Skip to content

Commit 3e1f365

Browse files
douzzerdouzzer
authored
Merge pull request #8064 from SparkiDev/regression_fixes_14
Regression test fixes
2 parents 0f8b4db + 5f1ddad commit 3e1f365

6 files changed

Lines changed: 204 additions & 55 deletions

File tree

src/bio.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -834,7 +834,9 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
834834
(const char*)data, len, 0, ret);
835835
}
836836

837-
XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);
837+
if (front != NULL) {
838+
XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);
839+
}
838840

839841
#ifdef WOLFSSL_BASE64_ENCODE
840842
if (retB64 > 0 && ret > 0)

src/internal.c

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6849,10 +6849,14 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
68496849
if (ssl->buffers.key != NULL) {
68506850
FreeDer(&ssl->buffers.key);
68516851
}
6852-
AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
6852+
ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
68536853
ctx->privateKey->length, ctx->privateKey->type,
68546854
ctx->privateKey->heap);
6855+
if (ret != 0) {
6856+
return ret;
6857+
}
68556858
ssl->buffers.weOwnKey = 1;
6859+
ret = WOLFSSL_SUCCESS;
68566860
}
68576861
else {
68586862
ssl->buffers.key = ctx->privateKey;
@@ -6862,9 +6866,12 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
68626866
#endif
68636867
#else
68646868
if (ctx->privateKey != NULL) {
6865-
AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
6869+
ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
68666870
ctx->privateKey->length, ctx->privateKey->type,
68676871
ctx->privateKey->heap);
6872+
if (ret != 0) {
6873+
return ret;
6874+
}
68686875
ssl->buffers.weOwnKey = 1;
68696876
/* Blind the private key for the SSL with new random mask. */
68706877
wolfssl_priv_der_unblind(ssl->buffers.key, ctx->privateKeyMask);
@@ -6885,16 +6892,20 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
68856892
ssl->buffers.altKey = ctx->altPrivateKey;
68866893
#else
68876894
if (ctx->altPrivateKey != NULL) {
6888-
AllocCopyDer(&ssl->buffers.altkey, ctx->altPrivateKey->buffer,
6895+
ret = AllocCopyDer(&ssl->buffers.altkey, ctx->altPrivateKey->buffer,
68896896
ctx->altPrivateKey->length, ctx->altPrivateKey->type,
68906897
ctx->altPrivateKey->heap);
6898+
if (ret != 0) {
6899+
return ret;
6900+
}
68916901
/* Blind the private key for the SSL with new random mask. */
68926902
wolfssl_priv_der_unblind(ssl->buffers.altKey, ctx->altPrivateKeyMask);
68936903
ret = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.altKey,
68946904
&ssl->buffers.altKeyMask);
68956905
if (ret != 0) {
68966906
return ret;
68976907
}
6908+
ret = WOLFSSL_SUCCESS;
68986909
}
68996910
#endif
69006911
ssl->buffers.altKeyType = ctx->altPrivateKeyType;

src/ssl.c

Lines changed: 28 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -19793,11 +19793,15 @@ void wolfSSL_certs_clear(WOLFSSL* ssl)
1979319793
return;
1979419794

1979519795
/* ctx still owns certificate, certChain, key, dh, and cm */
19796-
if (ssl->buffers.weOwnCert)
19796+
if (ssl->buffers.weOwnCert) {
1979719797
FreeDer(&ssl->buffers.certificate);
19798+
ssl->buffers.weOwnCert = 0;
19799+
}
1979819800
ssl->buffers.certificate = NULL;
19799-
if (ssl->buffers.weOwnCertChain)
19801+
if (ssl->buffers.weOwnCertChain) {
1980019802
FreeDer(&ssl->buffers.certChain);
19803+
ssl->buffers.weOwnCertChain = 0;
19804+
}
1980119805
ssl->buffers.certChain = NULL;
1980219806
#ifdef WOLFSSL_TLS13
1980319807
ssl->buffers.certChainCnt = 0;
@@ -19807,6 +19811,7 @@ void wolfSSL_certs_clear(WOLFSSL* ssl)
1980719811
#ifdef WOLFSSL_BLIND_PRIVATE_KEY
1980819812
FreeDer(&ssl->buffers.keyMask);
1980919813
#endif
19814+
ssl->buffers.weOwnKey = 0;
1981019815
}
1981119816
ssl->buffers.key = NULL;
1981219817
#ifdef WOLFSSL_BLIND_PRIVATE_KEY
@@ -19823,6 +19828,7 @@ void wolfSSL_certs_clear(WOLFSSL* ssl)
1982319828
#ifdef WOLFSSL_BLIND_PRIVATE_KEY
1982419829
FreeDer(&ssl->buffers.altKeyMask);
1982519830
#endif
19831+
ssl->buffers.weOwnAltKey = 0;
1982619832
}
1982719833
ssl->buffers.altKey = NULL;
1982819834
#ifdef WOLFSSL_BLIND_PRIVATE_KEY
@@ -20402,11 +20408,13 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
2040220408
if (ctx->certificate != NULL) {
2040320409
if (ssl->buffers.certificate != NULL) {
2040420410
FreeDer(&ssl->buffers.certificate);
20411+
ssl->buffers.certificate = NULL;
2040520412
}
2040620413
ret = AllocCopyDer(&ssl->buffers.certificate, ctx->certificate->buffer,
2040720414
ctx->certificate->length, ctx->certificate->type,
2040820415
ctx->certificate->heap);
2040920416
if (ret != 0) {
20417+
ssl->buffers.weOwnCert = 0;
2041020418
return NULL;
2041120419
}
2041220420

