From: xkernel Date: Wed, 5 Jan 2022 07:54:10 +0000 (+0800) Subject: apps: several return value checks for BIO_new() X-Git-Tag: openssl-3.2.0-alpha1~2886 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fa17f5c98783949a702ab9bb1e780c4e9f15566b;p=thirdparty%2Fopenssl.git apps: several return value checks for BIO_new() Also check return value of functions that call BIO_new() internally such as dup_bio_out(). Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17421) --- diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 021371201b7..e3afc57be51 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -285,7 +285,7 @@ static char *app_get_pass(const char *arg, int keepbio) i = atoi(arg); if (i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); - if ((i < 0) || !pwdbio) { + if ((i < 0) || pwdbio == NULL) { BIO_printf(bio_err, "Can't access file descriptor %s\n", arg); return NULL; } @@ -293,6 +293,12 @@ static char *app_get_pass(const char *arg, int keepbio) * Can't do BIO_gets on an fd BIO so add a buffering BIO */ btmp = BIO_new(BIO_f_buffer()); + if (btmp == NULL) { + BIO_free_all(pwdbio); + pwdbio = NULL; + BIO_printf(bio_err, "Out of memory\n"); + return NULL; + } pwdbio = BIO_push(btmp, pwdbio); #endif } else if (strcmp(arg, "stdin") == 0) { diff --git a/apps/s_client.c b/apps/s_client.c index 208595613b8..23d429622ad 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1678,10 +1678,21 @@ int s_client_main(int argc, char **argv) if (bio_c_out == NULL) { if (c_quiet && !c_debug) { bio_c_out = BIO_new(BIO_s_null()); - if (c_msg && bio_c_msg == NULL) + if (c_msg && bio_c_msg == NULL) { bio_c_msg = dup_bio_out(FORMAT_TEXT); - } else if (bio_c_out == NULL) + if (bio_c_msg == NULL) { + BIO_printf(bio_err, "Out of memory\n"); + goto end; + } + } + } else { bio_c_out = dup_bio_out(FORMAT_TEXT); + } + + if (bio_c_out == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + goto end; + } } #ifndef OPENSSL_NO_SRP if (!app_passwd(srppass, NULL, &srp_arg.srppassin, NULL)) { @@ -2048,14 +2059,16 @@ int s_client_main(int argc, char **argv) #endif sbio = BIO_new_dgram(sock, BIO_NOCLOSE); - if ((peer_info.addr = BIO_ADDR_new()) == NULL) { + if (sbio == NULL || (peer_info.addr = BIO_ADDR_new()) == NULL) { BIO_printf(bio_err, "memory allocation failure\n"); + BIO_free(sbio); BIO_closesocket(sock); goto end; } if (!BIO_sock_info(sock, BIO_SOCK_INFO_ADDRESS, &peer_info)) { BIO_printf(bio_err, "getsockname:errno=%d\n", get_last_socket_error()); + BIO_free(sbio); BIO_ADDR_free(peer_info.addr); BIO_closesocket(sock); goto end; @@ -2096,10 +2109,22 @@ int s_client_main(int argc, char **argv) #endif /* OPENSSL_NO_DTLS */ sbio = BIO_new_socket(sock, BIO_NOCLOSE); + if (sbio == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + ERR_print_errors(bio_err); + BIO_closesocket(sock); + goto end; + } + if (nbio_test) { BIO *test; test = BIO_new(BIO_f_nbio_test()); + if (test == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + BIO_free(sbio); + goto shut; + } sbio = BIO_push(test, sbio); } @@ -2166,6 +2191,10 @@ int s_client_main(int argc, char **argv) int foundit = 0; BIO *fbio = BIO_new(BIO_f_buffer()); + if (fbio == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + goto shut; + } BIO_push(fbio, sbio); /* Wait for multi-line response to end from LMTP or SMTP */ do { @@ -2214,6 +2243,10 @@ int s_client_main(int argc, char **argv) int foundit = 0; BIO *fbio = BIO_new(BIO_f_buffer()); + if (fbio == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + goto shut; + } BIO_push(fbio, sbio); BIO_gets(fbio, mbuf, BUFSIZZ); /* STARTTLS command requires CAPABILITY... */ @@ -2241,6 +2274,10 @@ int s_client_main(int argc, char **argv) { BIO *fbio = BIO_new(BIO_f_buffer()); + if (fbio == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + goto shut; + } BIO_push(fbio, sbio); /* wait for multi-line response to end from FTP */ do { @@ -2335,6 +2372,10 @@ int s_client_main(int argc, char **argv) int numeric; BIO *fbio = BIO_new(BIO_f_buffer()); + if (fbio == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + goto end; + } BIO_push(fbio, sbio); BIO_printf(fbio, "STARTTLS\r\n"); (void)BIO_flush(fbio); @@ -2495,6 +2536,10 @@ int s_client_main(int argc, char **argv) int foundit = 0; BIO *fbio = BIO_new(BIO_f_buffer()); + if (fbio == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + goto end; + } BIO_push(fbio, sbio); BIO_gets(fbio, mbuf, BUFSIZZ); /* STARTTLS command requires CAPABILITIES... */ @@ -2535,6 +2580,10 @@ int s_client_main(int argc, char **argv) int foundit = 0; BIO *fbio = BIO_new(BIO_f_buffer()); + if (fbio == NULL) { + BIO_printf(bio_err, "Unable to create BIO\n"); + goto end; + } BIO_push(fbio, sbio); /* wait for multi-line response to end from Sieve */ do { @@ -2594,8 +2643,9 @@ int s_client_main(int argc, char **argv) BIO *ldapbio = BIO_new(BIO_s_mem()); CONF *cnf = NCONF_new(NULL); - if (cnf == NULL) { + if (ldapbio == NULL || cnf == NULL) { BIO_free(ldapbio); + NCONF_free(cnf); goto end; } BIO_puts(ldapbio, ldap_tls_genconf); diff --git a/apps/s_server.c b/apps/s_server.c index 724f3f4ba85..83feddca3e9 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1814,8 +1814,13 @@ int s_server_main(int argc, char *argv[]) if (bio_s_out == NULL) { if (s_quiet && !s_debug) { bio_s_out = BIO_new(BIO_s_null()); - if (s_msg && bio_s_msg == NULL) + if (s_msg && bio_s_msg == NULL) { bio_s_msg = dup_bio_out(FORMAT_TEXT); + if (bio_s_msg == NULL) { + BIO_printf(bio_err, "Out of memory\n"); + goto end; + } + } } else { bio_s_out = dup_bio_out(FORMAT_TEXT); } @@ -2425,7 +2430,6 @@ static int sv_body(int s, int stype, int prot, unsigned char *context) BIO_free(sbio); goto err; } - sbio = BIO_push(test, sbio); }