From b592b241c7fe4b8775889f665af5fa7efa58da3e Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Wed, 15 Jan 2020 21:41:43 +0100 Subject: [PATCH] Fix Segfault in wolfSSL_EC_KEY_dup Fix more header stuff --- src/ssl.c | 28 ++++++++++++++++++++-------- wolfssl/openssl/evp.h | 3 ++- 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 182c2ffae..3853ba4db 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -16548,7 +16548,9 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) int arg, void *ptr) { int ret = WOLFSSL_FAILURE; +#ifdef HAVE_AESGCM WC_RNG rng; +#endif if (ctx == NULL) return WOLFSSL_FAILURE; @@ -20003,10 +20005,12 @@ WOLFSSL_EC_KEY *wolfSSL_EC_KEY_dup(const WOLFSSL_EC_KEY *src) } /* copy domain parameters */ - ret = wc_ecc_set_curve(key, 0, srcKey->dp->id); - if (ret != 0) { - WOLFSSL_MSG("wc_ecc_set_curve error"); - return NULL; + if (srcKey->dp) { + ret = wc_ecc_set_curve(key, 0, srcKey->dp->id); + if (ret != 0) { + WOLFSSL_MSG("wc_ecc_set_curve error"); + return NULL; + } } key->type = srcKey->type; @@ -20043,19 +20047,22 @@ WOLFSSL_EC_KEY *wolfSSL_EC_KEY_dup(const WOLFSSL_EC_KEY *src) /* Copy X, Y, Z */ dup->pub_key->X = wolfSSL_BN_dup(src->pub_key->X); - if (dup->pub_key->X == NULL) { + if (!dup->pub_key->X && src->pub_key->X) { WOLFSSL_MSG("Error copying EC_POINT"); wolfSSL_EC_KEY_free(dup); + return NULL; } dup->pub_key->Y = wolfSSL_BN_dup(src->pub_key->Y); - if (dup->pub_key->Y == NULL) { + if (!dup->pub_key->Y && src->pub_key->Y) { WOLFSSL_MSG("Error copying EC_POINT"); wolfSSL_EC_KEY_free(dup); + return NULL; } dup->pub_key->Z = wolfSSL_BN_dup(src->pub_key->Z); - if (dup->pub_key->Z == NULL) { + if (!dup->pub_key->Z && src->pub_key->Z) { WOLFSSL_MSG("Error copying EC_POINT"); wolfSSL_EC_KEY_free(dup); + return NULL; } dup->pub_key->inSet = src->pub_key->inSet; @@ -31963,6 +31970,9 @@ WOLFSSL_EC_KEY* wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY* key) wolfSSL_EC_KEY_free(local); local = NULL; } + if (!local && key->ecc) { + local = wolfSSL_EC_KEY_dup(key->ecc); + } return local; } #endif /* HAVE_ECC */ @@ -32166,15 +32176,17 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_ #ifdef HAVE_ECC if((pkey == NULL) || (key ==NULL))return WOLFSSL_FAILURE; WOLFSSL_ENTER("wolfSSL_EVP_PKEY_set1_EC_KEY"); +#ifndef NO_RSA if (pkey->rsa != NULL && pkey->ownRsa == 1) { wolfSSL_RSA_free(pkey->rsa); } + pkey->ownRsa = 0; +#endif if (pkey->ecc != NULL && pkey->ownEcc == 1) { wolfSSL_EC_KEY_free(pkey->ecc); } pkey->ecc = key; pkey->ownEcc = 0; /* pkey does not own EC key */ - pkey->ownRsa = 0; pkey->type = EVP_PKEY_EC; ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal); return WOLFSSL_SUCCESS; diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index e34a50809..b80b127e9 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -262,7 +262,8 @@ struct WOLFSSL_EVP_CIPHER_CTX { int bufUsed; ALIGN16 byte lastBlock[WOLFSSL_EVP_BUF_SIZE]; int lastUsed; -#if defined(HAVE_AESGCM) +#if defined(HAVE_AESGCM) || defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) \ + || !defined(NO_DES3) || defined(HAVE_IDEA) int ivSz; ALIGN16 unsigned char authTag[AES_BLOCK_SIZE]; int authTagSz;