@@ -20416,11 +20424,13 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
2041620424
if (ctx->certChain != NULL) {
2041720425
if (ssl->buffers.certChain != NULL) {
2041820426
FreeDer(&ssl->buffers.certChain);
20427+
ssl->buffers.certChain = NULL;
2041920428
}
2042020429
ret = AllocCopyDer(&ssl->buffers.certChain, ctx->certChain->buffer,
2042120430
ctx->certChain->length, ctx->certChain->type,
2042220431
ctx->certChain->heap);
2042320432
if (ret != 0) {
20433+
ssl->buffers.weOwnCertChain = 0;
2042420434
return NULL;
2042520435
}
2042620436

@@ -20440,10 +20450,15 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
2044020450
if (ctx->privateKey != NULL) {
2044120451
if (ssl->buffers.key != NULL) {
2044220452
FreeDer(&ssl->buffers.key);
20453+
ssl->buffers.key = NULL;
2044320454
}
20444-
AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
20455+
ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
2044520456
ctx->privateKey->length, ctx->privateKey->type,
2044620457
ctx->privateKey->heap);
20458+
if (ret != 0) {
20459+
ssl->buffers.weOwnKey = 0;
20460+
return NULL;
20461+
}
2044720462
ssl->buffers.weOwnKey = 1;
2044820463
}
2044920464
else {
@@ -20454,15 +20469,18 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
2045420469
#endif
2045520470
#else
2045620471
if (ctx->privateKey != NULL) {
20457-
AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
20472+
ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
2045820473
ctx->privateKey->length, ctx->privateKey->type,
2045920474
ctx->privateKey->heap);
20475+
if (ret != 0) {
20476+
return NULL;
20477+
}
2046020478
/* Blind the private key for the SSL with new random mask. */
2046120479
wolfssl_priv_der_unblind(ssl->buffers.key, ctx->privateKeyMask);
2046220480
ret = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.key,
2046320481
&ssl->buffers.keyMask);
2046420482
if (ret != 0) {
20465-
return ret;
20483+
return NULL;
2046620484
}
2046720485
}
2046820486
#endif
@@ -20484,15 +20502,18 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
2048420502
ssl->buffers.altKey = ctx->altPrivateKey;
2048520503
#else
2048620504
if (ctx->altPrivateKey != NULL) {
20487-
AllocCopyDer(&ssl->buffers.altkey, ctx->altPrivateKey->buffer,
20505+
ret = AllocCopyDer(&ssl->buffers.altkey, ctx->altPrivateKey->buffer,
2048820506
ctx->altPrivateKey->length, ctx->altPrivateKey->type,
2048920507
ctx->altPrivateKey->heap);
20508+
if (ret != 0) {
20509+
return NULL;
20510+
}
2049020511
/* Blind the private key for the SSL with new random mask. */
2049120512
wolfssl_priv_der_unblind(ssl->buffers.altKey, ctx->altPrivateKeyMask);
2049220513
ret = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.altKey,
2049320514
&ssl->buffers.altKeyMask);
2049420515
if (ret != 0) {
20495-
return ret;
20516+
return NULL;
2049620517
}
2049720518
}
2049820519
#endif

src/ssl_asn1.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -580,6 +580,7 @@ static void* d2i_generic(const WOLFSSL_ASN1_TEMPLATE* mem,
580580
if (impBuf != NULL) {
581581
tmp = *src + (tmp - impBuf); /* for the next calculation */
582582
XFREE(impBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
583+
impBuf = NULL;
583584
}
584585
if (asnLen >= 0 && (int)(tmp - *src) != asnLen) {
585586
WOLFSSL_MSG("ptr not advanced enough");

src/x509.c

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -562,7 +562,6 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
562562
/* Create a WOLFSSL_ASN1_STRING from the DER. */
563563
str = wolfSSL_ASN1_STRING_type_new(tag);
564564
if (str == NULL) {
565-
wolfSSL_ASN1_OBJECT_free(obj);
566565
goto err;
567566
}
568567
wolfSSL_ASN1_STRING_set(str, p, (int)len);
@@ -15087,12 +15086,14 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req,
1508715086
req->reqAttributes->type = STACK_TYPE_X509_REQ_ATTR;
1508815087
}
1508915088
}
15090-
if (req->reqAttributes->type == STACK_TYPE_X509_REQ_ATTR) {
15089+
if ((req->reqAttributes != NULL) &&
15090+
(req->reqAttributes->type == STACK_TYPE_X509_REQ_ATTR)) {
1509115091
ret = wolfSSL_sk_push(req->reqAttributes, attr) > 0
1509215092
? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
1509315093
}
15094-
else
15094+
else {
1509515095
ret = WOLFSSL_FAILURE;
15096+
}
1509615097
if (ret != WOLFSSL_SUCCESS)
1509715098
wolfSSL_X509_ATTRIBUTE_free(attr);
1509815099
}

0 commit comments

Comments
 (0)