diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index 7b3991a071..00a388a3a5 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -82,7 +82,7 @@ ASN1_BIT_STRING *ossl_c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, ASN1_BIT_STRING *ret = NULL; const unsigned char *p; unsigned char *s; - int i; + int i = 0; if (len < 1) { i = ASN1_R_STRING_TOO_SHORT; @@ -115,7 +115,6 @@ ASN1_BIT_STRING *ossl_c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, if (len-- > 1) { /* using one because of the bits left byte */ s = OPENSSL_malloc((int)len); if (s == NULL) { - i = ERR_R_MALLOC_FAILURE; goto err; } memcpy(s, p, (int)len); @@ -131,7 +130,8 @@ ASN1_BIT_STRING *ossl_c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, *pp = p; return ret; err: - ERR_raise(ERR_LIB_ASN1, i); + if (i != 0) + ERR_raise(ERR_LIB_ASN1, i); if ((a == NULL) || (*a != ret)) ASN1_BIT_STRING_free(ret); return NULL; @@ -160,10 +160,8 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) if (!value) return 1; /* Don't need to set */ c = OPENSSL_clear_realloc(a->data, a->length, w + 1); - if (c == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (c == NULL) return 0; - } if (w + 1 - a->length > 0) memset(c + a->length, 0, w + 1 - a->length); a->data = c; diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c index e8602053f9..4af2276a8d 100644 --- a/crypto/asn1/a_d2i_fp.c +++ b/crypto/asn1/a_d2i_fp.c @@ -123,7 +123,7 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) b = BUF_MEM_new(); if (b == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); return -1; } @@ -134,7 +134,7 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) want -= diff; if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); goto err; } i = BIO_read(in, &(b->data[len]), want); @@ -206,7 +206,7 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) size_t chunk = want > chunk_max ? chunk_max : want; if (!BUF_MEM_grow_clean(b, len + chunk)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); goto err; } want -= chunk; diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 72cc880779..67e8a96ba1 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -36,10 +36,8 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); return 0; } - if ((str = OPENSSL_malloc(inl)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((str = OPENSSL_malloc(inl)) == NULL) return 0; - } p = str; i2d(data, &p); diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c index 93e8b2aa8d..23d1d63808 100644 --- a/crypto/asn1/a_dup.c +++ b/crypto/asn1/a_dup.c @@ -28,10 +28,8 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, const void *x) return NULL; b = OPENSSL_malloc(i + 10); - if (b == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (b == NULL) return NULL; - } p = b; i = i2d(x, &p); p2 = b; @@ -78,7 +76,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, const void *x) i = ASN1_item_i2d(x, &b, it); if (b == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return NULL; } p = b; diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c index 4cc4773666..e30f1f2a17 100644 --- a/crypto/asn1/a_i2d_fp.c +++ b/crypto/asn1/a_i2d_fp.c @@ -42,10 +42,8 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x) return 0; b = OPENSSL_malloc(n); - if (b == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (b == NULL) return 0; - } p = (unsigned char *)b; i2d(x, &p); @@ -91,7 +89,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x) n = ASN1_item_i2d(x, &b, it); if (b == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return 0; } diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index c3ab6a9222..dc962290dd 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -303,8 +303,10 @@ ASN1_INTEGER *ossl_c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, } else ret = *a; - if (ASN1_STRING_set(ret, NULL, r) == 0) + if (ASN1_STRING_set(ret, NULL, r) == 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; + } c2i_ibuf(ret->data, &neg, *pp, len); @@ -318,7 +320,6 @@ ASN1_INTEGER *ossl_c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, (*a) = ret; return ret; err: - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); if (a == NULL || *a != ret) ASN1_INTEGER_free(ret); return NULL; @@ -400,7 +401,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, unsigned char *s; long len = 0; int inf, tag, xclass; - int i; + int i = 0; if ((a == NULL) || ((*a) == NULL)) { if ((ret = ASN1_INTEGER_new()) == NULL) @@ -430,10 +431,8 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, * a missing NULL parameter. */ s = OPENSSL_malloc((int)len + 1); - if (s == NULL) { - i = ERR_R_MALLOC_FAILURE; + if (s == NULL) goto err; - } ret->type = V_ASN1_INTEGER; if (len) { if ((*p == 0) && (len != 1)) { @@ -450,7 +449,8 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, *pp = p; return ret; err: - ERR_raise(ERR_LIB_ASN1, i); + if (i != 0) + ERR_raise(ERR_LIB_ASN1, i); if ((a == NULL) || (*a != ret)) ASN1_INTEGER_free(ret); return NULL; @@ -483,7 +483,7 @@ static ASN1_STRING *bn_to_asn1_string(const BIGNUM *bn, ASN1_STRING *ai, len = 1; if (ASN1_STRING_set(ret, NULL, len) == 0) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c index be2d5aa68f..7d80798655 100644 --- a/crypto/asn1/a_mbstr.c +++ b/crypto/asn1/a_mbstr.c @@ -145,7 +145,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, free_out = 1; dest = ASN1_STRING_type_new(str_type); if (dest == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return -1; } *out = dest; @@ -153,7 +153,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* If both the same type just copy across */ if (inform == outform) { if (!ASN1_STRING_set(dest, in, len)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return -1; } return str_type; @@ -185,7 +185,6 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, if ((p = OPENSSL_malloc(outlen + 1)) == NULL) { if (free_out) ASN1_STRING_free(dest); - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); return -1; } dest->length = outlen; diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index c96c36e730..73c69eacd2 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -31,10 +31,8 @@ int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp) return objsize; if (*pp == NULL) { - if ((p = allocated = OPENSSL_malloc(objsize)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((p = allocated = OPENSSL_malloc(objsize)) == NULL) return 0; - } } else { p = *pp; } @@ -135,10 +133,8 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) OPENSSL_free(tmp); tmpsize = blsize + 32; tmp = OPENSSL_malloc(tmpsize); - if (tmp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (tmp == NULL) goto err; - } } while (blsize--) { BN_ULONG t = BN_div_word(bl, 0x80L); @@ -196,10 +192,8 @@ int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a) ERR_raise(ERR_LIB_ASN1, ASN1_R_LENGTH_TOO_LONG); return -1; } - if ((p = OPENSSL_malloc(i + 1)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((p = OPENSSL_malloc(i + 1)) == NULL) return -1; - } i2t_ASN1_OBJECT(p, i + 1, a); } if (i <= 0) { @@ -308,10 +302,8 @@ ASN1_OBJECT *ossl_c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, ret->length = 0; OPENSSL_free(data); data = OPENSSL_malloc(length); - if (data == NULL) { - i = ERR_R_MALLOC_FAILURE; + if (data == NULL) goto err; - } ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA; } memcpy(data, p, length); @@ -345,10 +337,8 @@ ASN1_OBJECT *ASN1_OBJECT_new(void) ASN1_OBJECT *ret; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->flags = ASN1_OBJECT_FLAG_DYNAMIC; return ret; } diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index a1e2719e64..8507fc3668 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -35,7 +35,7 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, X509_ALGOR *a; if (ctx == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); goto err; } for (i = 0; i < 2; i++) { @@ -82,7 +82,6 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, buf_out = OPENSSL_malloc(outll); if (buf_in == NULL || buf_out == NULL) { outl = 0; - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); goto err; } p = buf_in; @@ -130,7 +129,7 @@ int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1, EVP_MD_CTX *ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq); if (ctx == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return 0; } /* We can use the non _ex variant here since the pkey is already setup */ @@ -270,7 +269,6 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, buf_out = OPENSSL_malloc(outll); if (buf_in == NULL || buf_out == NULL) { outl = 0; - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c index b31761aae6..29ea60596e 100644 --- a/crypto/asn1/a_strex.c +++ b/crypto/asn1/a_strex.c @@ -282,10 +282,8 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, der_len = i2d_ASN1_TYPE(&t, NULL); if (der_len <= 0) return -1; - if ((der_buf = OPENSSL_malloc(der_len)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((der_buf = OPENSSL_malloc(der_len)) == NULL) return -1; - } p = der_buf; i2d_ASN1_TYPE(&t, &p); outlen = do_hex_dump(io_ch, arg, der_buf, der_len); diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index 2c6cb919f7..869ac82714 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -159,10 +159,8 @@ static ASN1_STRING_TABLE *stable_get(int nid) tmp = ASN1_STRING_TABLE_get(nid); if (tmp != NULL && tmp->flags & STABLE_FLAGS_MALLOC) return tmp; - if ((rv = OPENSSL_zalloc(sizeof(*rv))) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((rv = OPENSSL_zalloc(sizeof(*rv))) == NULL) return NULL; - } if (!sk_ASN1_STRING_TABLE_push(stable, rv)) { OPENSSL_free(rv); return NULL; @@ -190,7 +188,7 @@ int ASN1_STRING_TABLE_add(int nid, tmp = stable_get(nid); if (tmp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return 0; } if (minsize >= 0) diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c index 92be1109a2..4459a68156 100644 --- a/crypto/asn1/a_time.c +++ b/crypto/asn1/a_time.c @@ -420,10 +420,8 @@ int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str) * new t.data would be freed after ASN1_STRING_copy is done. */ t.data = OPENSSL_zalloc(t.length + 1); - if (t.data == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (t.data == NULL) goto out; - } memcpy(t.data, str + 2, t.length); t.type = V_ASN1_UTCTIME; } diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 9bf9bdd14e..a55f60d757 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -33,7 +33,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, int ret = -1, i, inl; if (ctx == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); goto err; } i = OBJ_obj2nid(a->algorithm); @@ -54,10 +54,8 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, goto err; } buf_in = OPENSSL_malloc((unsigned int)inl); - if (buf_in == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (buf_in == NULL) goto err; - } p = buf_in; i2d(data, &p); @@ -206,7 +204,7 @@ int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg, goto err; } if (buf_in == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } inll = inl; diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index 8b15da3bee..6ba13dd7f2 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -222,10 +222,8 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, { EVP_PKEY_ASN1_METHOD *ameth = OPENSSL_zalloc(sizeof(*ameth)); - if (ameth == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (ameth == NULL) return NULL; - } ameth->pkey_id = id; ameth->pkey_base_id = id; @@ -247,7 +245,6 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, err: EVP_PKEY_asn1_free(ameth); - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c index c590c62fc2..a7ec79faa9 100644 --- a/crypto/asn1/asn1_gen.c +++ b/crypto/asn1/asn1_gen.c @@ -581,7 +581,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) int no_unused = 1; if ((atmp = ASN1_TYPE_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return NULL; } @@ -642,11 +642,11 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) goto bad_form; } if ((atmp->value.asn1_string = ASN1_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto bad_str; } if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto bad_str; } atmp->value.asn1_string->type = utype; @@ -677,7 +677,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str, -1, format, ASN1_tag2bit(utype)) <= 0) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto bad_str; } @@ -686,7 +686,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_BIT_STRING: case V_ASN1_OCTET_STRING: if ((atmp->value.asn1_string = ASN1_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto bad_form; } @@ -750,7 +750,7 @@ static int bitstr_cb(const char *elem, int len, void *bitstr) return 0; } if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return 0; } return 1; diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 55e3ddbafd..e3a8480eef 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -314,7 +314,6 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in) str->data = OPENSSL_realloc(c, len + 1); #endif if (str->data == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); str->data = c; return 0; } @@ -354,10 +353,8 @@ ASN1_STRING *ASN1_STRING_type_new(int type) ASN1_STRING *ret; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->type = type; return ret; } diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 1a60540885..014e482e66 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -76,7 +76,7 @@ int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, BIO *bio, *tbio; bio = BIO_new_NDEF(out, val, it); if (!bio) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); return 