From: Shawn Routhier <sar@isc.org>
Date: Mon, 28 Apr 2014 22:05:42 +0000 (-0700)
Subject: [master] Fix some minor issues in the dst code
X-Git-Tag: v4_3_1b1~30
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0da37b4ca809d7fe751dcb030ab19d8bbdce6002;p=thirdparty%2Fdhcp.git

[master] Fix some minor issues in the dst code
---

diff --git a/RELNOTES b/RELNOTES
index ea32a3541..3960563dd 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -74,6 +74,9 @@ by Eric Young (eay@cryptsoft.com).
   Popelka at Red Hat.
   [ISC-Bugs #31892]
 
+- Fix some minor issues in the dst code.
+  [ISC-Bugs #34172]
+
 			Changes since 4.3.0rc1
 
 - None
diff --git a/dst/dst_api.c b/dst/dst_api.c
index ddaf50fcf..f667e69df 100644
--- a/dst/dst_api.c
+++ b/dst/dst_api.c
@@ -5,7 +5,7 @@ static const char rcsid[] = "$Header: /tmp/cvstest/DHCP/dst/dst_api.c,v 1.10 201
 /*
  * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
  * Portions Copyright (c) 2007,2009 by Internet Systems Consortium, Inc. ("ISC")
- * Portions Copyright (c) 2012-2013 by Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (c) 2012-2014 by Internet Systems Consortium, Inc. ("ISC")
  *
  * Permission to use, copy modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -112,6 +112,10 @@ dst_init()
 		} else {
 			char *dp = (char *) malloc(len + 2);
 			int l;
+			if (dp == NULL) {
+				EREPORT(("malloc() failed for dp\n"));
+				return;
+			}
 			memcpy(dp, s, len + 1);
 			l = strlen (dp);
 			if (dp[l - 1] != '/') {
@@ -180,6 +184,11 @@ dst_s_get_key_struct(const char *name, const int alg, const u_int32_t flags,
 
 	memset(new_key, 0, sizeof(*new_key));
 	new_key->dk_key_name = strdup(name);
+	if (new_key->dk_key_name == NULL) {
+		EREPORT(("Unable to duplicate name for key"));
+		free(new_key);
+		return (NULL);
+	}
 	new_key->dk_alg = alg;
 	new_key->dk_flags = flags;
 	new_key->dk_proto = protocol;
@@ -903,6 +912,10 @@ dst_s_read_private_key_file(char *name, DST_KEY *pk_key, unsigned in_id,
 	if (pk_key->dk_key_name && !strcmp(pk_key->dk_key_name, name))
 		SAFE_FREE2(pk_key->dk_key_name, strlen(pk_key->dk_key_name));
 	pk_key->dk_key_name = (char *) strdup(name);
+	if (pk_key->dk_key_name == NULL) {
+		EREPORT(("Unable to duplicate name for key"));
+		goto fail;
+	}
 
 	/* allocate and fill in key structure */
 	if (pk_key->dk_func == NULL || pk_key->dk_func->from_file_fmt == NULL)
@@ -1014,7 +1027,7 @@ dst_free_key(DST_KEY *f_key)
 			 f_key->dk_alg));
 	}
 	if (f_key->dk_KEY_struct) {
-		SAFE_FREE(f_key->dk_KEY_struct);
+		SAFE_FREE2(f_key->dk_KEY_struct, sizeof(f_key->dk_KEY_struct));
 	}
 	if (f_key->dk_key_name)
 		SAFE_FREE(f_key->dk_key_name);
@@ -1069,6 +1082,10 @@ dst_random(const int mode, unsigned wanted, u_char *outran)
 	switch (mode) {
 	case DST_RAND_SEMI: 
 		bp = buff = (u_int32_t *) malloc(wanted+sizeof(u_int32_t));
+		if (bp == NULL) {
+			EREPORT(("malloc() failed for buff in function dst_random\n"));
+			return (0);
+		}
 		for (i = 0; i < wanted; i+= sizeof(u_int32_t), bp++) {
 			*bp = dst_s_quick_random(i);
 		}
diff --git a/dst/hmac_link.c b/dst/hmac_link.c
index 1fa36caf3..784661f63 100644
--- a/dst/hmac_link.c
+++ b/dst/hmac_link.c
@@ -5,7 +5,7 @@ static const char rcsid[] = "$Header: /tmp/cvstest/DHCP/dst/hmac_link.c,v 1.6 20
 /*
  * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
  * Portions Copyright (c) 2007,2009 by Internet Systems Consortium, Inc. ("ISC")
- * Portions Copyright (c) 2012 by Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (c) 2012,2014 by Internet Systems Consortium, Inc. ("ISC")
  *
  * Permission to use, copy modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -355,6 +355,9 @@ dst_hmac_md5_key_from_file_format(DST_KEY *dkey, const char *buff,
 		return (-4);
 	len = eol - p;
 	tmp = malloc(len + 2);
+	if (tmp == NULL)
+		return (-5);
+
 	memcpy(tmp, p, len);
 	*(tmp + len) = 0x0;
 	key_len = b64_pton((char *)tmp, key, HMAC_LEN+1);	/* see above */
@@ -447,6 +450,8 @@ dst_hmac_md5_generate_key(DST_KEY *key, const int nothing)
 	
 	len = size > 64 ? 64 : size;
 	buff = malloc(len+8);
+	if (buff == NULL)
+		return (-1);
 
 	n = dst_random(DST_RAND_SEMI, len, buff);
 	n += dst_random(DST_RAND_KEY, len, buff);
diff --git a/dst/prandom.c b/dst/prandom.c
index fbb9a200c..340010db7 100644
--- a/dst/prandom.c
+++ b/dst/prandom.c
@@ -2,7 +2,7 @@
 static const char rcsid[] = "$Header: /tmp/cvstest/DHCP/dst/prandom.c,v 1.10 2012/03/09 11:18:13 tomasz Exp $";
 #endif
 /*
- * Portions Copyright (c) 2012,2013 by Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (c) 2012,2013-2014 by Internet Systems Consortium, Inc. ("ISC")
  * Portions Copyright (c) 2007,2009 by Internet Systems Consortium, Inc. ("ISC")
  * Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
  *
@@ -549,6 +549,10 @@ do_hash(dst_work *work, prand_hash *hash, const u_char *input, unsigned size)
 	if (hash->step > 1) {	/* if using subset of input data */
 		tmp_size = size / hash->step + 2;
 		abuf = tp = malloc(tmp_size);
+		/* no good return code but at least don't step on things */
+		if (tp == NULL) {
+			return (0);
+		}
 		tmp = tp;
 		for (cnt = 0, i = hash->curr; i < size; i += hash->step, cnt++)
 			*(tp++) = input[i];