test_evp_cipher_pipeline(): Fix memory leaks on errors

Fixes Coverity 1636844, 1636845

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26206)

diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 6861169f46870b7f07184aebb516e3c73f54b56a..674180de3564b775264455697ac8ea05908e0e3b 100644 (file)
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -5932,7 +5932,7 @@ static int test_evp_cipher_pipeline(void)
     size_t ciphertextlen_array[EVP_MAX_PIPES];
     size_t inlen_array[EVP_MAX_PIPES];
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-    unsigned char *ciphertext = NULL, *exp_plaintext = NULL, *tag = NULL;
+    unsigned char *ciphertext, *exp_plaintext, *tag;
     size_t numpipes, plaintextlen, i;
 
     if (!TEST_ptr(fake_pipeline = fake_pipeline_start(testctx)))
@@ -5960,6 +5960,15 @@ static int test_evp_cipher_pipeline(void)
             size_t ciphertextlen = 0;
             int outlen = 0;
 
+            /* Cleanup to be able to error out */
+            memset(iv_array, 0, sizeof(iv_array));
+            memset(plaintext_array, 0, sizeof(plaintext_array));
+            memset(ciphertext_array_p, 0, sizeof(ciphertext_array_p));
+            memset(tag_array, 0, sizeof(tag_array));
+            ciphertext = NULL;
+            exp_plaintext = NULL;
+            tag = NULL;
+
             /* Allocate fresh buffers with exact size to catch buffer overwrites */
             for (i = 0; i < numpipes; i++) {
                 if (!TEST_ptr(iv_array[i] = OPENSSL_malloc(ivlen))
@@ -5967,7 +5976,7 @@ static int test_evp_cipher_pipeline(void)
                     || !TEST_ptr(ciphertext_array_p[i] =
                                  OPENSSL_malloc(plaintextlen + EVP_MAX_BLOCK_LENGTH))
                     || !TEST_ptr(tag_array[i] = OPENSSL_malloc(taglen)))
-                    goto end;
+                    goto err;
 
                 memset(iv_array[i], i + 33, ivlen);
                 memset(plaintext_array[i], i + 1, plaintextlen);
@@ -5980,7 +5989,7 @@ static int test_evp_cipher_pipeline(void)
                           OPENSSL_malloc(plaintextlen + EVP_MAX_BLOCK_LENGTH))
                 || !TEST_ptr(tag = OPENSSL_malloc(taglen))
                 || !TEST_ptr(exp_plaintext = OPENSSL_malloc(plaintextlen)))
-                goto end;
+                goto err;
 
             /* Encrypt using pipeline API */
             if (!TEST_true(EVP_CIPHER_CTX_reset(ctx))
@@ -6129,13 +6138,13 @@ int setup_tests(void)
             if (!TEST_ptr(testctx))
                 return 0;
 #ifdef STATIC_LEGACY
-           /*
-            * This test is always statically linked against libcrypto. We must not
-            * attempt to load legacy.so that might be dynamically linked against
-            * libcrypto. Instead we use a built-in version of the legacy provider.
-            */
-           if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
-               return 0;
+            /*
+             * This test is always statically linked against libcrypto. We must not
+             * attempt to load legacy.so that might be dynamically linked against
+             * libcrypto. Instead we use a built-in version of the legacy provider.
+             */
+            if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
+                return 0;
 #endif
             /* Swap the libctx to test non-default context only */
             nullprov = OSSL_PROVIDER_load(NULL, "null");