Check the return value of ossl_bio_new_from_core_bio()

There are missing checks of its return value in 8 different spots.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17154)

diff --git a/providers/implementations/encode_decode/decode_epki2pki.c b/providers/implementations/encode_decode/decode_epki2pki.c
index 66f4ff659d2c88bb9f0bc91be7baada0be3d0cbb..a997629aaa72677b528953aaa1dffb6679834b2a 100644 (file)
--- a/providers/implementations/encode_decode/decode_epki2pki.c
+++ b/providers/implementations/encode_decode/decode_epki2pki.c
@@ -68,8 +68,12 @@ static int epki2pki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
     PKCS8_PRIV_KEY_INFO *p8inf = NULL;
     const X509_ALGOR *alg = NULL;
     BIO *in = ossl_bio_new_from_core_bio(ctx->provctx, cin);
-    int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
+    int ok = 0;
 
+    if (in == NULL)
+        return 0;
+
+    ok = (asn1_d2i_read_bio(in, &mem) >= 0);
     BIO_free(in);
 
     /* We return "empty handed".  This is not an error. */

diff --git a/providers/implementations/encode_decode/decode_msblob2key.c b/providers/implementations/encode_decode/decode_msblob2key.c
index 0508e68b3287fb81ac31859614a5a61f0fd23be2..0445721171e2ce264a166c79309314395c3a859f 100644 (file)
--- a/providers/implementations/encode_decode/decode_msblob2key.c
+++ b/providers/implementations/encode_decode/decode_msblob2key.c
@@ -93,6 +93,9 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
     void *key = NULL;
     int ok = 0;
 
+    if (in == NULL)
+        return 0;
+
     if (BIO_read(in, hdr_buf, 16) != 16) {
         ERR_raise(ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT);
         goto next;

diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c
index 6c537d26ae4b234702e994e31fbec6080a3cb91d..1d5d30968f52c3eb95d43af585a04bac7d18dac0 100644 (file)
--- a/providers/implementations/encode_decode/decode_pem2der.c
+++ b/providers/implementations/encode_decode/decode_pem2der.c
@@ -33,7 +33,11 @@ static int read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
                     unsigned char **data, long *len)
 {
     BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
-    int ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0);
+    int ok;
+
+    if (in == NULL)
+        return 0;
+    ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0);
 
     BIO_free(in);
     return ok;

diff --git a/providers/implementations/encode_decode/decode_pvk2key.c b/providers/implementations/encode_decode/decode_pvk2key.c
index 32206fe84d9446f9160ff5394458ee938fd42ad7..7169aef2f468783ad3a36cd175f5cf8a55351a0c 100644 (file)
--- a/providers/implementations/encode_decode/decode_pvk2key.c
+++ b/providers/implementations/encode_decode/decode_pvk2key.c
@@ -88,6 +88,9 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
     void *key = NULL;
     int ok = 0;
 
+    if (in == NULL)
+        return 0;
+
     ctx->selection = selection;
 
     if ((selection == 0

diff --git a/providers/implementations/encode_decode/encode_key2blob.c b/providers/implementations/encode_decode/encode_key2blob.c
index 19a7d171db1f43534b97ada58343c12526981442..d4cc2e7cdc81111db3cddb3466a3837b8e99b0df 100644 (file)
--- a/providers/implementations/encode_decode/encode_key2blob.c
+++ b/providers/implementations/encode_decode/encode_key2blob.c
@@ -30,7 +30,11 @@ static int write_blob(void *provctx, OSSL_CORE_BIO *cout,
                       void *data, int len)
 {
     BIO *out = ossl_bio_new_from_core_bio(provctx, cout);
-    int ret = BIO_write(out, data, len);
+    int ret;
+
+    if (out == NULL)
+        return 0;
+    ret = BIO_write(out, data, len);
 
     BIO_free(out);
     return ret;

diff --git a/providers/implementations/encode_decode/encode_key2ms.c b/providers/implementations/encode_decode/encode_key2ms.c
index 81528fefb674636ddd5f509d7c36a2fb3e5cd42b..15077954a4553d6873db9eadbc988db54afd9b55 100644 (file)
--- a/providers/implementations/encode_decode/encode_key2ms.c
+++ b/providers/implementations/encode_decode/encode_key2ms.c
@@ -39,8 +39,11 @@ static int write_msblob(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout,
                         EVP_PKEY *pkey, int ispub)
 {
     BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
-    int ret =
-        ispub ? i2b_PublicKey_bio(out, pkey) : i2b_PrivateKey_bio(out, pkey);
+    int ret;
+
+    if (out == NULL)
+        return 0;
+    ret = ispub ? i2b_PublicKey_bio(out, pkey) : i2b_PrivateKey_bio(out, pkey);
 
     BIO_free(out);
     return ret;
@@ -50,14 +53,15 @@ static int write_pvk(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout,
                      EVP_PKEY *pkey)
 {
     BIO *out = NULL;
-    int ret = 0;
+    int ret;
     OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
 
     out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
+    if (out == NULL)
+        return 0;
     ret = i2b_PVK_bio_ex(out, pkey, ctx->pvk_encr_level,
                          ossl_pw_pvk_password, &ctx->pwdata, libctx, NULL);
     BIO_free(out);
-
     return ret;
 }
 

diff --git a/providers/implementations/encode_decode/endecoder_common.c b/providers/implementations/encode_decode/endecoder_common.c
index 7071bcc23ac7a23cc7a1f0cd8f10d5d6065c0e75..337847b6615a35827d418c835314962254445073 100644 (file)
--- a/providers/implementations/encode_decode/endecoder_common.c
+++ b/providers/implementations/encode_decode/endecoder_common.c
@@ -89,8 +89,11 @@ int ossl_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin,  unsigned char **data,
 {
     BUF_MEM *mem = NULL;
     BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
-    int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
+    int ok;
 
+    if (in == NULL)
+        return 0;
+    ok = (asn1_d2i_read_bio(in, &mem) >= 0);
     if (ok) {
         *data = (unsigned char *)mem->data;
         *len = (long)mem->length;