Coverity fixes

covID 1445689 Resource leak (in error path) covID 1445318 Resource leak (in test - minor) covID 1443705 Unchecked return value (Needed if CRYPTO_atomic_add() was used) covID 1443691 Resource leak (in app - minor) Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9071)
2019-06-04 11:32:58 +10:00 · 2019-06-04 11:32:58 +10:00 · ad14e8e508
parent b1f6925754
commit ad14e8e508
4 changed files with 14 additions and 3 deletions
--- a/apps/verify.c
+++ b/apps/verify.c
@ -169,11 +169,20 @@ int verify_main(int argc, char **argv)
            v_verbose = 1;
            break;
        case OPT_SM2ID:
-            /* we assume the input is not a hex string */
+            if (sm2_id != NULL) {
+                BIO_printf(bio_err,
+                           "Use one of the options 'sm2-hex-id' or 'sm2-id' \n");
+                goto end;
+            }
            sm2_id = (unsigned char *)opt_arg();
            sm2_idlen = strlen((const char *)sm2_id);
            break;
        case OPT_SM2HEXID:
+            if (sm2_id != NULL) {
+                BIO_printf(bio_err,
+                           "Use one of the options 'sm2-hex-id' or 'sm2-id' \n");
+                goto end;
+            }
            /* try to parse the input as hex string first */
            sm2_free = 1;
            sm2_id = OPENSSL_hexstr2buf(opt_arg(), (long *)&sm2_idlen);
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@ -194,7 +194,8 @@ int ossl_provider_upref(OSSL_PROVIDER *prov)
 {
    int ref = 0;

-    CRYPTO_UP_REF(&prov->refcnt, &ref, prov->refcnt_lock);
+    if (CRYPTO_UP_REF(&prov->refcnt, &ref, prov->refcnt_lock) <= 0)
+        return 0;
    return ref;
 }

--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@ -170,6 +170,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
    if (!ossl_assert(mdleni >= 0)) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_GENERATE_SECRET,
                 ERR_R_INTERNAL_ERROR);
+        EVP_KDF_CTX_free(kctx);
        return 0;
    }
    mdlen = (size_t)mdleni;
--- a/test/enginetest.c
+++ b/test/enginetest.c
@ -279,7 +279,7 @@ static int test_redirect(void)
     * Try setting test key engine. Both should fail because the
     * engine has no public key methods.
     */
-    if (!TEST_ptr_null(EVP_PKEY_CTX_new(pkey, e))
+    if (!TEST_ptr_null(ctx = EVP_PKEY_CTX_new(pkey, e))
            || !TEST_int_le(EVP_PKEY_set1_engine(pkey, e), 0))
        goto err;