From d7ad09da778bcc0090a7cdfd87edb56eea22382b Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Fri, 20 Oct 2023 21:00:10 +0200 Subject: [PATCH] CMS and PKCS7: fix handlling of EVP_PKEY_get_size() failure Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/22459) --- crypto/cms/cms_sd.c | 7 +++---- crypto/pkcs7/pk7_doit.c | 7 +++---- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 43a404da148..b41e3571b2f 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -764,8 +764,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, md = computed_md; } siglen = EVP_PKEY_get_size(si->pkey); - sig = OPENSSL_malloc(siglen); - if (sig == NULL) + if (siglen == 0 || (sig = OPENSSL_malloc(siglen)) == NULL) goto err; if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0) { OPENSSL_free(sig); @@ -780,8 +779,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, ERR_raise(ERR_LIB_CMS, CMS_R_OPERATION_UNSUPPORTED); goto err; } - sig = OPENSSL_malloc(EVP_PKEY_get_size(si->pkey)); - if (sig == NULL) + siglen = EVP_PKEY_get_size(si->pkey); + if (siglen == 0 || (sig = OPENSSL_malloc(siglen)) == NULL) goto err; if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey, ossl_cms_ctx_get0_libctx(ctx), diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 43ea2a9b60f..c753a0880b1 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -834,10 +834,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) goto err; } else { unsigned char *abuf = NULL; - unsigned int abuflen; - abuflen = EVP_PKEY_get_size(si->pkey); - abuf = OPENSSL_malloc(abuflen); - if (abuf == NULL) + unsigned int abuflen = EVP_PKEY_get_size(si->pkey); + + if (abuflen == 0 || (abuf = OPENSSL_malloc(abuflen)) == NULL) goto err; if (!EVP_SignFinal_ex(ctx_tmp, abuf, &abuflen, si->pkey, -- 2.47.3