0; } if (!SMIME_crlf_copy(in, bio, flags)) { @@ -109,7 +109,7 @@ static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags, int r; b64 = BIO_new(BIO_f_base64()); if (b64 == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BIO_LIB); return 0; } /* @@ -142,7 +142,7 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it, ASN1_VALUE **x, ASN1_VALUE *val; if ((b64 = BIO_new(BIO_f_base64())) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BIO_LIB); return 0; } bio = BIO_push(b64, bio); @@ -521,7 +521,7 @@ int SMIME_crlf_copy(BIO *in, BIO *out, int flags) */ bf = BIO_new(BIO_f_buffer()); if (bf == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BIO_LIB); return 0; } out = BIO_push(bf, out); diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c index 526219c1a7..6f816307af 100644 --- a/crypto/asn1/asn_moid.c +++ b/crypto/asn1/asn_moid.c @@ -83,10 +83,8 @@ static int do_create(const char *value, const char *name) p--; } p++; - if ((lntmp = OPENSSL_malloc((p - ln) + 1)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((lntmp = OPENSSL_malloc((p - ln) + 1)) == NULL) return 0; - } memcpy(lntmp, ln, p - ln); lntmp[p - ln] = '\0'; ln = lntmp; diff --git a/crypto/asn1/asn_mstbl.c b/crypto/asn1/asn_mstbl.c index 3543cd2256..515d8181b6 100644 --- a/crypto/asn1/asn_mstbl.c +++ b/crypto/asn1/asn_mstbl.c @@ -106,7 +106,7 @@ static int do_tcreate(const char *value, const char *name) rv = ASN1_STRING_TABLE_add(nid, tbl_min, tbl_max, tbl_mask, tbl_flags); if (!rv) - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); } sk_CONF_VALUE_pop_free(lst, X509V3_conf_free); return rv; diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index bf6e273b93..0744e7b434 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -19,7 +19,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) if (oct == NULL || *oct == NULL) { if ((octmp = ASN1_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return NULL; } } else { @@ -33,7 +33,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) goto err; } if (octmp->data == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } diff --git a/crypto/asn1/bio_asn1.c b/crypto/asn1/bio_asn1.c index f792c08806..c6eabc0d61 100644 --- a/crypto/asn1/bio_asn1.c +++ b/crypto/asn1/bio_asn1.c @@ -100,10 +100,8 @@ static int asn1_bio_new(BIO *b) { BIO_ASN1_BUF_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return 0; - } if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) { OPENSSL_free(ctx); return 0; @@ -116,10 +114,12 @@ static int asn1_bio_new(BIO *b) static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size) { - if (size <= 0 || (ctx->buf = OPENSSL_malloc(size)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (size <= 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } + if ((ctx->buf = OPENSSL_malloc(size)) == NULL) + return 0; ctx->bufsize = size; ctx->asn1_class = V_ASN1_UNIVERSAL; ctx->asn1_tag = V_ASN1_OCTET_STRING; diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c index d94e3a3644..108f7c8285 100644 --- a/crypto/asn1/bio_ndef.c +++ b/crypto/asn1/bio_ndef.c @@ -116,10 +116,8 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg) derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it); if (derlen < 0) return 0; - if ((p = OPENSSL_malloc(derlen)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((p = OPENSSL_malloc(derlen)) == NULL) return 0; - } ndef_aux->derbuf = p; *pbuf = p; @@ -191,10 +189,8 @@ static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg) derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it); if (derlen < 0) return 0; - if ((p = OPENSSL_malloc(derlen)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((p = OPENSSL_malloc(derlen)) == NULL) return 0; - } ndef_aux->derbuf = p; *pbuf = p; diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c index d41e0069af..20192b577b 100644 --- a/crypto/asn1/f_int.c +++ b/crypto/asn1/f_int.c @@ -108,7 +108,6 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) if (num + i > slen) { sp = OPENSSL_clear_realloc(s, slen, num + i * 2); if (sp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); OPENSSL_free(s); return 0; } diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c index 4b65110d98..1da442a457 100644 --- a/crypto/asn1/f_string.c +++ b/crypto/asn1/f_string.c @@ -99,7 +99,6 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) if (num + i > slen) { sp = OPENSSL_realloc(s, (unsigned int)num + i * 2); if (sp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); OPENSSL_free(s); return 0; } diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index 9bc8aaa7a3..13b3f19bae 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -34,13 +34,14 @@ int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, pbe = PBEPARAM_new(); if (pbe == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + /* ERR_R_ASN1_LIB, because PBEPARAM_new() is defined in crypto/asn1 */ + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } if (iter <= 0) iter = PKCS5_DEFAULT_ITER; if (!ASN1_INTEGER_set(pbe->iter, iter)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } if (!saltlen) @@ -49,10 +50,8 @@ int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, goto err; sstr = OPENSSL_malloc(saltlen); - if (sstr == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (sstr == NULL) goto err; - } if (salt) memcpy(sstr, salt, saltlen); else if (RAND_bytes_ex(ctx, sstr, saltlen, 0) <= 0) @@ -62,7 +61,7 @@ int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, sstr = NULL; if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } @@ -94,7 +93,7 @@ X509_ALGOR *PKCS5_pbe_set_ex(int alg, int iter, X509_ALGOR *ret; ret = X509_ALGOR_new(); if (ret == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); return NULL; } diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c index b44e447cef..e710cf3c35 100644 --- a/crypto/asn1/p5_pbev2.c +++ b/crypto/asn1/p5_pbev2.c @@ -57,14 +57,18 @@ X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter, goto err; } - if ((pbe2 = PBE2PARAM_new()) == NULL) - goto merr; + if ((pbe2 = PBE2PARAM_new()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* Setup the AlgorithmIdentifier for the encryption scheme */ scheme = pbe2->encryption; scheme->algorithm = OBJ_nid2obj(alg_nid); - if ((scheme->parameter = ASN1_TYPE_new()) == NULL) - goto merr; + if ((scheme->parameter = ASN1_TYPE_new()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* Create random IV */ ivlen = EVP_CIPHER_get_iv_length(cipher); @@ -76,8 +80,10 @@ X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter, } ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) - goto merr; + if (ctx == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); + goto err; + } /* Dummy cipherinit to just setup the IV, and PRF */ if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, iv, 0)) @@ -113,30 +119,33 @@ X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter, pbe2->keyfunc = PKCS5_pbkdf2_set_ex(iter, salt, saltlen, prf_nid, keylen, libctx); - if (pbe2->keyfunc == NULL) - goto merr; + if (pbe2->keyfunc == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* Now set up top level AlgorithmIdentifier */ - if ((ret = X509_ALGOR_new()) == NULL) - goto merr; + if ((ret = X509_ALGOR_new()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); + goto err; + } ret->algorithm = OBJ_nid2obj(NID_pbes2); /* Encode PBE2PARAM into parameter */ if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBE2PARAM), pbe2, - &ret->parameter)) - goto merr; + &ret->parameter)) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } PBE2PARAM_free(pbe2); pbe2 = NULL; return ret; - merr: - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); - err: EVP_CIPHER_CTX_free(ctx); PBE2PARAM_free(pbe2); @@ -170,69 +179,89 @@ X509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen, PBKDF2PARAM *kdf = NULL; ASN1_OCTET_STRING *osalt = NULL; - if ((kdf = PBKDF2PARAM_new()) == NULL) - goto merr; - if ((osalt = ASN1_OCTET_STRING_new()) == NULL) - goto merr; + if ((kdf = PBKDF2PARAM_new()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } + if ((osalt = ASN1_OCTET_STRING_new()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } kdf->salt->value.octet_string = osalt; kdf->salt->type = V_ASN1_OCTET_STRING; - if (saltlen < 0) - goto merr; + if (saltlen < 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } if (saltlen == 0) saltlen = PKCS5_SALT_LEN; if ((osalt->data = OPENSSL_malloc(saltlen)) == NULL) - goto merr; + goto err; + osalt->length = saltlen; - if (salt) + if (salt) { memcpy(osalt->data, salt, saltlen); - else if (RAND_bytes_ex(libctx, osalt->data, saltlen, 0) <= 0) - goto merr; + } else if (RAND_bytes_ex(libctx, osalt->data, saltlen, 0) <= 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_RAND_LIB); + goto err; + } if (iter <= 0) iter = PKCS5_DEFAULT_ITER; - if (!ASN1_INTEGER_set(kdf->iter, iter)) - goto merr; + if (!ASN1_INTEGER_set(kdf->iter, iter)) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* If have a key len set it up */ if (keylen > 0) { - if ((kdf->keylength = ASN1_INTEGER_new()) == NULL) - goto merr; - if (!ASN1_INTEGER_set(kdf->keylength, keylen)) - goto merr; + if ((kdf->keylength = ASN1_INTEGER_new()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } + if (!ASN1_INTEGER_set(kdf->keylength, keylen)) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } } /* prf can stay NULL if we are using hmacWithSHA1 */ if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) { kdf->prf = ossl_X509_ALGOR_from_nid(prf_nid, V_ASN1_NULL, NULL); - if (kdf->prf == NULL) - goto merr; + if (kdf->prf == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); + goto err; + } } /* Finally setup the keyfunc structure */ keyfunc = X509_ALGOR_new(); - if (keyfunc == NULL) - goto merr; + if (keyfunc == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); + goto err; + } keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2); /* Encode PBKDF2PARAM into parameter of pbe2 */ if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBKDF2PARAM), kdf, - &keyfunc->parameter)) - goto merr; + &keyfunc->parameter)) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } PBKDF2PARAM_free(kdf); return keyfunc; - merr: - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + err: PBKDF2PARAM_free(kdf); X509_ALGOR_free(keyfunc); return NULL; diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c index a02190d0dc..94b77fd3ab 100644 --- a/crypto/asn1/p5_scrypt.c +++ b/crypto/asn1/p5_scrypt.c @@ -67,16 +67,20 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, } pbe2 = PBE2PARAM_new(); - if (pbe2 == NULL) - goto merr; + if (pbe2 == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* Setup the AlgorithmIdentifier for the encryption scheme */ scheme = pbe2->encryption; scheme->algorithm = OBJ_nid2obj(alg_nid); scheme->parameter = ASN1_TYPE_new(); - if (scheme->parameter == NULL) - goto merr; + if (scheme->parameter == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* Create random IV */ if (EVP_CIPHER_get_iv_length(cipher)) { @@ -87,8 +91,10 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, } ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) - goto merr; + if (ctx == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); + goto err; + } /* Dummy cipherinit to just setup the IV */ if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, iv, 0) == 0) @@ -111,31 +117,34 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, pbe2->keyfunc = pkcs5_scrypt_set(salt, saltlen, keylen, N, r, p); - if (pbe2->keyfunc == NULL) - goto merr; + if (pbe2->keyfunc == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* Now set up top level AlgorithmIdentifier */ ret = X509_ALGOR_new(); - if (ret == NULL) - goto merr; + if (ret == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } ret->algorithm = OBJ_nid2obj(NID_pbes2); /* Encode PBE2PARAM into parameter */ if (ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBE2PARAM), pbe2, - &ret->parameter) == NULL) - goto merr; + &ret->parameter) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } PBE2PARAM_free(pbe2); pbe2 = NULL; return ret; - merr: - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); - err: PBE2PARAM_free(pbe2); X509_ALGOR_free(ret); @@ -151,57 +160,73 @@ static X509_ALGOR *pkcs5_scrypt_set(const unsigned char *salt, size_t saltlen, X509_ALGOR *keyfunc = NULL; SCRYPT_PARAMS *sparam = SCRYPT_PARAMS_new(); - if (sparam == NULL) - goto merr; + if (sparam == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } if (!saltlen) saltlen = PKCS5_SALT_LEN; /* This will either copy salt or grow the buffer */ - if (ASN1_STRING_set(sparam->salt, salt, saltlen) == 0) - goto merr; + if (ASN1_STRING_set(sparam->salt, salt, saltlen) == 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } if (salt == NULL && RAND_bytes(sparam->salt->data, saltlen) <= 0) goto err; - if (ASN1_INTEGER_set_uint64(sparam->costParameter, N) == 0) - goto merr; + if (ASN1_INTEGER_set_uint64(sparam->costParameter, N) == 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } - if (ASN1_INTEGER_set_uint64(sparam->blockSize, r) == 0) - goto merr; + if (ASN1_INTEGER_set_uint64(sparam->blockSize, r) == 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } - if (ASN1_INTEGER_set_uint64(sparam->parallelizationParameter, p) == 0) - goto merr; + if (ASN1_INTEGER_set_uint64(sparam->parallelizationParameter, p) == 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } /* If have a key len set it up */ if (keylen > 0) { sparam->keyLength = ASN1_INTEGER_new(); - if (sparam->keyLength == NULL) - goto merr; - if (ASN1_INTEGER_set_int64(sparam->keyLength, keylen) == 0) - goto merr; + if (sparam->keyLength == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } + if (ASN1_INTEGER_set_int64(sparam->keyLength, keylen) == 0) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } } /* Finally setup the keyfunc structure */ keyfunc = X509_ALGOR_new(); - if (keyfunc == NULL) - goto merr; + if (keyfunc == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } keyfunc->algorithm = OBJ_nid2obj(NID_id_scrypt); /* Encode SCRYPT_PARAMS into parameter of pbe2 */ if (ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(SCRYPT_PARAMS), sparam, - &keyfunc->parameter) == NULL) - goto merr; + &keyfunc->parameter) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + goto err; + } SCRYPT_PARAMS_free(sparam); return keyfunc; - merr: - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); err: SCRYPT_PARAMS_free(sparam); X509_ALGOR_free(keyfunc); diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 1701eb9d56..5c65d542c5 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -629,7 +629,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, } if (*val == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB); goto err; } @@ -658,7 +658,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, } len -= p - q; if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB); ASN1_item_free(skfield, ASN1_ITEM_ptr(tt->item)); goto err; } @@ -802,7 +802,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, len = buf.length; /* Append a final null to string */ if (!BUF_MEM_grow_clean(&buf, len + 1)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); goto err; } buf.data[len] = 0; @@ -925,7 +925,7 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, if (*pval == NULL) { stmp = ASN1_STRING_type_new(utype); if (stmp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; } *pval = (ASN1_VALUE *)stmp; @@ -939,7 +939,7 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, *free_cont = 0; } else { if (!ASN1_STRING_set(stmp, cont, len)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); ASN1_STRING_free(stmp); *pval = NULL; goto err; @@ -1098,7 +1098,7 @@ static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) if (buf) { len = buf->length; if (!BUF_MEM_grow_clean(buf, len + plen)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); return 0; } memcpy(buf->data + len, *p, plen); diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index 3ea18b0280..dab5f9f278 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -62,10 +62,8 @@ static int asn1_item_flags_i2d(const ASN1_VALUE *val, unsigned char **out, len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags); if (len <= 0) return len; - if ((buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(len)) == NULL) return -1; - } p = buf; ASN1_item_ex_i2d(&val, &p, it, -1, flags); *out = buf; @@ -415,15 +413,11 @@ static int asn1_set_seq_out(STACK_OF(const_ASN1_VALUE) *sk, else { derlst = OPENSSL_malloc(sk_const_ASN1_VALUE_num(sk) * sizeof(*derlst)); - if (derlst == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (derlst == NULL) return 0; - } tmpdat = OPENSSL_malloc(skcontlen); - if (tmpdat == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (tmpdat == NULL) goto err; - } } } /* If not sorting just output each item */ diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c index 4b624bbdd4..00a5397a5e 100644 --- a/crypto/asn1/tasn_new.c +++ b/crypto/asn1/tasn_new.c @@ -78,10 +78,10 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed, if (ef != NULL) { if (ef->asn1_ex_new_ex != NULL) { if (!ef->asn1_ex_new_ex(pval, it, libctx, propq)) - goto memerr; + goto asn1err; } else if (ef->asn1_ex_new != NULL) { if (!ef->asn1_ex_new(pval, it)) - goto memerr; + goto asn1err; } } break; @@ -89,14 +89,14 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed, case ASN1_ITYPE_PRIMITIVE: if (it->templates) { if (!asn1_template_new(pval, it->templates, libctx, propq)) - goto memerr; + goto asn1err; } else if (!asn1_primitive_new(pval, it, embed)) - goto memerr; + goto asn1err; break; case ASN1_ITYPE_MSTRING: if (!asn1_primitive_new(pval, it, embed)) - goto memerr; + goto asn1err; break; case ASN1_ITYPE_CHOICE: @@ -113,7 +113,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed, } else { *pval = OPENSSL_zalloc(it->size); if (*pval == NULL) - goto memerr; + return 0; } ossl_asn1_set_choice_selector(pval, -1, it); if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) @@ -135,7 +135,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed, } else { *pval = OPENSSL_zalloc(it->size); if (*pval == NULL) - goto memerr; + return 0; } /* 0 : init. lock */ if (ossl_asn1_do_lock(pval, 0, it) < 0) { @@ -143,13 +143,13 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed, OPENSSL_free(*pval); *pval = NULL; } - goto memerr; + goto asn1err; } ossl_asn1_enc_init(pval, it); for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { pseqval = ossl_asn1_get_field_ptr(pval, tt); if (!asn1_template_new(pseqval, tt, libctx, propq)) - goto memerr2; + goto asn1err2; } if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) goto auxerr2; @@ -157,10 +157,10 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed, } return 1; - memerr2: + asn1err2: ossl_asn1_item_embed_free(pval, it, embed); - memerr: - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + asn1err: + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); return 0; auxerr2: @@ -230,7 +230,7 @@ static int asn1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, STACK_OF(ASN1_VALUE) *skval; skval = sk_ASN1_VALUE_new_null(); if (!skval) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB); ret = 0; goto done; } @@ -298,10 +298,8 @@ static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it, return 1; case V_ASN1_ANY: - if ((typ = OPENSSL_malloc(sizeof(*typ))) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((typ = OPENSSL_malloc(sizeof(*typ))) == NULL) return 0; - } typ->value.ptr = NULL; typ->type = -1; *pval = (ASN1_VALUE *)typ; diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c index 7d8618e26c..73eadc5fd4 100644 --- a/crypto/asn1/tasn_prn.c +++ b/crypto/asn1/tasn_prn.c @@ -37,10 +37,8 @@ ASN1_PCTX *ASN1_PCTX_new(void) ASN1_PCTX *ret; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } return ret; } diff --git a/crypto/asn1/tasn_scn.c b/crypto/asn1/tasn_scn.c index bde697ee99..7ada313b94 100644 --- a/crypto/asn1/tasn_scn.c +++ b/crypto/asn1/tasn_scn.c @@ -26,10 +26,8 @@ ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx)) { ASN1_SCTX *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->scan_cb = scan_cb; return ret; } diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c index e5f25d88df..be8931cab4 100644 --- a/crypto/asn1/tasn_utl.c +++ b/crypto/asn1/tasn_utl.c @@ -86,7 +86,7 @@ int ossl_asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) *lck = ret = 1; *lock = CRYPTO_THREAD_lock_new(); if (*lock == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB); return -1; } break; @@ -168,10 +168,8 @@ int ossl_asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, OPENSSL_free(enc->enc); if (inlen <= 0) return 0; - if ((enc->enc = OPENSSL_malloc(inlen)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((enc->enc = OPENSSL_malloc(inlen)) == NULL) return 0; - } memcpy(enc->enc, in, inlen); enc->len = inlen; enc->modified = 0; diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c index f8bc478988..8a4d2dba0a 100644 --- a/crypto/asn1/x_info.c +++ b/crypto/asn1/x_info.c @@ -18,10 +18,8 @@ X509_INFO *X509_INFO_new(void) X509_INFO *ret; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } return ret; } diff --git a/crypto/asn1/x_int64.c b/crypto/asn1/x_int64.c index eb78c7e367..d05fe26bb0 100644 --- a/crypto/asn1/x_int64.c +++ b/crypto/asn1/x_int64.c @@ -28,10 +28,8 @@ static int uint64_new(ASN1_VALUE **pval, const ASN1_ITEM *it) { - if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint64_t))) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint64_t))) == NULL) return 0; - } return 1; } @@ -123,10 +121,8 @@ static int uint64_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, static int uint32_new(ASN1_VALUE **pval, const ASN1_ITEM *it) { - if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint32_t))) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint32_t))) == NULL) return 0; - } return 1; } diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c index b63c7c6489..34b7286d7e 100644 --- a/crypto/asn1/x_pkey.c +++ b/crypto/asn1/x_pkey.c @@ -19,18 +19,17 @@ X509_PKEY *X509_PKEY_new(void) ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) - goto err; + return NULL; ret->enc_algor = X509_ALGOR_new(); ret->enc_pkey = ASN1_OCTET_STRING_new(); - if (ret->enc_algor == NULL || ret->enc_pkey == NULL) - goto err; + if (ret->enc_algor == NULL || ret->enc_pkey == NULL) { + X509_PKEY_free(ret); + ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); + return NULL; + } return ret; -err: - X509_PKEY_free(ret); - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); - return NULL; } void X509_PKEY_free(X509_PKEY *x) diff --git a/crypto/async/arch/async_posix.c b/crypto/async/arch/async_posix.c index f7432c3298..f2b507c7d0 100644 --- a/crypto/async/arch/async_posix.c +++ b/crypto/async/arch/async_posix.c @@ -119,7 +119,6 @@ int async_fibre_makecontext(async_fibre *fibre) makecontext(&fibre->fibre, async_start_func, 0); return 1; } - ERR_raise(ERR_LIB_ASYNC, ERR_R_MALLOC_FAILURE); } else { fibre->fibre.uc_stack.ss_sp = NULL; } diff --git a/crypto/async/async.c b/crypto/async/async.c index 076197c79b..46c87d6a5a 100644 --- a/crypto/async/async.c +++ b/crypto/async/async.c @@ -40,10 +40,8 @@ static async_ctx *async_ctx_new(void) return NULL; nctx = OPENSSL_malloc(sizeof(*nctx)); - if (nctx == NULL) { - ERR_raise(ERR_LIB_ASYNC, ERR_R_MALLOC_FAILURE); + if (nctx == NULL) goto err; - } async_fibre_init_dispatcher(&nctx->dispatcher); nctx->currjob = NULL; @@ -82,10 +80,8 @@ static ASYNC_JOB *async_job_new(void) ASYNC_JOB *job = NULL; job = OPENSSL_zalloc(sizeof(*job)); - if (job == NULL) { - ERR_raise(ERR_LIB_ASYNC, ERR_R_MALLOC_FAILURE); + if (job == NULL) return NULL; - } job->status = ASYNC_JOB_RUNNING; @@ -256,7 +252,6 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret, if (args != NULL) { ctx->currjob->funcargs = OPENSSL_malloc(size); if (ctx->currjob->funcargs == NULL) { - ERR_raise(ERR_LIB_ASYNC, ERR_R_MALLOC_FAILURE); async_release_job(ctx->currjob); ctx->currjob = NULL; return ASYNC_ERR; @@ -367,14 +362,12 @@ int ASYNC_init_thread(size_t max_size, size_t init_size) return 0; pool = OPENSSL_zalloc(sizeof(*pool)); - if (pool == NULL) { - ERR_raise(ERR_LIB_ASYNC, ERR_R_MALLOC_FAILURE); + if (pool == NULL) return 0; - } pool->jobs = sk_ASYNC_JOB_new_reserve(NULL, init_size); if (pool->jobs == NULL) { - ERR_raise(ERR_LIB_ASYNC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASYNC, ERR_R_CRYPTO_LIB); OPENSSL_free(pool); return 0; } diff --git a/crypto/async/async_wait.c b/crypto/async/async_wait.c index df7d293021..c5d000a03b 100644 --- a/crypto/async/async_wait.c +++ b/crypto/async/async_wait.c @@ -47,10 +47,8 @@ int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key, { struct fd_lookup_st *fdlookup; - if ((fdlookup = OPENSSL_zalloc(sizeof(*fdlookup))) == NULL) { - ERR_raise(ERR_LIB_ASYNC, ERR_R_MALLOC_FAILURE); + if ((fdlookup = OPENSSL_zalloc(sizeof(*fdlookup))) == NULL) return 0; - } fdlookup->key = key; fdlookup->fd = fd; diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c index cfed63bd72..fe0ca92225 100644 --- a/crypto/bio/bf_buff.c +++ b/crypto/bio/bf_buff.c @@ -291,7 +291,7 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) return 0; p1 = OPENSSL_malloc((size_t)num); if (p1 == NULL) - goto malloc_error; + return 0; OPENSSL_free(ctx->ibuf); ctx->ibuf = p1; } @@ -322,14 +322,14 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) return 0; p1 = OPENSSL_malloc((size_t)num); if (p1 == NULL) - goto malloc_error; + return 0; } if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) { p2 = OPENSSL_malloc((size_t)num); if (p2 == NULL) { if (p1 != ctx->ibuf) OPENSSL_free(p1); - goto malloc_error; + return 0; } } if (ctx->ibuf != p1) { @@ -405,9 +405,6 @@ static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) break; } return ret; - malloc_error: - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); - return 0; } static long buffer_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) diff --git a/crypto/bio/bf_lbuf.c b/crypto/bio/bf_lbuf.c index 73f1216987..8854b4144c 100644 --- a/crypto/bio/bf_lbuf.c +++ b/crypto/bio/bf_lbuf.c @@ -57,13 +57,10 @@ static int linebuffer_new(BIO *bi) { BIO_LINEBUFFER_CTX *ctx; - if ((ctx = OPENSSL_malloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_malloc(sizeof(*ctx))) == NULL) return 0; - } ctx->obuf = OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE); if (ctx->obuf == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); OPENSSL_free(ctx); return 0; } @@ -237,7 +234,7 @@ static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr) if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) { p = OPENSSL_malloc((size_t)obs); if (p == NULL) - goto malloc_error; + return 0; } if (ctx->obuf != p) { if (ctx->obuf_len > obs) { @@ -294,9 +291,6 @@ static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr) break; } return ret; - malloc_error: - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); - return 0; } static long linebuffer_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c index f9ea1730ba..01138729b0 100644 --- a/crypto/bio/bf_nbio.c +++ b/crypto/bio/bf_nbio.c @@ -55,10 +55,8 @@ static int nbiof_new(BIO *bi) { NBIO_TEST *nt; - if ((nt = OPENSSL_zalloc(sizeof(*nt))) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((nt = OPENSSL_zalloc(sizeof(*nt))) == NULL) return 0; - } nt->lrn = -1; nt->lwn = -1; bi->ptr = (char *)nt; diff --git a/crypto/bio/bio_addr.c b/crypto/bio/bio_addr.c index 747777a5ab..3c09543194 100644 --- a/crypto/bio/bio_addr.c +++ b/crypto/bio/bio_addr.c @@ -53,10 +53,8 @@ BIO_ADDR *BIO_ADDR_new(void) { BIO_ADDR *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->sa.sa_family = AF_UNSPEC; return ret; @@ -279,7 +277,6 @@ static int addr_strings(const BIO_ADDR *ap, int numeric, OPENSSL_free(*service); *service = NULL; } - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); return 0; } @@ -550,7 +547,7 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service, } else { *host = OPENSSL_strndup(h, hl); if (*host == NULL) - goto memerr; + return 0; } } if (p != NULL && service != NULL) { @@ -560,7 +557,7 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service, } else { *service = OPENSSL_strndup(p, pl); if (*service == NULL) - goto memerr; + return 0; } } @@ -571,9 +568,6 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service, spec_err: ERR_raise(ERR_LIB_BIO, BIO_R_MALFORMED_HOST_OR_SERVICE); return 0; - memerr: - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); - return 0; } /* addrinfo_wrap is used to build our own addrinfo "chain". @@ -590,10 +584,8 @@ static int addrinfo_wrap(int family, int socktype, unsigned short port, BIO_ADDRINFO **bai) { - if ((*bai = OPENSSL_zalloc(sizeof(**bai))) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((*bai = OPENSSL_zalloc(sizeof(**bai))) == NULL) return 0; - } (*bai)->bai_family = family; (*bai)->bai_socktype = socktype; @@ -688,7 +680,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, if (addrinfo_wrap(family, socktype, host, strlen(host), 0, res)) return 1; else - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BIO, ERR_R_BIO_LIB); return 0; } #endif @@ -732,7 +724,8 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, # endif # ifdef EAI_MEMORY case EAI_MEMORY: - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + ERR_raise_data(ERR_LIB_BIO, ERR_R_SYS_LIB, + gai_strerror(old_ret ? old_ret : gai_ret)); break; # endif case 0: @@ -789,7 +782,8 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, #endif if (!RUN_ONCE(&bio_lookup_init, do_bio_lookup_init)) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + /* Should this be raised inside do_bio_lookup_init()? */ + ERR_raise(ERR_LIB_BIO, ERR_R_CRYPTO_LIB); ret = 0; goto err; } @@ -927,14 +921,14 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, if (!addrinfo_wrap(he->h_addrtype, socktype, *addrlistp, he->h_length, se->s_port, &tmp_bai)) - goto addrinfo_malloc_err; + goto addrinfo_wrap_err; tmp_bai->bai_next = *res; *res = tmp_bai; continue; - addrinfo_malloc_err: + addrinfo_wrap_err: BIO_ADDRINFO_free(*res); *res = NULL; - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BIO, ERR_R_BIO_LIB); ret = 0; goto err; } diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index b2b5620958..a0a83da8cb 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -82,10 +82,8 @@ BIO *BIO_new_ex(OSSL_LIB_CTX *libctx, const BIO_METHOD *method) { BIO *bio = OPENSSL_zalloc(sizeof(*bio)); - if (bio == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (bio == NULL) return NULL; - } bio->libctx = libctx; bio->method = method; @@ -97,7 +95,7 @@ BIO *BIO_new_ex(OSSL_LIB_CTX *libctx, const BIO_METHOD *method) bio->lock = CRYPTO_THREAD_lock_new(); if (bio->lock == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BIO, ERR_R_CRYPTO_LIB); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data); goto err; } diff --git a/crypto/bio/bio_meth.c b/crypto/bio/bio_meth.c index 3865d82f0e..d7d480ea4f 100644 --- a/crypto/bio/bio_meth.c +++ b/crypto/bio/bio_meth.c @@ -25,7 +25,8 @@ int BIO_get_new_index(void) int newval; if (!RUN_ONCE(&bio_type_init, do_bio_type_init)) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + /* Perhaps the error should be raised in do_bio_type_init()? */ + ERR_raise(ERR_LIB_BIO, ERR_R_CRYPTO_LIB); return -1; } if (!CRYPTO_UP_REF(&bio_count, &newval, bio_type_lock)) @@ -40,7 +41,6 @@ BIO_METHOD *BIO_meth_new(int type, const char *name) if (biom == NULL || (biom->name = OPENSSL_strdup(name)) == NULL) { OPENSSL_free(biom); - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); return NULL; } biom->type = type; diff --git a/crypto/bio/bio_print.c b/crypto/bio/bio_print.c index 4c9c3af7cf..f573514f1f 100644 --- a/crypto/bio/bio_print.c +++ b/crypto/bio/bio_print.c @@ -847,10 +847,8 @@ doapr_outch(char **sbuffer, *maxlen += BUFFER_INC; if (*buffer == NULL) { - if ((*buffer = OPENSSL_malloc(*maxlen)) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(*maxlen)) == NULL) return 0; - } if (*currlen > 0) { if (!ossl_assert(*sbuffer != NULL)) return 0; @@ -861,10 +859,8 @@ doapr_outch(char **sbuffer, char *tmpbuf; tmpbuf = OPENSSL_realloc(*buffer, *maxlen); - if (tmpbuf == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (tmpbuf == NULL) return 0; - } *buffer = tmpbuf; } } diff --git a/crypto/bio/bio_sock.c b/crypto/bio/bio_sock.c index 48a9e7d5e6..7aa7bdc65e 100644 --- a/crypto/bio/bio_sock.c +++ b/crypto/bio/bio_sock.c @@ -305,13 +305,14 @@ int BIO_accept(int sock, char **ip_port) if (ip_port != NULL) { char *host = BIO_ADDR_hostname_string(&res, 1); char *port = BIO_ADDR_service_string(&res, 1); - if (host != NULL && port != NULL) + if (host != NULL && port != NULL) { *ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2); - else + } else { *ip_port = NULL; + ERR_raise(ERR_LIB_BIO, ERR_R_BIO_LIB); + } if (*ip_port == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); BIO_closesocket(ret); ret = (int)INVALID_SOCKET; } else { diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c index f31e8be3e0..806186ae41 100644 --- a/crypto/bio/bss_acpt.c +++ b/crypto/bio/bss_acpt.c @@ -92,10 +92,8 @@ static BIO_ACCEPT *BIO_ACCEPT_new(void) { BIO_ACCEPT *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } ret->accept_family = BIO_FAMILY_IPANY; ret->accept_sock = (int)INVALID_SOCKET; return ret; diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c index 0bdff21eea..3af3b27ea5 100644 --- a/crypto/bio/bss_bio.c +++ b/crypto/bio/bss_bio.c @@ -620,20 +620,16 @@ static int bio_make_pair(BIO *bio1, BIO *bio2) if (b1->buf == NULL) { b1->buf = OPENSSL_malloc(b1->size); - if (b1->buf == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (b1->buf == NULL) return 0; - } b1->len = 0; b1->offset = 0; } if (b2->buf == NULL) { b2->buf = OPENSSL_malloc(b2->size); - if (b2->buf == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (b2->buf == NULL) return 0; - } b2->len = 0; b2->offset = 0; } diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index 13ac7f2d95..75bfe64566 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -256,10 +256,8 @@ BIO_CONNECT *BIO_CONNECT_new(void) { BIO_CONNECT *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } ret->state = BIO_CONN_S_BEFORE; ret->connect_family = BIO_FAMILY_IPANY; return ret; diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index e18072cf99..97600e4cd3 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -1820,10 +1820,8 @@ static int dgram_sctp_new(BIO *bi) bi->init = 0; bi->num = 0; - if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL) return 0; - } # ifdef SCTP_PR_SCTP_NONE data->prinfo.pr_policy = SCTP_PR_SCTP_NONE; # endif @@ -2058,10 +2056,8 @@ static int dgram_sctp_read(BIO *b, char *out, int outl) optlen = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t)); authchunks = OPENSSL_malloc(optlen); - if (authchunks == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (authchunks == NULL) return -1; - } memset(authchunks, 0, optlen); ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen); diff --git a/crypto/bio/bss_dgram_pair.c b/crypto/bio/bss_dgram_pair.c index fedcd66dd3..7210a9906a 100644 --- a/crypto/bio/bss_dgram_pair.c +++ b/crypto/bio/bss_dgram_pair.c @@ -286,13 +286,13 @@ static int dgram_pair_ctrl_make_bio_pair(BIO *bio1, BIO *bio2) if (b1->rbuf.len != b1->req_buf_len) if (ring_buf_init(&b1->rbuf, b1->req_buf_len) == 0) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BIO, ERR_R_BIO_LIB); return 0; } if (b2->rbuf.len != b2->req_buf_len) if (ring_buf_init(&b2->rbuf, b2->req_buf_len) == 0) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BIO, ERR_R_BIO_LIB); ring_buf_destroy(&b1->rbuf); return 0; } diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c index 82abfd5cec..f2c84606d2 100644 --- a/crypto/bio/bss_log.c +++ b/crypto/bio/bss_log.c @@ -197,10 +197,8 @@ static int slg_write(BIO *b, const char *in, int inl) if (inl < 0) return 0; - if ((buf = OPENSSL_malloc(inl + 1)) == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(inl + 1)) == NULL) return 0; - } memcpy(buf, in, inl); buf[inl] = '\0'; diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index a753380e64..014acf2963 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -326,10 +326,8 @@ static int mem_write(BIO *b, const char *in, int inl) if (bbm->use_dgrams) { struct buf_mem_dgram_st *dgram = OPENSSL_malloc(sizeof(*dgram)); - if (dgram == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (dgram == NULL) goto end; - } dgram->dgram = bbm->buf->data + blen; dgram->dgramlen = inl; diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 72457b34cf..6ea54f00a9 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -33,14 +33,12 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) bn_check_top(mod); - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BN, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } diff --git a/crypto/bn/bn_conv.c b/crypto/bn/bn_conv.c index 75054f5d6a..849440e71e 100644 --- a/crypto/bn/bn_conv.c +++ b/crypto/bn/bn_conv.c @@ -23,10 +23,8 @@ char *BN_bn2hex(const BIGNUM *a) if (BN_is_zero(a)) return OPENSSL_strdup("0"); buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2); - if (buf == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (buf == NULL) goto err; - } p = buf; if (a->neg) *p++ = '-'; @@ -70,10 +68,8 @@ char *BN_bn2dec(const BIGNUM *a) bn_data_num = num / BN_DEC_NUM + 1; bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG)); buf = OPENSSL_malloc(tbytes); - if (buf == NULL || bn_data == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (buf == NULL || bn_data == NULL) goto err; - } if ((t = BN_dup(a)) == NULL) goto err; diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 35a7ddbab7..aa70ca7a3f 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -119,10 +119,8 @@ BN_CTX *BN_CTX_new_ex(OSSL_LIB_CTX *ctx) { BN_CTX *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } /* Initialise the structure */ BN_POOL_init(&ret->pool); BN_STACK_init(&ret->stack); @@ -268,10 +266,8 @@ static int BN_STACK_push(BN_STACK *st, unsigned int idx) st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES; unsigned int *newitems; - if ((newitems = OPENSSL_malloc(sizeof(*newitems) * newsize)) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((newitems = OPENSSL_malloc(sizeof(*newitems) * newsize)) == NULL) return 0; - } if (st->depth) memcpy(newitems, st->indexes, sizeof(*newitems) * st->depth); OPENSSL_free(st->indexes); @@ -322,10 +318,8 @@ static BIGNUM *BN_POOL_get(BN_POOL *p, int flag) if (p->used == p->size) { BN_POOL_ITEM *item; - if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) return NULL; - } for (loop = 0, bn = item->vals; loop++ < BN_CTX_POOL_SIZE; bn++) { bn_init(bn); if ((flag & BN_FLG_SECURE) != 0) diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c index 2b42c7df97..91ad76a161 100644 --- a/crypto/bn/bn_gcd.c +++ b/crypto/bn/bn_gcd.c @@ -522,7 +522,7 @@ BIGNUM *BN_mod_inverse(BIGNUM *in, if (ctx == NULL) { ctx = new_ctx = BN_CTX_new_ex(NULL); if (ctx == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BN, ERR_R_BN_LIB); return NULL; } } diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c index 304c2ea08d..83e1f11e18 100644 --- a/crypto/bn/bn_gf2m.c +++ b/crypto/bn/bn_gf2m.c @@ -474,10 +474,8 @@ int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, bn_check_top(p); arr = OPENSSL_malloc(sizeof(*arr) * max); - if (arr == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (arr == NULL) return 0; - } ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { ERR_raise(ERR_LIB_BN, BN_R_INVALID_LENGTH); @@ -536,10 +534,8 @@ int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) bn_check_top(p); arr = OPENSSL_malloc(sizeof(*arr) * max); - if (arr == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (arr == NULL) return 0; - } ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { ERR_raise(ERR_LIB_BN, BN_R_INVALID_LENGTH); @@ -915,10 +911,8 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, bn_check_top(p); arr = OPENSSL_malloc(sizeof(*arr) * max); - if (arr == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (arr == NULL) return 0; - } ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { ERR_raise(ERR_LIB_BN, BN_R_INVALID_LENGTH); @@ -979,10 +973,8 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) bn_check_top(p); arr = OPENSSL_malloc(sizeof(*arr) * max); - if (arr == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (arr == NULL) return 0; - } ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { ERR_raise(ERR_LIB_BN, BN_R_INVALID_LENGTH); @@ -1115,10 +1107,8 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, bn_check_top(p); arr = OPENSSL_malloc(sizeof(*arr) * max); - if (arr == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (arr == NULL) goto err; - } ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { ERR_raise(ERR_LIB_BN, BN_R_INVALID_LENGTH); diff --git a/crypto/bn/bn_intern.c b/crypto/bn/bn_intern.c index c0f7f5fea6..505a9dfcc3 100644 --- a/crypto/bn/bn_intern.c +++ b/crypto/bn/bn_intern.c @@ -29,10 +29,8 @@ signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) if (BN_is_zero(scalar)) { r = OPENSSL_malloc(1); - if (r == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (r == NULL) goto err; - } r[0] = 0; *ret_len = 1; return r; @@ -62,10 +60,8 @@ signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) * (*ret_len will be set to the actual length, i.e. at most * BN_num_bits(scalar) + 1) */ - if (r == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (r == NULL) goto err; - } window_val = scalar->d[0] & mask; j = 0; while ((window_val != 0) || (j + w + 1 < len)) { /* if j+w+1 >= len, @@ -188,7 +184,7 @@ void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size) int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words) { if (bn_wexpand(a, num_words) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BN, ERR_R_BN_LIB); return 0; } diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index 089b23963d..4fe6ce071a 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -244,10 +244,8 @@ BIGNUM *BN_new(void) { BIGNUM *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } ret->flags = BN_FLG_MALLOCED; bn_check_top(ret); return ret; @@ -279,10 +277,8 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) a = OPENSSL_secure_zalloc(words * sizeof(*a)); else a = OPENSSL_zalloc(words * sizeof(*a)); - if (a == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (a == NULL) return NULL; - } assert(b->top <= words); if (b->top > 0) @@ -1044,10 +1040,8 @@ BN_GENCB *BN_GENCB_new(void) { BN_GENCB *ret; - if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) return NULL; - } return ret; } diff --git a/crypto/bn/bn_mod.c b/crypto/bn/bn_mod.c index 7f5afa25ec..982e0e992c 100644 --- a/crypto/bn/bn_mod.c +++ b/crypto/bn/bn_mod.c @@ -58,10 +58,8 @@ int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, if (mtop > sizeof(storage) / sizeof(storage[0])) { tp = OPENSSL_malloc(mtop * sizeof(BN_ULONG)); - if (tp == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (tp == NULL) return 0; - } } ap = a->d != NULL ? a->d : tp; diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 735989d983..1d0ee7f633 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -229,10 +229,8 @@ BN_MONT_CTX *BN_MONT_CTX_new(void) { BN_MONT_CTX *ret; - if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) return NULL; - } BN_MONT_CTX_init(ret); ret->flags = BN_FLG_MALLOCED; diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 54f7ca611f..560855542f 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -145,10 +145,8 @@ int BN_generate_prime_ex2(BIGNUM *ret, int bits, int safe, } mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES); - if (mods == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (mods == NULL) return 0; - } BN_CTX_start(ctx); t = BN_CTX_get(ctx); diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index fd17e7a601..46ace0744d 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -41,10 +41,8 @@ static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom, mask = 0xff << (bit + 1); buf = OPENSSL_malloc(bytes); - if (buf == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (buf == NULL) goto err; - } /* make a random number and set the top and bottom bits */ b = flag == NORMAL ? RAND_bytes_ex(libctx, buf, bytes, strength) diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index 96a6b19ab0..462329ad25 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -21,10 +21,8 @@ BN_RECP_CTX *BN_RECP_CTX_new(void) { BN_RECP_CTX *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } bn_init(&(ret->N)); bn_init(&(ret->Nr)); diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c index db1ea38b19..3394342986 100644 --- a/crypto/buffer/buffer.c +++ b/crypto/buffer/buffer.c @@ -33,10 +33,8 @@ BUF_MEM *BUF_MEM_new(void) BUF_MEM *ret; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_BUF, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } return ret; } @@ -87,7 +85,7 @@ size_t BUF_MEM_grow(BUF_MEM *str, size_t len) } /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */ if (len > LIMIT_BEFORE_EXPANSION) { - ERR_raise(ERR_LIB_BUF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BUF, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } n = (len + 3) / 3 * 4; @@ -96,7 +94,6 @@ size_t BUF_MEM_grow(BUF_MEM *str, size_t len) else ret = OPENSSL_realloc(str->data, n); if (ret == NULL) { - ERR_raise(ERR_LIB_BUF, ERR_R_MALLOC_FAILURE); len = 0; } else { str->data = ret; @@ -125,7 +122,7 @@ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len) } /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */ if (len > LIMIT_BEFORE_EXPANSION) { - ERR_raise(ERR_LIB_BUF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_BUF, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } n = (len + 3) / 3 * 4; @@ -134,7 +131,6 @@ size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len) else ret = OPENSSL_clear_realloc(str->data, str->max, n); if (ret == NULL) { - ERR_raise(ERR_LIB_BUF, ERR_R_MALLOC_FAILURE); len = 0; } else { str->data = ret; diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c index 15968f74c4..b7cbba90c0 100644 --- a/crypto/cmac/cmac.c +++ b/crypto/cmac/cmac.c @@ -53,10 +53,8 @@ CMAC_CTX *CMAC_CTX_new(void) { CMAC_CTX *ctx; - if ((ctx = OPENSSL_malloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_malloc(sizeof(*ctx))) == NULL) return NULL; - } ctx->cctx = EVP_CIPHER_CTX_new(); if (ctx->cctx == NULL) { OPENSSL_free(ctx); diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c index 0fcb3c7ae5..b1088009f1 100644 --- a/crypto/cmp/cmp_ctx.c +++ b/crypto/cmp/cmp_ctx.c @@ -111,7 +111,7 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) ctx->libctx = libctx; if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) - goto oom; + goto err; ctx->log_verbosity = OSSL_CMP_LOG_INFO; @@ -121,8 +121,10 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) ctx->keep_alive = 1; ctx->msg_timeout = -1; - if ((ctx->untrusted = sk_X509_new_null()) == NULL) - goto oom; + if ((ctx->untrusted = sk_X509_new_null()) == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); + goto err; + } ctx->pbm_slen = 16; if (!cmp_ctx_set_md(ctx, &ctx->pbm_owf, NID_sha256)) @@ -138,8 +140,6 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) /* all other elements are initialized to 0 or NULL, respectively */ return ctx; - oom: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); err: OSSL_CMP_CTX_free(ctx); return NULL; diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c index c6c75f3bc1..837f7523dd 100644 --- a/crypto/cmp/cmp_msg.c +++ b/crypto/cmp/cmp_msg.c @@ -1109,7 +1109,7 @@ OSSL_CMP_MSG *OSSL_CMP_MSG_read(const char *file, OSSL_LIB_CTX *libctx, msg = OSSL_CMP_MSG_new(libctx, propq); if (msg == NULL) { - ERR_raise(ERR_LIB_CMP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMP, ERR_R_CMP_LIB); return NULL; } diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c index 6a7c049ef3..40b20249a3 100644 --- a/crypto/cms/cms_dd.c +++ b/crypto/cms/cms_dd.c @@ -66,7 +66,7 @@ int ossl_cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, CMS_DigestedData *dd; if (mctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c index 150b9ee4e1..1bca2f7c62 100644 --- a/crypto/cms/cms_enc.c +++ b/crypto/cms/cms_enc.c @@ -44,7 +44,7 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, b = BIO_new(BIO_f_cipher()); if (b == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_BIO_LIB); return NULL; } @@ -116,10 +116,8 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, /* Generate random session key */ if (!enc || !ec->key) { tkey = OPENSSL_malloc(tkeylen); - if (tkey == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (tkey == NULL) goto err; - } if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0) goto err; } @@ -163,7 +161,7 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, if (enc) { calg->parameter = ASN1_TYPE_new(); if (calg->parameter == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); goto err; } if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)) { @@ -206,10 +204,8 @@ int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, { ec->cipher = cipher; if (key) { - if ((ec->key = OPENSSL_malloc(keylen)) == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if ((ec->key = OPENSSL_malloc(keylen)) == NULL) return 0; - } memcpy(ec->key, key, keylen); } ec->keylen = keylen; @@ -230,7 +226,7 @@ int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, if (ciph) { cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData); if (!cms->d.encryptedData) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); return 0; } cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted); diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 4648cd1372..7887defe25 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -66,7 +66,7 @@ static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms) if (cms->d.other == NULL) { cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData); if (cms->d.envelopedData == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); return NULL; } cms->d.envelopedData->version = 0; @@ -85,7 +85,7 @@ cms_auth_enveloped_data_init(CMS_ContentInfo *cms) if (cms->d.other == NULL) { cms->d.authEnvelopedData = M_ASN1_new_of(CMS_AuthEnvelopedData); if (cms->d.authEnvelopedData == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); return NULL; } /* Defined in RFC 5083 - Section 2.1. "AuthEnvelopedData Type" */ @@ -222,18 +222,18 @@ CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms == NULL) - goto merr; + goto err; env = cms_enveloped_data_init(cms); if (env == NULL) - goto merr; + goto err; if (!ossl_cms_EncryptedContent_init(env->encryptedContentInfo, cipher, NULL, 0, ossl_cms_get0_cmsctx(cms))) - goto merr; + goto err; return cms; - merr: + err: CMS_ContentInfo_free(cms); - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); return NULL; } @@ -299,7 +299,7 @@ CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx, return cms; merr: CMS_ContentInfo_free(cms); - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); return NULL; } @@ -382,8 +382,10 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip, /* Initialize recipient info */ ri = M_ASN1_new_of(CMS_RecipientInfo); - if (ri == NULL) - goto merr; + if (ri == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } pk = X509_get0_pubkey(recip); if (pk == NULL) { @@ -410,13 +412,13 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip, } - if (!sk_CMS_RecipientInfo_push(ris, ri)) - goto merr; + if (!sk_CMS_RecipientInfo_push(ris, ri)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB); + goto err; + } return ri; - merr: - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); err: M_ASN1_free_of(ri, CMS_RecipientInfo); return NULL; @@ -527,11 +529,8 @@ static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms, goto err; ek = OPENSSL_malloc(eklen); - - if (ek == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (ek == NULL) goto err; - } if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0) goto err; @@ -614,10 +613,8 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, goto err; ek = OPENSSL_malloc(eklen); - if (ek == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (ek == NULL) goto err; - } if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen, ktri->encryptedKey->data, @@ -732,24 +729,32 @@ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, /* Initialize recipient info */ ri = M_ASN1_new_of(CMS_RecipientInfo); - if (!ri) - goto merr; + if (!ri) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo); - if (!ri->d.kekri) - goto merr; + if (!ri->d.kekri) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } ri->type = CMS_RECIPINFO_KEK; kekri = ri->d.kekri; if (otherTypeId) { kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute); - if (kekri->kekid->other == NULL) - goto merr; + if (kekri->kekid->other == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } } - if (!sk_CMS_RecipientInfo_push(ris, ri)) - goto merr; + if (!sk_CMS_RecipientInfo_push(ris, ri)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB); + goto err; + } /* After this point no calls can fail */ @@ -772,8 +777,6 @@ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, return ri; - merr: - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); err: M_ASN1_free_of(ri, CMS_RecipientInfo); return NULL; @@ -884,14 +887,12 @@ static int cms_RecipientInfo_kekri_encrypt(const CMS_ContentInfo *cms, /* 8 byte prefix for AES wrap ciphers */ wkey = OPENSSL_malloc(ec->keylen + 8); - if (wkey == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (wkey == NULL) goto err; - } ctx = EVP_CIPHER_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } @@ -967,14 +968,12 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, } ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8); - if (ukey == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (ukey == NULL) goto err; - } ctx = EVP_CIPHER_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } @@ -1272,7 +1271,7 @@ int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain) env->unprotectedAttrs = sk_X509_ATTRIBUTE_new_null(); if (env->unprotectedAttrs == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB); return 0; } diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c index 6c43dd102a..0885a68216 100644 --- a/crypto/cms/cms_ess.c +++ b/crypto/cms/cms_ess.c @@ -121,13 +121,17 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( CMS_ReceiptRequest *rr; rr = CMS_ReceiptRequest_new(); - if (rr == NULL) - goto merr; + if (rr == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } if (id) ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen); else { - if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32)) - goto merr; + if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32)) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } if (RAND_bytes_ex(libctx, rr->signedContentIdentifier->data, 32, 0) <= 0) goto err; @@ -146,9 +150,6 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( return rr; - merr: - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); - err: CMS_ReceiptRequest_free(rr); return NULL; @@ -169,19 +170,20 @@ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr) int rrderlen, r = 0; rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder); - if (rrderlen < 0) - goto merr; + if (rrderlen < 0) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest, - V_ASN1_SEQUENCE, rrder, rrderlen)) - goto merr; + V_ASN1_SEQUENCE, rrder, rrderlen)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } r = 1; - merr: - if (!r) - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); - + err: OPENSSL_free(rrder); return r; @@ -241,7 +243,7 @@ int ossl_cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src) } if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest, V_ASN1_OCTET_STRING, dig, diglen)) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); return 0; } return 1; diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c index dab70af73c..f5d70e84ce 100644 --- a/crypto/cms/cms_io.c +++ b/crypto/cms/cms_io.c @@ -18,6 +18,7 @@ int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms) { ASN1_OCTET_STRING **pos; + pos = CMS_get0_content(cms); if (pos == NULL) return 0; @@ -29,7 +30,7 @@ int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms) *boundary = &(*pos)->data; return 1; } - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); return 0; } diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index e39fde9e43..d92772d41d 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -60,7 +60,6 @@ CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq) if (ci->ctx.propq == NULL) { CMS_ContentInfo_free(ci); ci = NULL; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); } } } @@ -404,7 +403,7 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached) (*pos)->flags |= ASN1_STRING_FLAG_CONT; return 1; } - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); return 0; } @@ -702,18 +701,23 @@ int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) { CMS_IssuerAndSerialNumber *ias; ias = M_ASN1_new_of(CMS_IssuerAndSerialNumber); - if (!ias) + if (!ias) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); goto err; - if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert))) + } + if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert))) { + ERR_raise(ERR_LIB_CMS, ERR_R_X509_LIB); goto err; - if (!ASN1_STRING_copy(ias->serialNumber, X509_get0_serialNumber(cert))) + } + if (!ASN1_STRING_copy(ias->serialNumber, X509_get0_serialNumber(cert))) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); goto err; + } M_ASN1_free_of(*pias, CMS_IssuerAndSerialNumber); *pias = ias; return 1; err: M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber); - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); return 0; } @@ -728,7 +732,7 @@ int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) } keyid = ASN1_STRING_dup(cert_keyid); if (!keyid) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); return 0; } ASN1_OCTET_STRING_free(*pkeyid); diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index 1f73cb1008..8b5beb2157 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -82,11 +82,12 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, /* Setup algorithm identifier for cipher */ encalg = X509_ALGOR_new(); if (encalg == NULL) { - goto merr; + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; } ctx = EVP_CIPHER_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } @@ -110,7 +111,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, } encalg->parameter = ASN1_TYPE_new(); if (!encalg->parameter) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); goto err; } if (EVP_CIPHER_param_to_asn1(ctx, encalg->parameter) <= 0) { @@ -126,12 +127,16 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, /* Initialize recipient info */ ri = M_ASN1_new_of(CMS_RecipientInfo); - if (ri == NULL) - goto merr; + if (ri == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo); - if (ri->d.pwri == NULL) - goto merr; + if (ri->d.pwri == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } ri->type = CMS_RECIPINFO_PASS; pwri = ri->d.pwri; @@ -139,17 +144,23 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, /* Since this is overwritten, free up empty structure already there */ X509_ALGOR_free(pwri->keyEncryptionAlgorithm); pwri->keyEncryptionAlgorithm = X509_ALGOR_new(); - if (pwri->keyEncryptionAlgorithm == NULL) - goto merr; + if (pwri->keyEncryptionAlgorithm == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid); pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new(); - if (pwri->keyEncryptionAlgorithm->parameter == NULL) - goto merr; + if (pwri->keyEncryptionAlgorithm->parameter == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR), &pwri->keyEncryptionAlgorithm->parameter-> - value.sequence)) - goto merr; + value.sequence)) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE; X509_ALGOR_free(encalg); @@ -165,13 +176,13 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, CMS_RecipientInfo_set0_password(ri, pass, passlen); pwri->version = 0; - if (!sk_CMS_RecipientInfo_push(ris, ri)) - goto merr; + if (!sk_CMS_RecipientInfo_push(ris, ri)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB); + goto err; + } return ri; - merr: - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); err: EVP_CIPHER_CTX_free(ctx); if (ri) @@ -201,10 +212,8 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, /* Invalid size */ return 0; } - if ((tmp = OPENSSL_malloc(inlen)) == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if ((tmp = OPENSSL_malloc(inlen)) == NULL) return 0; - } /* setup IV by decrypting last two blocks */ if (!EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl, in + inlen - 2 * blocklen, blocklen * 2) @@ -335,7 +344,7 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, kekctx = EVP_CIPHER_CTX_new(); if (kekctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } /* Fixup cipher based on AlgorithmIdentifier to set IV etc */ @@ -376,11 +385,8 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, pwri->encryptedKey->length = keylen; } else { key = OPENSSL_malloc(pwri->encryptedKey->length); - - if (key == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (key == NULL) goto err; - } if (!kek_unwrap_key(key, &keylen, pwri->encryptedKey->data, pwri->encryptedKey->length, kekctx)) { diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 63f90f1173..be8834d5f1 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -38,7 +38,7 @@ static CMS_SignedData *cms_signed_data_init(CMS_ContentInfo *cms) if (cms->d.other == NULL) { cms->d.signedData = M_ASN1_new_of(CMS_SignedData); if (!cms->d.signedData) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); return NULL; } cms->d.signedData->version = 1; @@ -349,8 +349,10 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, if (!sd) goto err; si = M_ASN1_new_of(CMS_SignerInfo); - if (!si) - goto merr; + if (!si) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } /* Call for side-effect of computing hash and caching extensions */ X509_check_purpose(signer, -1, -1); @@ -364,7 +366,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, si->pctx = NULL; if (si->mctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } @@ -413,12 +415,15 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, } if (i == sk_X509_ALGOR_num(sd->digestAlgorithms)) { - if ((alg = X509_ALGOR_new()) == NULL) - goto merr; + if ((alg = X509_ALGOR_new()) == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_ASN1_LIB); + goto err; + } X509_ALGOR_set_md(alg, md); if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg)) { X509_ALGOR_free(alg); - goto merr; + ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB); + goto err; } } @@ -431,8 +436,10 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, */ if (!si->signedAttrs) { si->signedAttrs = sk_X509_ATTRIBUTE_new_null(); - if (!si->signedAttrs) - goto merr; + if (!si->signedAttrs) { + ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB); + goto err; + } } if (!(flags & CMS_NOSMIMECAP)) { @@ -442,8 +449,10 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, if (i) i = CMS_add_smimecap(si, smcap); sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); - if (!i) - goto merr; + if (!i) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } } if (flags & CMS_CADES) { ESS_SIGNING_CERT *sc = NULL; @@ -479,8 +488,10 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, if (!(flags & CMS_NOCERTS)) { /* NB ignore -1 return for duplicate cert */ - if (!CMS_add1_cert(cms, signer)) - goto merr; + if (!CMS_add1_cert(cms, signer)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } } if (flags & CMS_KEY_PARAM) { @@ -503,15 +514,15 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, } } - if (!sd->signerInfos) + if (sd->signerInfos == NULL) sd->signerInfos = sk_CMS_SignerInfo_new_null(); - if (!sd->signerInfos || !sk_CMS_SignerInfo_push(sd->signerInfos, si)) - goto merr; + if (sd->signerInfos == NULL || !sk_CMS_SignerInfo_push(sd->signerInfos, si)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CRYPTO_LIB); + goto err; + } return si; - merr: - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); err: M_ASN1_free_of(si, CMS_SignerInfo); return NULL; @@ -546,21 +557,22 @@ static int cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t) else tt = X509_gmtime_adj(NULL, 0); - if (tt == NULL) - goto merr; + if (tt == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_X509_LIB); + goto err; + } if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_signingTime, - tt->type, tt, -1) <= 0) - goto merr; + tt->type, tt, -1) <= 0) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } r = 1; - merr: + err: if (t == NULL) ASN1_TIME_free(tt); - if (!r) - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); - return r; } @@ -703,7 +715,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, const CMS_CTX *ctx = ossl_cms_get0_cmsctx(cms); if (mctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); return 0; } @@ -751,10 +763,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, } siglen = EVP_PKEY_get_size(si->pkey); sig = OPENSSL_malloc(siglen); - if (sig == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (sig == NULL) goto err; - } if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0) { OPENSSL_free(sig); goto err; @@ -769,10 +779,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, goto err; } sig = OPENSSL_malloc(EVP_PKEY_get_size(si->pkey)); - if (sig == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (sig == NULL) goto err; - } if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey, ossl_cms_ctx_get0_libctx(ctx), ossl_cms_ctx_get0_propq(ctx))) { @@ -909,7 +917,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) (void)ERR_pop_to_mark(); if (si->mctx == NULL && (si->mctx = EVP_MD_CTX_new()) == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } mctx = si->mctx; @@ -982,7 +990,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain) unsigned int mlen; if (mctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); goto err; } /* If we have any signed attributes look for messageDigest value */ diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index ea40873e6a..fe0850b93e 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -39,7 +39,7 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags) tmpout = cms_get_text_bio(out, flags); if (tmpout == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); goto err; } @@ -271,7 +271,7 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si, ctx = X509_STORE_CTX_new_ex(ossl_cms_ctx_get0_libctx(cms_ctx), ossl_cms_ctx_get0_propq(cms_ctx)); if (ctx == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_X509_LIB); goto err; } CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); @@ -356,10 +356,8 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, if (cadesVerify) { /* Certificate trust chain is required to check CAdES signature */ si_chains = OPENSSL_zalloc(scount * sizeof(si_chains[0])); - if (si_chains == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + if (si_chains == NULL) goto err; - } } cms_certs = CMS_get1_certs(cms); if (!