Skip to content

Commit

Permalink
Merge pull request #7690 from SparkiDev/regression_fixes_12
Browse files Browse the repository at this point in the history
Regression testing: memory allocation failure
  • Loading branch information
JacobBarthelmeh authored Jun 27, 2024
2 parents 474b8a0 + 4d56cc1 commit 7691bb6
Show file tree
Hide file tree
Showing 9 changed files with 191 additions and 102 deletions.
2 changes: 1 addition & 1 deletion src/crl.c
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
wolfSSL_d2i_X509_NAME(&crle->issuer, (unsigned char**)&dcrl->issuer,
dcrl->issuerSz);
if (crle->issuer == NULL) {
return WOLFSSL_FAILURE;
return -1;
}
#endif
#ifdef CRL_STATIC_REVOKED_LIST
Expand Down
3 changes: 3 additions & 0 deletions src/internal.c
Original file line number Diff line number Diff line change
Expand Up @@ -13495,6 +13495,9 @@ int SetupStoreCtxCallback(WOLFSSL_X509_STORE_CTX** store_pt,
store->current_cert = x509;
*x509Free = 1;
}
else {
goto mem_error;
}
}
#endif
#ifdef SESSION_CERTS
Expand Down
35 changes: 19 additions & 16 deletions src/ssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -5437,24 +5437,9 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
if (!signer)
ret = MEMORY_ERROR;
}
#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
if (ret == 0 && signer != NULL)
ret = CalcHashId(cert->serial, cert->serialSz, signer->serialHash);
#endif
if (ret == 0 && signer != NULL) {
#ifdef WOLFSSL_SIGNER_DER_CERT
ret = AllocDer(&signer->derCert, der->length, der->type, NULL);
}
if (ret == 0 && signer != NULL) {
XMEMCPY(signer->derCert->buffer, der->buffer, der->length);
#endif
signer->keyOID = cert->keyOID;
if (cert->pubKeyStored) {
signer->publicKey = cert->publicKey;
signer->pubKeySize = cert->pubKeySize;
}

#ifdef WOLFSSL_DUAL_ALG_CERTS
if (ret == 0 && signer != NULL) {
if (cert->extSapkiSet && cert->sapkiLen > 0) {
/* Allocated space for alternative public key. */
signer->sapkiDer = (byte*)XMALLOC(cert->sapkiLen, cm->heap,
Expand All @@ -5468,8 +5453,26 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
signer->sapkiOID = cert->sapkiOID;
}
}
}
#endif /* WOLFSSL_DUAL_ALG_CERTS */

#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
if (ret == 0 && signer != NULL)
ret = CalcHashId(cert->serial, cert->serialSz, signer->serialHash);
#endif
if (ret == 0 && signer != NULL) {
#ifdef WOLFSSL_SIGNER_DER_CERT
ret = AllocDer(&signer->derCert, der->length, der->type, NULL);
}
if (ret == 0 && signer != NULL) {
XMEMCPY(signer->derCert->buffer, der->buffer, der->length);
#endif
signer->keyOID = cert->keyOID;
if (cert->pubKeyStored) {
signer->publicKey = cert->publicKey;
signer->pubKeySize = cert->pubKeySize;
}

if (cert->subjectCNStored) {
signer->nameLen = cert->subjectCNLen;
signer->name = cert->subjectCN;
Expand Down
4 changes: 2 additions & 2 deletions src/ssl_load.c
Original file line number Diff line number Diff line change
Expand Up @@ -5202,6 +5202,8 @@ static int wolfssl_set_tmp_dh(WOLFSSL* ssl, unsigned char* p, int pSz,

/* Allocate space for cipher suites. */
if ((ret == 1) && (AllocateSuites(ssl) != 0)) {
ssl->buffers.serverDH_P.buffer = NULL;
ssl->buffers.serverDH_G.buffer = NULL;
ret = 0;
}
if (ret == 1) {
Expand Down Expand Up @@ -5249,8 +5251,6 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
pAlloc = (byte*)XMALLOC(pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
gAlloc = (byte*)XMALLOC(gSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if ((pAlloc == NULL) || (gAlloc == NULL)) {
XFREE(pAlloc, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
XFREE(gAlloc, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
ret = MEMORY_E;
}
}
Expand Down
24 changes: 24 additions & 0 deletions src/tls13.c
Original file line number Diff line number Diff line change
Expand Up @@ -9691,6 +9691,7 @@ static void FreeDcv13Args(WOLFSSL* ssl, void* pArgs)
}

