned char *md,
                    unsigned int *md_len);
index d689f70..e800aa9 100644 (file)
@@ -121,7 +121,7 @@ int main(int argc, char *argv[])
        RC4_KEY key;
        unsigned char obuf[512];
 
-#if !defined(OPENSSL_PIC)
+#if !defined(OPENSSL_PIC) && !defined(__MACH__)
        OPENSSL_cpuid_setup();
 #endif
 
index 80ebcd3..352aa37 100644 (file)
@@ -248,14 +248,14 @@ unsigned long X509_NAME_hash_old(X509_NAME *x)
        i2d_X509_NAME(x,NULL);
        EVP_MD_CTX_init(&md_ctx);
        EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-       EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL);
-       EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length);
-       EVP_DigestFinal_ex(&md_ctx,md,NULL);
+       if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
+           && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
+           && EVP_DigestFinal_ex(&md_ctx,md,NULL))
+               ret=(((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
+                    ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+                    )&0xffffffffL;
        EVP_MD_CTX_cleanup(&md_ctx);
 
-       ret=(   ((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
-               ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
-               )&0xffffffffL;
        return(ret);
        }
 #endif
index d375c46..abbbdb2 100644 (file)
@@ -55,7 +55,7 @@ the IV.
 
 =head1 RETURN VALUES
 
-EVP_BytesToKey() returns the size of the derived key in bytes.
+EVP_BytesToKey() returns the size of the derived key in bytes, or 0 on error.
 
 =head1 SEE ALSO
 
index a19f173..eaee67e 100644 (file)
  
 #undef COMPILE_HW_PADLOCK
 #if !defined(I386_ONLY) && !defined(OPENSSL_NO_ASM)
-# if   defined(__i386__) || defined(__i386) || \
+# if   (defined(__i386__) || defined(__i386) ||    \
        defined(__x86_64__) || defined(__x86_64) || \
        defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
-       defined(__INTEL__)
+        defined(__INTEL__)) && !defined(__MACH__)
 #  define COMPILE_HW_PADLOCK
 #  ifdef OPENSSL_NO_DYNAMIC_ENGINE
 static ENGINE *ENGINE_padlock (void);
index bc885e8..2cba426 100644 (file)
@@ -1059,10 +1059,12 @@ static int request_certificate(SSL *s)
                EVP_PKEY *pkey=NULL;
 
                EVP_MD_CTX_init(&ctx);
-               EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL);
-               EVP_VerifyUpdate(&ctx,s->s2->key_material,
-                                s->s2->key_material_length);
-               EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+               if (!EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL)
+                   || !EVP_VerifyUpdate(&ctx,s->s2->key_material,
+                                        s->s2->key_material_length)
+                   || !EVP_VerifyUpdate(&ctx,ccd,
+                                        SSL2_MIN_CERT_CHALLENGE_LENGTH))
+                       goto msg_end;
 
                i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
                buf2=OPENSSL_malloc((unsigned int)i);
@@ -1073,7 +1075,11 @@ static int request_certificate(SSL *s)
                        }
                p2=buf2;
                i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
-               EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
+               if (!EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i))
+                       {
+                       OPENSSL_free(buf2);
+                       goto msg_end;
+                       }
                OPENSSL_free(buf2);
 
                pkey=X509_get_pubkey(x509);