From: PW Hu Date: Fri, 8 Oct 2021 08:59:00 +0000 (+0800) Subject: Bugfix: unsafe return check of EVP_PKEY_fromdata_init X-Git-Tag: openssl-3.2.0-alpha1~3479 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5e199c356d09aca3b625b5ea16966b36d24b0201;p=thirdparty%2Fopenssl.git Bugfix: unsafe return check of EVP_PKEY_fromdata_init Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16783) --- diff --git a/apps/dhparam.c b/apps/dhparam.c index 982b2db5493..6b8546e93b2 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -383,7 +383,7 @@ static EVP_PKEY *dsa_to_dh(EVP_PKEY *dh) ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL); if (ctx == NULL - || !EVP_PKEY_fromdata_init(ctx) + || EVP_PKEY_fromdata_init(ctx) <= 0 || !EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params)) { BIO_printf(bio_err, "Error, failed to set DH parameters\n"); goto err; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 2bc1237488d..424d11b2599 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -630,7 +630,7 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, if (ctx == NULL) goto err; - if (!EVP_PKEY_fromdata_init(ctx)) { + if (EVP_PKEY_fromdata_init(ctx) <= 0) { ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); goto err; } diff --git a/test/helpers/predefined_dhparams.c b/test/helpers/predefined_dhparams.c index a6dd8c08a58..b2f66011888 100644 --- a/test/helpers/predefined_dhparams.c +++ b/test/helpers/predefined_dhparams.c @@ -23,7 +23,7 @@ static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type, OSSL_PARAM *params = NULL; EVP_PKEY *dhpkey = NULL; - if (pctx == NULL || !EVP_PKEY_fromdata_init(pctx)) + if (pctx == NULL || EVP_PKEY_fromdata_init(pctx) <= 0) goto err; if ((tmpl = OSSL_PARAM_BLD_new()) == NULL