PR: 2124

Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM>

Check for memory allocation failures.

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index acada47fda02740e77cfef1783bbe510a53c5c03..d6abcfe1d6604a47e9b21a859452075ccbeb5a0d 100644 (file)
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -126,7 +126,8 @@ EVP_MD_CTX *EVP_MD_CTX_create(void)
        {
        EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
 
        {
        EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
 

-       EVP_MD_CTX_init(ctx);
+       if (ctx)
+               EVP_MD_CTX_init(ctx);

 
        return ctx;
        }
 
        return ctx;
        }


@@ -286,8 +287,17 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
 
        if (in->md_data && out->digest->ctx_size)
                {
 
        if (in->md_data && out->digest->ctx_size)
                {

-               if (tmp_buf) out->md_data = tmp_buf;
-               else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+               if (tmp_buf)
+                       out->md_data = tmp_buf;
+               else
+                       {
+                       out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+                       if (!out->md_data)
+                               {
+                               EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE);
+                               return 0;
+                               }
+                       }

                memcpy(out->md_data,in->md_data,out->digest->ctx_size);
                }
 
                memcpy(out->md_data,in->md_data,out->digest->ctx_size);
                }
 

diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index 47f748081bba2a3165bc981d179ad018bf53f245..528f9c7ceff877d84e53829b606ba97f1de7d24e 100644 (file)
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -310,16 +310,40 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
 static void expand(_LHASH *lh)
        {
        LHASH_NODE **n,**n1,**n2,*np;
 static void expand(_LHASH *lh)
        {
        LHASH_NODE **n,**n1,**n2,*np;

-       unsigned int p,i,j;
+       unsigned int p,i,j,pmax;

        unsigned long hash,nni;
 
        unsigned long hash,nni;
 

+       p=(int)lh->p++;
+       nni=lh->num_alloc_nodes;
+       pmax=lh->pmax;
+
+       if ((lh->p) >= lh->pmax)
+               {
+               j=(int)lh->num_alloc_nodes*2;
+               n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
+                       (int)sizeof(LHASH_NODE *)*j);
+               if (n == NULL)
+                       {
+/*                     fputs("realloc error in lhash",stderr); */
+                       lh->error++;
+                       lh->p=0;
+                       return;
+                       }
+               /* else */
+               for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
+                       n[i]=NULL;                        /* 02/03/92 eay */
+               lh->pmax=lh->num_alloc_nodes;
+               lh->num_alloc_nodes=j;
+               lh->num_expand_reallocs++;
+               lh->p=0;
+               lh->b=n;
+               }
+

        lh->num_nodes++;
        lh->num_expands++;
        lh->num_nodes++;
        lh->num_expands++;

-       p=(int)lh->p++;

        n1= &(lh->b[p]);
        n1= &(lh->b[p]);

-       n2= &(lh->b[p+(int)lh->pmax]);
+       n2= &(lh->b[p+pmax]);

        *n2=NULL;        /* 27/07/92 - eay - undefined pointer bug */
        *n2=NULL;        /* 27/07/92 - eay - undefined pointer bug */

-       nni=lh->num_alloc_nodes;

        
        for (np= *n1; np != NULL; )
                {
        
        for (np= *n1; np != NULL; )
                {


@@ -388,6 +412,7 @@ static void contract(_LHASH *lh)
        else
                lh->p--;
 
        else
                lh->p--;
 

+       lh->b[idx] = NULL;

        lh->num_nodes--;
        lh->num_contracts++;
 
        lh->num_nodes--;
        lh->num_contracts++;
 

diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index e334e506fb7bc5aa50cc4a8c9403bb4870713d18..de45088d761d2d04f7e89f978bbc83cca7c3ea0d 100644 (file)
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -182,7 +182,16 @@ RSA *RSA_new_method(ENGINE *engine)
        ret->mt_blinding=NULL;
        ret->bignum_data=NULL;
        ret->flags=ret->meth->flags;
        ret->mt_blinding=NULL;
        ret->bignum_data=NULL;
        ret->flags=ret->meth->flags;

-       CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+       if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
+               {
+#ifndef OPENSSL_NO_ENGINE
+       if (ret->engine)
+               ENGINE_finish(ret->engine);
+#endif
+               OPENSSL_free(ret);
+               return(NULL);
+               }
+

        if ((ret->meth->init != NULL) && !ret->meth->init(ret))
                {
 #ifndef OPENSSL_NO_ENGINE
        if ((ret->meth->init != NULL) && !ret->meth->init(ret))
                {
 #ifndef OPENSSL_NO_ENGINE

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index fb7d23bbd0ade78ed981a8fd0564da9bad62422d..7e38544e5f2399fdd29e6779e253f8b4baeeb669 100644 (file)
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -200,7 +200,13 @@ X509_STORE *X509_STORE_new(void)
        ret->lookup_crls = 0;
        ret->cleanup = 0;
 
        ret->lookup_crls = 0;
        ret->cleanup = 0;
 

-       CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
+       if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
+               {
+               sk_X509_OBJECT_free(ret->objs);
+               OPENSSL_free(ret);
+               return NULL;
+               }
+

        ret->references=1;
        return ret;
        }
        ret->references=1;
        return ret;
        }