diff --git a/src/internal.c b/src/internal.c index 68491dc4e..a32153e30 100644 --- a/src/internal.c +++ b/src/internal.c @@ -12077,7 +12077,8 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type) #ifndef NO_PSK if (ssl->specs.kea == psk_kea && - ssl->arrays->server_hint[0] == 0) + ssl->arrays != NULL && + ssl->arrays->server_hint[0] == 0) pskNoServerHint = 1; #endif if (ssl->specs.static_ecdh == 1 || diff --git a/src/ssl.c b/src/ssl.c index e99c9803a..b617cf27a 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -3732,9 +3732,6 @@ WOLFSSL_STACK* wolfSSL_X509_STORE_GetCerts(WOLFSSL_X509_STORE_CTX* s) /* get certificate buffer */ cert = &s->certs[certIdx]; - if (cert == NULL) - break; - dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); if (dCert == NULL) { @@ -4934,6 +4931,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify) InitDecodedCert(cert, der->buffer, der->length, cm->heap); if ((ret = ParseCert(cert, TRUSTED_PEER_TYPE, verify, cm)) != 0) { + FreeDecodedCert(cert); XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); return ret; } @@ -4968,6 +4966,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify) if (AlreadyTrustedPeer(cm, subjectHash)) { WOLFSSL_MSG("\tAlready have this CA, not adding again"); + FreeTrustedPeer(peerCert, cm->heap); (void)ret; } else { @@ -18549,7 +18548,11 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) int ret = 0; WOLFSSL_ENTER("wolfSSL_EVP_Cipher"); - if (ctx == NULL || dst == NULL || src == NULL) { + if (ctx == NULL || src == NULL || + (dst == NULL && + ctx->cipherType != AES_128_GCM_TYPE && + ctx->cipherType != AES_192_GCM_TYPE && + ctx->cipherType != AES_256_GCM_TYPE)) { WOLFSSL_MSG("Bad function argument"); return 0; /* failure */ } @@ -26129,6 +26132,7 @@ err_exit: #if !defined(NO_ASN) && !defined(NO_PWDBASED) if ((newx509 != NULL) && (type == PKCS12_TYPE)) { wc_PKCS12_free((WC_PKCS12*)newx509); + newx509 = NULL; } #endif _exit: @@ -26596,6 +26600,9 @@ int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime, time_t* cmpTime) /* Convert to time struct*/ ct = XGMTIME(pTime, tmpTs); + if (ct == NULL) + return GETTIME_ERROR; + /* DateGreaterThan returns 1 for >; 0 for <= */ ret = DateGreaterThan(&ts, ct) ? 1 : -1; } @@ -26695,6 +26702,10 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src) return NULL; dup = wolfSSL_ASN1_INTEGER_new(); + + if (dup == NULL) + return NULL; + dup->negative = src->negative; dup->dataMax = src->dataMax; dup->isDynamic = src->isDynamic; @@ -26707,6 +26718,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src) dup->data = (unsigned char*) XMALLOC(src->dataMax,NULL,DYNAMIC_TYPE_OPENSSL); if (dup->data == NULL) { + wolfSSL_ASN1_INTEGER_free(dup); return NULL; } XMEMCPY(dup->data,src->data,dup->dataMax); @@ -29417,8 +29429,10 @@ int wolfSSL_BIO_vprintf(WOLFSSL_BIO* bio, const char* format, va_list args) switch (bio->type) { case WOLFSSL_BIO_FILE: - if (bio->ptr == NULL) + if (bio->ptr == NULL) { + va_end(args); return -1; + } ret = vfprintf((XFILE)bio->ptr, format, args); break; @@ -30893,6 +30907,10 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_BN_to_ASN1_INTEGER(const WOLFSSL_BIGNUM *bn, WOLFS if (ai == NULL) { a = wolfSSL_ASN1_INTEGER_new(); + + if (a == NULL) + return NULL; + a->type = V_ASN1_INTEGER; } else { @@ -44920,9 +44938,9 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, return WOLFSSL_FAILURE; } +#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) /* If XN_FLAG_DN_REV is present, print X509_NAME in reverse