combined patch for the more or less obvious issues: #2127
Conversation
levitte
added
the
hold: cla required
crypto/asn1/tasn_new.c
Outdated
| @@ -186,7 +186,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, | |||
| for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { | |||
| pseqval = asn1_get_field_ptr(pval, tt); | |||
| if (!ASN1_template_new(pseqval, tt)) | |||
| goto memerr; | |||
| goto auxerr; | |||
There was a problem hiding this comment.
I understand why you made that choice. Unfortunately, that will give off the wrong error code, so what I'd do if I was you is to change this back and add a ASN1_item_ex_free(pval, it); in the memerr: code.
There was a problem hiding this comment.
Oh, and it's possible you need to check if pval != NULL in that case...
|
updated patch should keep return code as before, |
|
PS: CCLA was signed and sent to legal@opensslfoundation.org today. |
|
I noticed there is a further memory leak in ex_data.c if lh_insert fails. |
|
oops, I doubt that the error in the AppVeyor build is due to my patch, so please ignore: 'ml64' is not recognized as an internal or external command, |
|
Thinking at it again, In my testing I did not have any free_func != NULL, But I see that dynamic_data_ctx_free_func is one example of Furthermore, but I have not seen any examples of these |
|
Oops, and the data flow in the new_func is reversed. |
kroeckx
added
CLA OK
and removed
hold: cla required
bernd-edlinger
force-pushed
the
fix_OOM_error_handling
branch
from
c4e3bc0
to
856dc71
Compare
crypto/ex_data.c
Outdated
| for (i = 0; i < mx; i++) { | ||
| if (storage[i] && storage[i]->free_func) { | ||
| if (storage) |
crypto/ex_data.c
Outdated
| f = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i); | ||
| CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA); | ||
| } | ||
| if (f && f->free_func) { |
There was a problem hiding this comment.
if (f != NULL && f->free_func != NULL) {
crypto/ex_data.c
Outdated
| ptr = CRYPTO_get_ex_data(ad, i); | ||
| storage[i]->free_func(obj, ptr, ad, i, | ||
| storage[i]->argl, storage[i]->argp); | ||
| f->free_func(obj, ptr, ad, i, f->argl, f->argp); | ||
| } | ||
| } | ||
| if (storage) | ||
| OPENSSL_free(storage); |
There was a problem hiding this comment.
Remove the condition, as NULL is valid input for OPENSSL_free()
crypto/ex_data.c
Outdated
| } | ||
| } | ||
| if (storage) | ||
| OPENSSL_free(storage); | ||
| err: | ||
| if (ad->sk) { | ||
| sk_void_free(ad->sk); |
There was a problem hiding this comment.
Remove condition, as NULL is valid input for sk_void_free()
crypto/hmac/hm_pmeth.c
Outdated
| if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) | ||
| return 0; | ||
| goto err; | ||
| if (sctx->ktmp.data) { |
There was a problem hiding this comment.
While you're at it, you could change this to if (sctx->ktmp.data != NULL) {
crypto/rand/md_rand.c
Outdated
| MD_Update(&m, local_md, MD_DIGEST_LENGTH); | ||
| if (!MD_Init(&m) || | ||
| !MD_Update(&m, local_md, MD_DIGEST_LENGTH)) | ||
| goto err; |
crypto/rand/md_rand.c
Outdated
| MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2); | ||
| MD_Final(&m, local_md); | ||
| if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2)) | ||
| goto err; |
There was a problem hiding this comment.
Since you're making changes here anyway, it would be nice if you put curlies around the else part
ssl/s3_pkt.c
Outdated
| @@ -699,6 +699,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) | |||
| len >= 4 * (int)(max_send_fragment = s->max_send_fragment) && | |||
| s->compress == NULL && s->msg_callback == NULL && | |||
| SSL_USE_EXPLICIT_IV(s) && | |||
| s->enc_write_ctx && | |||
|
I'm a little confused by this PR. Is it only for 1.0.2? |
Fixed a memory leak in ASN1_digest and ASN1_item_digest. asn1_template_noexp_d2i call ASN1_item_ex_free(&skfield,...) on error. Reworked error handling in asn1_item_ex_combine_new: - call ASN1_item_ex_free and return the correct error code if ASN1_template_new failed. - dont call ASN1_item_ex_free if ASN1_OP_NEW_PRE failed. Reworked error handing in x509_name_ex_d2i and x509_name_encode. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in def_get_class if lh_EX_CLASS_ITEM_insert fails due to OOM: - to figure out if the insertion succeeded, use lh_EX_CLASS_ITEM_retrieve again. - on error, p will be NULL, and gen needs to be cleaned up again. int_free_ex_data needs to have a fallback solution if unable to allocate "storage": - if free_func is non-zero this must be called to clean up all memory. Fixed error handling in pkey_hmac_copy. Fixed error handling in ssleay_rand_add and ssleay_rand_bytes. Fixed error handling in X509_STORE_new. Fixed a memory leak in ssl3_get_key_exchange. Check for null pointer in ssl3_write_bytes. Check for null pointer in ssl3_get_cert_verify. Fixed a memory leak in ssl_cert_dup. Fixes openssl#2087 openssl#2094 openssl#2103 openssl#2104 openssl#2105 openssl#2106 openssl#2107 openssl#2108 openssl#2110 openssl#2111 openssl#2112 openssl#2115
bernd-edlinger
force-pushed
the
fix_OOM_error_handling
branch
from
856dc71
to
ca8ed57
Compare
|
Yes, this PR is for 1.0.2 only, |
|
Okie. This looks good to me, I just want to see the build results (Travis seems to have ground to a halt for the moment) |
|
ping @levitte to reconfirm. |
|
@richsalz I think you accidentally closed this PR, I cannot re-open this PR, is that a problem, |
levitte
added
the
approval: done
Fixed a memory leak in ASN1_digest and ASN1_item_digest. asn1_template_noexp_d2i call ASN1_item_ex_free(&skfield,...) on error. Reworked error handling in asn1_item_ex_combine_new: - call ASN1_item_ex_free and return the correct error code if ASN1_template_new failed. - dont call ASN1_item_ex_free if ASN1_OP_NEW_PRE failed. Reworked error handing in x509_name_ex_d2i and x509_name_encode. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in def_get_class if lh_EX_CLASS_ITEM_insert fails due to OOM: - to figure out if the insertion succeeded, use lh_EX_CLASS_ITEM_retrieve again. - on error, p will be NULL, and gen needs to be cleaned up again. int_free_ex_data needs to have a fallback solution if unable to allocate "storage": - if free_func is non-zero this must be called to clean up all memory. Fixed error handling in pkey_hmac_copy. Fixed error handling in ssleay_rand_add and ssleay_rand_bytes. Fixed error handling in X509_STORE_new. Fixed a memory leak in ssl3_get_key_exchange. Check for null pointer in ssl3_write_bytes. Check for null pointer in ssl3_get_cert_verify. Fixed a memory leak in ssl_cert_dup. Fixes #2087 #2094 #2103 #2104 #2105 #2106 #2107 #2108 #2110 #2111 #2112 #2115 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from #2127)
|
748cb9a on 1.0.2 Is there a version for 1.1.0/master still pending? Or should I just close all those issues? |
|
All issues are fixed on all branches. Please go ahead and close all issues. Thanks! |
|
@bernd-edlinger thank you very much for all your work on improving OpenSSL! |
#2087 #2094 #2103 #2104 #2105 #2106 #2107 #2108 #2110 #2111 #2112 #2115