#ifdef WOLFSSL_DUAL_ALG_CERTS
#ifndef NO_RSA
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* RSA public key. Convert it into a usable public key. */
static int decodeRsaKey(WOLFSSL* ssl)
Expand All @@ -9714,7 +9715,9 @@ static int decodeRsaKey(WOLFSSL* ssl)

return 0;
}
#endif /* !NO_RSA */

#ifdef HAVE_ECC
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* ECC public key. Convert it into a usable public key. */
static int decodeEccKey(WOLFSSL* ssl)
Expand All @@ -9738,7 +9741,9 @@ static int decodeEccKey(WOLFSSL* ssl)

return 0;
}
#endif /* HAVE_ECC */

#ifdef HAVE_DILITHIUM
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* dilithium public key. Convert it into a usable public key. */
static int decodeDilithiumKey(WOLFSSL* ssl, int level)
Expand Down Expand Up @@ -9767,7 +9772,9 @@ static int decodeDilithiumKey(WOLFSSL* ssl, int level)

return 0;
}
#endif /* HAVE_DILITHIUM */

#ifdef HAVE_FALCON
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* falcon public key. Convert it into a usable public key. */
static int decodeFalconKey(WOLFSSL* ssl, int level)
Expand Down Expand Up @@ -9795,6 +9802,7 @@ static int decodeFalconKey(WOLFSSL* ssl, int level)

return 0;
}
#endif /* HAVE_FALCON */
#endif /* WOLFSSL_DUAL_ALG_CERTS */

/* handle processing TLS v1.3 certificate_verify (15) */
Expand Down Expand Up @@ -9947,12 +9955,17 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
sa = args->altSigAlgo;

switch(sa) {
#ifndef NO_RSA
case rsa_pss_sa_algo:
ret = decodeRsaKey(ssl);
break;
#endif
#ifdef HAVE_ECC
case ecc_dsa_sa_algo:
ret = decodeEccKey(ssl);
break;
#endif
#ifdef HAVE_DILITHIUM
case dilithium_level2_sa_algo:
ret = decodeDilithiumKey(ssl, 2);
break;
Expand All @@ -9962,12 +9975,15 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
case dilithium_level5_sa_algo:
ret = decodeDilithiumKey(ssl, 5);
break;
#endif
#ifdef HAVE_FALCON
case falcon_level1_sa_algo:
ret = decodeFalconKey(ssl, 1);
break;
case falcon_level5_sa_algo:
ret = decodeFalconKey(ssl, 5);
break;
#endif
default:
ERROR_OUT(PEER_KEY_ERROR, exit_dcv);
}
Expand All @@ -9978,17 +9994,22 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
if (*ssl->sigSpec == WOLFSSL_CKS_SIGSPEC_ALTERNATIVE) {
/* Now swap in the alternative by removing the native.
* sa contains the alternative signature type. */
#ifndef NO_RSA
if (ssl->peerRsaKeyPresent && sa != rsa_pss_sa_algo) {
FreeKey(ssl, DYNAMIC_TYPE_RSA,
(void**)&ssl->peerRsaKey);
ssl->peerRsaKeyPresent = 0;
}
#endif
#ifdef HAVE_ECC
else if (ssl->peerEccDsaKeyPresent &&
sa != ecc_dsa_sa_algo) {
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0;
}
#endif
#ifdef HAVE_DILITHIUM
else if (ssl->peerDilithiumKeyPresent &&
sa != dilithium_level2_sa_algo &&
sa != dilithium_level3_sa_algo &&
Expand All @@ -9997,13 +10018,16 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
(void**)&ssl->peerDilithiumKey);
ssl->peerDilithiumKeyPresent = 0;
}
#endif
#ifdef HAVE_FALCON
else if (ssl->peerFalconKeyPresent &&
sa != falcon_level1_sa_algo &&
sa != falcon_level5_sa_algo) {
FreeKey(ssl, DYNAMIC_TYPE_FALCON,
(void**)&ssl->peerFalconKey);
ssl->peerFalconKeyPresent = 0;
}
#endif
else {
ERROR_OUT(PEER_KEY_ERROR, exit_dcv);
}
Expand Down
1 change: 1 addition & 0 deletions src/x509.c
Original file line number Diff line number Diff line change
Expand Up @@ -12852,6 +12852,7 @@ WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list(
if (name == NULL || WOLFSSL_SUCCESS != wolfSSL_sk_X509_NAME_push(copy, name)) {
WOLFSSL_MSG("Memory error");
wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free);
wolfSSL_X509_NAME_free(name);
return NULL;
}
}
Expand Down
Loading

0 comments on commit 7691bb6

Please sign in to comment.