order */ if (flags == (XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)) { -#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) fullName[0] = '\0'; count = wolfSSL_X509_NAME_entry_count(name); for (i = 0; i < count; i++) { @@ -44959,13 +44977,14 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, if (wolfSSL_BIO_write(bio, fullName, totalSz) != totalSz) return WOLFSSL_FAILURE; return WOLFSSL_SUCCESS; -#endif /* WOLFSSL_APACHE_HTTPD || OPENSSL_ALL || WOLFSSL_NGINX */ } - else if (flags == XN_FLAG_RFC2253) { +#else + if (flags == XN_FLAG_RFC2253) { if (wolfSSL_BIO_write(bio, name->name + 1, name->sz - 2) != name->sz - 2) return WOLFSSL_FAILURE; } +#endif /* WOLFSSL_APACHE_HTTPD || OPENSSL_ALL || WOLFSSL_NGINX */ else if (wolfSSL_BIO_write(bio, name->name, name->sz - 1) != name->sz - 1) return WOLFSSL_FAILURE; @@ -46545,8 +46564,10 @@ int wolfSSL_X509_check_host(X509 *x, const char *chk, size_t chklen, InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL); ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL); - if (ret != 0) + if (ret != 0) { + FreeDecodedCert(&dCert); return WOLFSSL_FAILURE; + } ret = CheckHostName(&dCert, (char *)chk, chklen); FreeDecodedCert(&dCert); diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c index 1060b837a..6c53be8f3 100644 --- a/wolfcrypt/src/dh.c +++ b/wolfcrypt/src/dh.c @@ -2143,7 +2143,6 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, int ret = 0; mp_int* keyP = NULL; mp_int* keyG = NULL; - mp_int* keyQ = NULL; if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) { ret = BAD_FUNC_ARG; @@ -2203,13 +2202,9 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, if (ret == 0 && q != NULL) { if (mp_read_unsigned_bin(&key->q, q, qSz) != MP_OKAY) ret = MP_INIT_E; - else - keyQ = &key->q; } if (ret != 0 && key != NULL) { - if (keyQ) - mp_clear(keyQ); if (keyG) mp_clear(keyG); if (keyP) diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index e4ea1577b..f08f45d2d 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -1401,6 +1401,9 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx, if (pkey == NULL) { ownPkey = 1; pkey = wolfSSL_PKEY_new(); + + if (pkey == NULL) + return ret; } switch (pkey->type) { diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c index 6827e2030..b5300fb92 100644 --- a/wolfcrypt/src/integer.c +++ b/wolfcrypt/src/integer.c @@ -2838,6 +2838,14 @@ int mp_set_bit (mp_int * a, int b) { int i = b / DIGIT_BIT, res; + /* + * Require: + * bit index b >= 0 + * a->alloc == a->used == 0 if a->dp == NULL + */ + if (b < 0 || (a->dp == NULL && (a->alloc != 0 || a->used != 0))) + return MP_VAL; + if (a->dp == NULL || a->used < (int)(i + 1)) { /* grow a to accommodate the single bit */ if ((res = mp_grow (a, i + 1)) != MP_OKAY) { diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 3231ce661..50c51987e 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -11419,7 +11419,9 @@ authenv_atrbend: XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); decryptedKey = NULL; #ifdef WOLFSSL_SMALL_STACK + #ifndef NO_PKCS7_STREAM pkcs7->stream->key = NULL; + #endif #endif #endif ret = encryptedContentSz; diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 5ceddbbbb..f3119b88e 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1596,7 +1596,7 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen, byte invalid = 0; #endif - if (output == NULL || pkcsBlockLen == 0) { + if (output == NULL || pkcsBlockLen == 0 || pkcsBlockLen > 0xFFFF) { return BAD_FUNC_ARG; }