(flags & CMS_NOCRL)) @@ -406,7 +404,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, len = BIO_get_mem_data(dcont, &ptr); tmpin = (len == 0) ? dcont : BIO_new_mem_buf(ptr, len); if (tmpin == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_BIO_LIB); goto err2; } } else { @@ -423,7 +421,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, */ tmpout = cms_get_text_bio(out, flags); if (tmpout == NULL) { - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); goto err; } cmsbio = CMS_dataInit(cms, tmpout); @@ -511,12 +509,16 @@ CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, int i; cms = CMS_ContentInfo_new_ex(libctx, propq); - if (cms == NULL || !CMS_SignedData_init(cms)) - goto merr; + if (cms == NULL || !CMS_SignedData_init(cms)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } if (flags & CMS_ASCIICRLF && !CMS_set1_eContentType(cms, - OBJ_nid2obj(NID_id_ct_asciiTextWithCRLF))) + OBJ_nid2obj(NID_id_ct_asciiTextWithCRLF))) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); goto err; + } if (pkey != NULL && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) { ERR_raise(ERR_LIB_CMS, CMS_R_ADD_SIGNER_ERROR); @@ -526,8 +528,10 @@ CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, for (i = 0; i < sk_X509_num(certs); i++) { X509 *x = sk_X509_value(certs, i); - if (!CMS_add1_cert(cms, x)) - goto merr; + if (!CMS_add1_cert(cms, x)) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } } if (!(flags & CMS_DETACHED)) @@ -539,9 +543,6 @@ CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, else goto err; - merr: - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); - err: CMS_ContentInfo_free(cms); return NULL; @@ -637,8 +638,10 @@ CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *data, cms = (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) ? CMS_AuthEnvelopedData_create_ex(cipher, libctx, propq) : CMS_EnvelopedData_create_ex(cipher, libctx, propq); - if (cms == NULL) - goto merr; + if (cms == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); + goto err; + } for (i = 0; i < sk_X509_num(certs); i++) { recip = sk_X509_value(certs, i); if (!CMS_add1_recipient_cert(cms, recip, flags)) { @@ -654,10 +657,8 @@ CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *data, || CMS_final(cms, data, NULL, flags)) return cms; else - goto err; + ERR_raise(ERR_LIB_CMS, ERR_R_CMS_LIB); - merr: - ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); err: CMS_ContentInfo_free(cms); return NULL; diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c index 9a7087e444..4ab876b59f 100644 --- a/crypto/comp/c_zlib.c +++ b/crypto/comp/c_zlib.c @@ -321,10 +321,8 @@ static int bio_zlib_new(BIO *bi) } # endif ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_COMP, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return 0; - } ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE; ctx->obufsize = ZLIB_DEFAULT_BUFSIZE; ctx->zin.zalloc = Z_NULL; @@ -376,10 +374,8 @@ static int bio_zlib_read(BIO *b, char *out, int outl) BIO_clear_retry_flags(b); if (!ctx->ibuf) { ctx->ibuf = OPENSSL_malloc(ctx->ibufsize); - if (ctx->ibuf == NULL) { - ERR_raise(ERR_LIB_COMP, ERR_R_MALLOC_FAILURE); + if (ctx->ibuf == NULL) return 0; - } if ((ret = inflateInit(zin)) != Z_OK) { ERR_raise_data(ERR_LIB_COMP, COMP_R_ZLIB_INFLATE_ERROR, "zlib error: %s", zError(ret)); @@ -441,10 +437,8 @@ static int bio_zlib_write(BIO *b, const char *in, int inl) if (!ctx->obuf) { ctx->obuf = OPENSSL_malloc(ctx->obufsize); /* Need error here */ - if (ctx->obuf == NULL) { - ERR_raise(ERR_LIB_COMP, ERR_R_MALLOC_FAILURE); + if (ctx->obuf == NULL) return 0; - } ctx->optr = ctx->obuf; ctx->ocount = 0; if ((ret = deflateInit(zout, ctx->comp_level)) != Z_OK) { diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c index bf9069d871..c5946fecdb 100644 --- a/crypto/comp/comp_lib.c +++ b/crypto/comp/comp_lib.c @@ -19,10 +19,8 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) { COMP_CTX *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_COMP, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } ret->meth = meth; if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { OPENSSL_free(ret); diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 5370e06bf9..b6b56cd967 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -233,13 +233,11 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) } section = OPENSSL_strdup("default"); - if (section == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + if (section == NULL) goto err; - } if (_CONF_new_data(conf) == 0) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CONF_LIB); goto err; } @@ -425,10 +423,8 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) goto err; } else if (strcmp(p, "includedir") == 0) { OPENSSL_free(conf->includedir); - if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) goto err; - } } /* @@ -458,7 +454,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) include_path = OPENSSL_malloc(newlen); if (include_path == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); OPENSSL_free(include); goto err; } @@ -495,13 +490,13 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) /* push the currently processing BIO onto stack */ if (biosk == NULL) { if ((biosk = sk_BIO_new_null()) == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB); BIO_free(next); goto err; } } if (!sk_BIO_push(biosk, in)) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB); BIO_free(next); goto err; } @@ -519,16 +514,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) start = eat_ws(conf, p); trim_ws(conf, start); - if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) goto err; - } v->name = OPENSSL_strdup(pname); v->value = NULL; - if (v->name == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + if (v->name == NULL) goto err; - } if (!str_copy(conf, psection, &(v->value), start)) goto err; @@ -544,7 +535,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) } else tv = sv; if (_CONF_add_string(conf, tv, v) == 0) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CONF_LIB); goto err; } v = NULL; @@ -757,7 +748,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) goto err; } if (!BUF_MEM_grow_clean(buf, newsize)) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB); goto err; } while (*p) @@ -849,10 +840,8 @@ static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx) newlen = pathlen + namelen + 2; newpath = OPENSSL_zalloc(newlen); - if (newpath == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + if (newpath == NULL) break; - } #ifdef OPENSSL_SYS_VMS /* * If the given path isn't clear VMS syntax, diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index 1766facd65..05e7bf19cc 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -188,7 +188,7 @@ CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth) ret = meth->create(meth); if (ret == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CONF_LIB); return NULL; } ret->libctx = libctx; diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index 2de47e8e42..148ce6b524 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -100,7 +100,7 @@ DEFINE_RUN_ONCE_STATIC(do_init_module_list_lock) { module_list_lock = CRYPTO_THREAD_lock_new(); if (module_list_lock == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB); return 0; } @@ -332,10 +332,8 @@ static CONF_MODULE *module_add(DSO *dso, const char *name, supported_modules = sk_CONF_MODULE_new_null(); if (supported_modules == NULL) goto err; - if ((tmod = OPENSSL_zalloc(sizeof(*tmod))) == NULL) { - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + if ((tmod = OPENSSL_zalloc(sizeof(*tmod))) == NULL) goto err; - } tmod->dso = dso; tmod->name = OPENSSL_strdup(name); @@ -435,14 +433,14 @@ static int module_init(CONF_MODULE *pmod, const char *name, const char *value, initialized_modules = sk_CONF_IMODULE_new_null(); if (initialized_modules == NULL) { CRYPTO_THREAD_unlock(module_list_lock); - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB); goto err; } } if (!sk_CONF_IMODULE_push(initialized_modules, imod)) { CRYPTO_THREAD_unlock(module_list_lock); - ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB); goto err; } diff --git a/crypto/core_algorithm.c b/crypto/core_algorithm.c index b685183ab8..16055bad30 100644 --- a/crypto/core_algorithm.c +++ b/crypto/core_algorithm.c @@ -193,7 +193,5 @@ char *ossl_algorithm_get1_first_name(const OSSL_ALGORITHM *algo) first_name_len = first_name_end - algo->algorithm_names; ret = OPENSSL_strndup(algo->algorithm_names, first_name_len); - if (ret == NULL) - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); return ret; } diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c index d3f783962a..2535442063 100644 --- a/crypto/ct/ct_b64.c +++ b/crypto/ct/ct_b64.c @@ -34,10 +34,8 @@ static int ct_base64_decode(const char *in, unsigned char **out) outlen = (inlen / 4) * 3; outbuf = OPENSSL_malloc(outlen); - if (outbuf == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (outbuf == NULL) goto err; - } outlen = EVP_DecodeBlock(outbuf, (unsigned char *)in, inlen); if (outlen < 0) { @@ -71,7 +69,7 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, int declen; if (sct == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CT, ERR_R_CT_LIB); return NULL; } diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c index ec6ac1dd7f..95084dc76f 100644 --- a/crypto/ct/ct_log.c +++ b/crypto/ct/ct_log.c @@ -62,9 +62,6 @@ static CTLOG_STORE_LOAD_CTX *ctlog_store_load_ctx_new(void) { CTLOG_STORE_LOAD_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); - return ctx; } @@ -104,23 +101,19 @@ CTLOG_STORE *CTLOG_STORE_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { CTLOG_STORE *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->libctx = libctx; if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); - if (ret->propq == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (ret->propq == NULL) goto err; - } } ret->logs = sk_CTLOG_new_null(); if (ret->logs == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CT, ERR_R_CRYPTO_LIB); goto err; } @@ -196,7 +189,7 @@ static int ctlog_store_load_log(const char *log_name, int log_name_len, tmp = OPENSSL_strndup(log_name, log_name_len); if (tmp == NULL) - goto mem_err; + return -1; ret = ctlog_new_from_conf(load_ctx->log_store, &ct_log, load_ctx->conf, tmp); OPENSSL_free(tmp); @@ -212,14 +205,11 @@ static int ctlog_store_load_log(const char *log_name, int log_name_len, } if (!sk_CTLOG_push(load_ctx->log_store->logs, ct_log)) { - goto mem_err; + CTLOG_free(ct_log); + ERR_raise(ERR_LIB_CT, ERR_R_CRYPTO_LIB); + return -1; } return 1; - -mem_err: - CTLOG_free(ct_log); - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); - return -1; } int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file) @@ -269,25 +259,19 @@ CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OSSL_LIB_CTX *libctx { CTLOG *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->libctx = libctx; if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); - if (ret->propq == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (ret->propq == NULL) goto err; - } } ret->name = OPENSSL_strdup(name); - if (ret->name == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (ret->name == NULL) goto err; - } if (ct_v1_log_id_from_pkey(ret, public_key) != 1) goto err; diff --git a/crypto/ct/ct_oct.c b/crypto/ct/ct_oct.c index 72a4337479..145b277109 100644 --- a/crypto/ct/ct_oct.c +++ b/crypto/ct/ct_oct.c @@ -178,10 +178,8 @@ int i2o_SCT_signature(const SCT *sct, unsigned char **out) *out += len; } else { pstart = p = OPENSSL_malloc(len); - if (p == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (p == NULL) goto err; - } *out = p; } @@ -225,10 +223,8 @@ int i2o_SCT(const SCT *sct, unsigned char **out) *out += len; } else { pstart = p = OPENSSL_malloc(len); - if (p == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (p == NULL) goto err; - } *out = p; } @@ -330,10 +326,8 @@ int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp) ERR_raise(ERR_LIB_CT, CT_R_SCT_LIST_INVALID); return -1; } - if ((*pp = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if ((*pp = OPENSSL_malloc(len)) == NULL) return -1; - } is_pp_new = 1; } p = *pp + 2; diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c index ad792b740d..725be7ce2a 100644 --- a/crypto/ct/ct_policy.c +++ b/crypto/ct/ct_policy.c @@ -31,16 +31,13 @@ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OSSL_LIB_CTX *libctx, CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX)); OSSL_TIME now; - if (ctx == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->libctx = libctx; if (propq != NULL) { ctx->propq = OPENSSL_strdup(propq); if (ctx->propq == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); OPENSSL_free(ctx); return NULL; } diff --git a/crypto/ct/ct_sct.c b/crypto/ct/ct_sct.c index 10a67ed6d6..ec87d02309 100644 --- a/crypto/ct/ct_sct.c +++ b/crypto/ct/ct_sct.c @@ -23,10 +23,8 @@ SCT *SCT_new(void) { SCT *sct = OPENSSL_zalloc(sizeof(*sct)); - if (sct == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (sct == NULL) return NULL; - } sct->entry_type = CT_LOG_ENTRY_TYPE_NOT_SET; sct->version = SCT_VERSION_NOT_SET; @@ -105,10 +103,8 @@ int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len) if (log_id != NULL && log_id_len > 0) { sct->log_id = OPENSSL_memdup(log_id, log_id_len); - if (sct->log_id == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (sct->log_id == NULL) return 0; - } sct->log_id_len = log_id_len; } return 1; @@ -157,10 +153,8 @@ int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len) if (ext != NULL && ext_len > 0) { sct->ext = OPENSSL_memdup(ext, ext_len); - if (sct->ext == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (sct->ext == NULL) return 0; - } sct->ext_len = ext_len; } return 1; @@ -183,10 +177,8 @@ int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len) if (sig != NULL && sig_len > 0) { sct->sig = OPENSSL_memdup(sig, sig_len); - if (sct->sig == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (sct->sig == NULL) return 0; - } sct->sig_len = sig_len; } return 1; diff --git a/crypto/ct/ct_sct_ctx.c b/crypto/ct/ct_sct_ctx.c index 