]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 05d12fd)
test/p_ossltest.c: check for return values in OSSL_PARAM_* calls
authorEugene Syromiatnikov <esyr@openssl.org>
Wed, 17 Sep 2025 10:41:58 +0000 (12:41 +0200)
committerNeil Horman <nhorman@openssl.org>
Thu, 18 Sep 2025 14:03:44 +0000 (10:03 -0400)
Some of the OSSL_PARAM_* calls haven't their return codes checked
(OSSL_PARAM_get_octet_string_ptr() call
in ossl_test_aes128cbchmacsha1_set_ctx_params(),
and OSSL_PARAM_set_size_t() call in drbg_ctr_get_ctx_params()),
and Coverity complained about it.  Add the missing checks.

Fixes: 032297054ab5 "Implement an ossltest provider to replace ossltest engine"
Resolves: https://github.com/openssl/project/issues/1618
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665462
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665463
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28583)

test/p_ossltest.c patch | blob | blame | history

diff --git a/test/p_ossltest.c b/test/p_ossltest.c
index 19d83f94cdc756ed108213ba510a10b3236408e0..7dcc9d1f4cfc0f91da6da10bcd5205c7bd5b8503 100644 (file)
--- a/test/p_ossltest.c
+++ b/test/p_ossltest.c
@@ -1369,7 +1369,8 @@ static int ossl_test_aes128cbchmacsha1_set_ctx_params(void *vprovctx, const OSSL
 
     p = OSSL_PARAM_locate((OSSL_PARAM *)params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD);
     if (p != NULL) {
-        OSSL_PARAM_get_octet_string_ptr(p, (const void **)&val, &vlen);
+        if (OSSL_PARAM_get_octet_string_ptr(p, (const void **)&val, &vlen) != 1)
+            return 0;
         len = val[EVP_AEAD_TLS1_AAD_LEN - 2] << 8 | val[EVP_AEAD_TLS1_AAD_LEN - 1];
         ctx->tls_ver = val[EVP_AEAD_TLS1_AAD_LEN - 4] << 8 | val[EVP_AEAD_TLS1_AAD_LEN -3];
 
@@ -1665,8 +1666,10 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 {
     OSSL_PARAM *p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
 
-    if (p != NULL)
-        OSSL_PARAM_set_size_t(p, (size_t)(1 << 16));
+    if (p != NULL && !OSSL_PARAM_set_size_t(p, (size_t)(1 << 16))) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+        return 0;
+    }
 
     return 1;
 }
Mirror of https://github.com/openssl/openssl.git