From 8929b31b842cce3a5c974544ab3b4b8764724846 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 9 Feb 2023 09:55:40 -0800 Subject: [PATCH] Fix for possible uses of NULL in heap hint. The api.c has expected "bad" test cases where the key is passed in as NULL and the XFREE tries to use it. Tested with: `./configure --enable-asynccrypt --with-intelqa=../QAT1.8 --enable-all && make && sudo ./tests/unit.test` --- src/pk.c | 60 ++++++++++++++++++++++++-------------------------------- 1 file changed, 26 insertions(+), 34 deletions(-) diff --git a/src/pk.c b/src/pk.c index 718e75adb..ce27fb5b6 100644 --- a/src/pk.c +++ b/src/pk.c @@ -1824,18 +1824,16 @@ int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa) /* Validate parameters. */ if ((bio == NULL) || (rsa == NULL)) { WOLFSSL_ERROR_MSG("Bad Function Arguments"); - ret = 0; + return 0; } - if (ret == 1) { - if ((derSz = wolfSSL_RSA_To_Der(rsa, &derBuf, 1, bio->heap)) < 0) { - WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed"); - ret = 0; - } - if (derBuf == NULL) { - WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed to get buffer"); - ret = 0; - } + if ((derSz = wolfSSL_RSA_To_Der(rsa, &derBuf, 1, bio->heap)) < 0) { + WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed"); + ret = 0; + } + if (derBuf == NULL) { + WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed to get buffer"); + ret = 0; } if ((ret == 1) && (der_write_to_bio_as_pem(derBuf, derSz, bio, PUBLICKEY_TYPE) != WOLFSSL_SUCCESS)) { @@ -1871,18 +1869,16 @@ static int wolfssl_pem_write_rsa_public_key(XFILE fp, WOLFSSL_RSA* rsa, /* Validate parameters. */ if ((fp == XBADFILE) || (rsa == NULL)) { WOLFSSL_ERROR_MSG("Bad Function Arguments"); - ret = 0; + return 0; } - if (ret == 1) { - if ((derSz = wolfSSL_RSA_To_Der(rsa, &derBuf, 1, rsa->heap)) < 0) { - WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed"); - ret = 0; - } - if (derBuf == NULL) { - WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed to get buffer"); - ret = 0; - } + if ((derSz = wolfSSL_RSA_To_Der(rsa, &derBuf, 1, rsa->heap)) < 0) { + WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed"); + ret = 0; + } + if (derBuf == NULL) { + WOLFSSL_ERROR_MSG("wolfSSL_RSA_To_Der failed to get buffer"); + ret = 0; } if ((ret == 1) && (der_write_to_file_as_pem(derBuf, derSz, fp, type, rsa->heap) != WOLFSSL_SUCCESS)) { @@ -12024,15 +12020,13 @@ int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY* key) /* Validate parameters. */ if ((fp == XBADFILE) || (key == NULL)) { WOLFSSL_MSG("Bad argument."); - ret = 0; + return 0; } - if (ret == 1) { - /* Encode public key in EC key as DER. */ - derSz = wolfssl_ec_key_to_pubkey_der(key, &derBuf, key->heap); - if (derSz == 0) { - ret = 0; - } + /* Encode public key in EC key as DER. */ + derSz = wolfssl_ec_key_to_pubkey_der(key, &derBuf, key->heap); + if (derSz == 0) { + ret = 0; } /* Write out to file the PEM encoding of the DER. */ @@ -12188,15 +12182,13 @@ int wolfSSL_PEM_write_bio_EC_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec) /* Validate parameters. */ if ((bio == NULL) || (ec == NULL)) { WOLFSSL_MSG("Bad Function Arguments"); - ret = 0; + return 0; } - if (ret == 1) { - /* Encode public key in EC key as DER. */ - derSz = wolfssl_ec_key_to_pubkey_der(ec, &derBuf, ec->heap); - if (derSz == 0) { - ret = 0; - } + /* Encode public key in EC key as DER. */ + derSz = wolfssl_ec_key_to_pubkey_der(ec, &derBuf, ec->heap); + if (derSz == 0) { + ret = 0; } /* Write out to BIO the PEM encoding of the EC private key. */