From 29176807bc2e40df558f5ba9d19b4a2acf9f5416 Mon Sep 17 00:00:00 2001
From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Mon, 16 Oct 2023 18:25:36 +1300
Subject: [PATCH] s4:torture: Check return values of gnutls functions (CID
 1547212)

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/torture/rpc/backupkey.c | 38 ++++++++++++++++++++++++++-------
 1 file changed, 30 insertions(+), 8 deletions(-)

diff --git a/source4/torture/rpc/backupkey.c b/source4/torture/rpc/backupkey.c
index 49c22f7d5b6..71cdf0f6e20 100644
--- a/source4/torture/rpc/backupkey.c
+++ b/source4/torture/rpc/backupkey.c
@@ -290,6 +290,7 @@ static DATA_BLOB *create_access_check(struct torture_context *tctx,
 		struct bkrp_access_check_v2 access_struct;
 		gnutls_hash_hd_t dig_ctx;
 		uint8_t nonce[32];
+		int rc;
 
 		ZERO_STRUCT(access_struct);
 		generate_random_buffer(nonce, sizeof(nonce));
@@ -311,12 +312,22 @@ static DATA_BLOB *create_access_check(struct torture_context *tctx,
 		 * so we reduce the size of what has to be calculated
 		 */
 
-		gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA1);
-		gnutls_hash(dig_ctx,
-			    blob->data,
-			    blob->length - sizeof(access_struct.hash));
+		rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA1);
+		if (rc != GNUTLS_E_SUCCESS) {
+			talloc_free(blob);
+			talloc_free(tmp_ctx);
+			return NULL;
+		}
+		rc = gnutls_hash(dig_ctx,
+				 blob->data,
+				 blob->length - sizeof(access_struct.hash));
 		gnutls_hash_deinit(dig_ctx,
 				   blob->data + blob->length - sizeof(access_struct.hash));
+		if (rc != GNUTLS_E_SUCCESS) {
+			talloc_free(blob);
+			talloc_free(tmp_ctx);
+			return NULL;
+		}
 
 		/* Altering the SHA */
 		if (broken) {
@@ -328,6 +339,7 @@ static DATA_BLOB *create_access_check(struct torture_context *tctx,
 		struct bkrp_access_check_v3 access_struct;
 		gnutls_hash_hd_t dig_ctx;
 		uint8_t nonce[32];
+		int rc;
 
 		ZERO_STRUCT(access_struct);
 		generate_random_buffer(nonce, sizeof(nonce));
@@ -348,12 +360,22 @@ static DATA_BLOB *create_access_check(struct torture_context *tctx,
 		* so we reduce the size of what has to be calculated
 		*/
 
-		gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA512);
-		gnutls_hash(dig_ctx,
-			    blob->data,
-			    blob->length - sizeof(access_struct.hash));
+		rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA512);
+		if (rc != GNUTLS_E_SUCCESS) {
+			talloc_free(blob);
+			talloc_free(tmp_ctx);
+			return NULL;
+		}
+		rc = gnutls_hash(dig_ctx,
+				 blob->data,
+				 blob->length - sizeof(access_struct.hash));
 		gnutls_hash_deinit(dig_ctx,
 				   blob->data + blob->length - sizeof(access_struct.hash));
+		if (rc != GNUTLS_E_SUCCESS) {
+			talloc_free(blob);
+			talloc_free(tmp_ctx);
+			return NULL;
+		}
 
 		/* Altering the SHA */
 		if (broken) {
-- 
2.47.3