8653684814..effd724a0a 100644 --- a/crypto/ct/ct_sct_ctx.c +++ b/crypto/ct/ct_sct_ctx.c @@ -24,16 +24,13 @@ SCT_CTX *SCT_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) { SCT_CTX *sctx = OPENSSL_zalloc(sizeof(*sctx)); - if (sctx == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); + if (sctx == NULL) return NULL; - } sctx->libctx = libctx; if (propq != NULL) { sctx->propq = OPENSSL_strdup(propq); if (sctx->propq == NULL) { - ERR_raise(ERR_LIB_CT, ERR_R_MALLOC_FAILURE); OPENSSL_free(sctx); return NULL; } diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 8430872a9a..80e1612256 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -121,12 +121,12 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) str = ASN1_STRING_new(); if (str == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_ASN1_LIB); goto err; } str->length = i2d_dhp(pkey, dh, &str->data); if (str->length <= 0) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_ASN1_LIB); goto err; } ptype = V_ASN1_SEQUENCE; @@ -140,7 +140,7 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) ASN1_INTEGER_free(pub_key); if (penclen <= 0) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_ASN1_LIB); goto err; } @@ -184,13 +184,13 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_ASN1_LIB); goto err; } params->length = i2d_dhp(pkey, pkey->pkey.dh, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_ASN1_LIB); goto err; } params->type = V_ASN1_SEQUENCE; @@ -514,7 +514,7 @@ static int dh_pkey_import_from_type(const OSSL_PARAM params[], void *vpctx, DH *dh = ossl_dh_new_ex(pctx->libctx); if (dh == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_DH_LIB); return 0; } DH_clear_flags(dh, DH_FLAG_TYPE_MASK); diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c index 4152397426..f1f4fb6a37 100644 --- a/crypto/dh/dh_err.c +++ b/crypto/dh/dh_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -42,6 +42,7 @@ static const ERR_STRING_DATA DH_str_reasons[] = { "invalid parameter nid"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PUBKEY), "invalid public key"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_SECRET), "invalid secret"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_SIZE), "invalid size"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEYS_NOT_SET), "keys not set"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_MISSING_PUBKEY), "missing pubkey"}, diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 4e9705beef..0854395fc5 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -418,14 +418,15 @@ size_t ossl_dh_key2buf(const DH *dh, unsigned char **pbuf_out, size_t size, if (!alloc) { if (size >= (size_t)p_size) pbuf = *pbuf_out; + if (pbuf == NULL) + ERR_raise(ERR_LIB_DH, DH_R_INVALID_SIZE); } else { pbuf = OPENSSL_malloc(p_size); } - if (pbuf == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + /* Errors raised above */ + if (pbuf == NULL) return 0; - } /* * As per Section 4.2.8.1 of RFC 8446 left pad public * key with zeros to the size of p diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 29cda5d7bf..575442eceb 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -75,15 +75,13 @@ static DH *dh_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx) { DH *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } diff --git a/crypto/dh/dh_meth.c b/crypto/dh/dh_meth.c index 5c15cd2b8c..f5652e0785 100644 --- a/crypto/dh/dh_meth.c +++ b/crypto/dh/dh_meth.c @@ -31,7 +31,6 @@ DH_METHOD *DH_meth_new(const char *name, int flags) OPENSSL_free(dhm); } - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); return NULL; } @@ -57,7 +56,6 @@ DH_METHOD *DH_meth_dup(const DH_METHOD *dhm) OPENSSL_free(ret); } - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); return NULL; } @@ -70,10 +68,8 @@ int DH_meth_set1_name(DH_METHOD *dhm, const char *name) { char *tmpname = OPENSSL_strdup(name); - if (tmpname == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + if (tmpname == NULL) return 0; - } OPENSSL_free(dhm->name); dhm->name = tmpname; diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index bd7902c433..c11ada9826 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -55,10 +55,8 @@ static int pkey_dh_init(EVP_PKEY_CTX *ctx) { DH_PKEY_CTX *dctx; - if ((dctx = OPENSSL_zalloc(sizeof(*dctx))) == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + if ((dctx = OPENSSL_zalloc(sizeof(*dctx))) == NULL) return 0; - } dctx->prime_len = 2048; dctx->subprime_len = -1; dctx->generator = 2; @@ -445,10 +443,8 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, ret = 0; if ((Zlen = DH_size(dh)) <= 0) return 0; - if ((Z = OPENSSL_malloc(Zlen)) == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + if ((Z = OPENSSL_malloc(Zlen)) == NULL) return 0; - } if (DH_compute_key_padded(Z, dhpubbn, dh) <= 0) goto err; if (!DH_KDF_X9_42(key, *keylen, Z, Zlen, dctx->kdf_oid, diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 482b9e1e0a..15a5266ca4 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -54,7 +54,7 @@ static int dsa_pub_decode(EVP_PKEY *pkey, const X509_PUBKEY *pubkey) } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) { if ((dsa = DSA_new()) == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_DSA_LIB); goto err; } } else { @@ -101,12 +101,12 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) && dsa->params.g != NULL) { str = ASN1_STRING_new(); if (str == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_ASN1_LIB); goto err; } str->length = i2d_DSAparams(dsa, &str->data); if (str->length <= 0) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_ASN1_LIB); goto err; } ptype = V_ASN1_SEQUENCE; @@ -116,7 +116,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL); if (pubint == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_ASN1_LIB); goto err; } @@ -124,7 +124,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) ASN1_INTEGER_free(pubint); if (penclen <= 0) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_ASN1_LIB); goto err; } @@ -175,13 +175,13 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_ASN1_LIB); goto err; } params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_ASN1_LIB); goto err; } params->type = V_ASN1_SEQUENCE; @@ -483,7 +483,7 @@ static int dsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx) DSA *dsa = ossl_dsa_new(pctx->libctx); if (dsa == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_DSA_LIB); return 0; } diff --git a/crypto/dsa/dsa_backend.c b/crypto/dsa/dsa_backend.c index f9a71bdc9e..924ccbdc0b 100644 --- a/crypto/dsa/dsa_backend.c +++ b/crypto/dsa/dsa_backend.c @@ -158,11 +158,11 @@ DSA *ossl_dsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, } /* Calculate public key */ if ((dsa_pubkey = BN_new()) == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_BN_LIB); goto dsaerr; } if ((ctx = BN_CTX_new()) == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_BN_LIB); goto dsaerr; } diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index ccc7016592..333885a01a 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -134,15 +134,13 @@ static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx) { DSA *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSA, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } diff --git a/crypto/dsa/dsa_meth.c b/crypto/dsa/dsa_meth.c index 2f0a0bf460..f2b759a9de 100644 --- a/crypto/dsa/dsa_meth.c +++ b/crypto/dsa/dsa_meth.c @@ -32,7 +32,6 @@ DSA_METHOD *DSA_meth_new(const char *name, int flags) OPENSSL_free(dsam); } - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); return NULL; } @@ -58,7 +57,6 @@ DSA_METHOD *DSA_meth_dup(const DSA_METHOD *dsam) OPENSSL_free(ret); } - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); return NULL; } @@ -71,10 +69,8 @@ int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name) { char *tmpname = OPENSSL_strdup(name); - if (tmpname == NULL) { - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + if (tmpname == NULL) return 0; - } OPENSSL_free(dsam->name); dsam->name = tmpname; diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c index 21b0cbd5fb..d942fa2afe 100644 --- a/crypto/dsa/dsa_sign.c +++ b/crypto/dsa/dsa_sign.c @@ -34,8 +34,7 @@ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) DSA_SIG *DSA_SIG_new(void) { DSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig)); - if (sig == NULL) - ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); + return sig; } diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c index f4e6e5f457..ac94254807 100644 --- a/crypto/dso/dso_dl.c +++ b/crypto/dso/dso_dl.c @@ -165,20 +165,16 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) */ if (!filespec2 || filespec1[0] == '/') { merged = OPENSSL_strdup(filespec1); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } } /* * If the first file specification is missing, the second one rules. */ else if (!filespec1) { merged = OPENSSL_strdup(filespec2); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } } else /* * This part isn't as trivial as it looks. It assumes that the @@ -198,10 +194,8 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) len--; } merged = OPENSSL_malloc(len + 2); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } strcpy(merged, filespec2); merged[spec2len] = '/'; strcpy(&merged[spec2len + 1], filespec1); diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c index c292b41c43..2befd67248 100644 --- a/crypto/dso/dso_dlfcn.c +++ b/crypto/dso/dso_dlfcn.c @@ -207,20 +207,16 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, */ if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) { merged = OPENSSL_strdup(filespec1); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } } /* * If the first file specification is missing, the second one rules. */ else if (!filespec1) { merged = OPENSSL_strdup(filespec2); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } } else { /* * This part isn't as trivial as it looks. It assumes that the @@ -239,10 +235,8 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, len--; } merged = OPENSSL_malloc(len + 2); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } strcpy(merged, filespec2); merged[spec2len] = '/'; strcpy(&merged[spec2len + 1], filespec1); diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index e093b77a27..a73d91e839 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -15,14 +15,12 @@ static DSO *DSO_new_method(DSO_METHOD *meth) DSO *ret; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->meth_data = sk_void_new_null(); if (ret->meth_data == NULL) { /* sk_new doesn't generate any errors so we do */ - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSO, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -30,7 +28,7 @@ static DSO *DSO_new_method(DSO_METHOD *meth) ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSO, ERR_R_CRYPTO_LIB); sk_void_free(ret->meth_data); OPENSSL_free(ret); return NULL; @@ -114,7 +112,7 @@ DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags) if (dso == NULL) { ret = DSO_new_method(meth); if (ret == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSO, ERR_R_DSO_LIB); goto err; } allocated = 1; @@ -241,10 +239,8 @@ int DSO_set_filename(DSO *dso, const char *filename) } /* We'll duplicate filename */ copied = OPENSSL_strdup(filename); - if (copied == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (copied == NULL) return 0; - } OPENSSL_free(dso->filename); dso->filename = copied; return 1; @@ -289,10 +285,8 @@ char *DSO_convert_filename(DSO *dso, const char *filename) } if (result == NULL) { result = OPENSSL_strdup(filename); - if (result == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (result == NULL) return NULL; - } } return result; } diff --git a/crypto/dso/dso_vms.c b/crypto/dso/dso_vms.c index aa2dfaa4d1..1afa222dbc 100644 --- a/crypto/dso/dso_vms.c +++ b/crypto/dso/dso_vms.c @@ -27,8 +27,21 @@ # pragma pointer_size save # pragma pointer_size 32 void *_malloc32(__size_t); +static void *dso_malloc(__size_t num, const char *file, int line) +{ + void *ret = _malloc32(num); + if (ret == NULL && (file != NULL || line != 0)) { + ERR_new(); + ERR_set_debug(file, line, NULL); + ERR_set_error(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE, NULL); + } + return ret; +} +# define DSO_MALLOC(num) dso_malloc((num), OPENSSL_FILE, OPENSSL_LINE) # pragma pointer_size restore -# endif /* __INITIAL_POINTER_SIZE == 64 */ +# else /* __INITIAL_POINTER_SIZE == 64 */ +# define DSO_MALLOC OPENSSL_malloc +# endif /* __INITIAL_POINTER_SIZE == 64 [else] */ # endif /* __INITIAL_POINTER_SIZE && defined * _ANSI_C_SOURCE */ @@ -88,19 +101,19 @@ static int vms_load(DSO *dso) char *filename = DSO_convert_filename(dso, NULL); /* Ensure 32-bit pointer for "p", and appropriate malloc() function. */ -# if __INITIAL_POINTER_SIZE == 64 -# define DSO_MALLOC _malloc32 -# pragma pointer_size save -# pragma pointer_size 32 -# else /* __INITIAL_POINTER_SIZE == 64 */ -# define DSO_MALLOC OPENSSL_malloc -# endif /* __INITIAL_POINTER_SIZE == 64 [else] */ +# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE +# if __INITIAL_POINTER_SIZE == 64 +# pragma pointer_size save +# pragma pointer_size 32 +# endif /* __INITIAL_POINTER_SIZE == 64 */ DSO_VMS_INTERNAL *p = NULL; -# if __INITIAL_POINTER_SIZE == 64 -# pragma pointer_size restore -# endif /* __INITIAL_POINTER_SIZE == 64 */ +# if __INITIAL_POINTER_SIZE == 64 +# pragma pointer_size restore +# endif /* __INITIAL_POINTER_SIZE == 64 */ +# endif /* __INITIAL_POINTER_SIZE && defined + * _ANSI_C_SOURCE */ const char *sp1, *sp2; /* Search result */ const char *ext = NULL; /* possible extension to add */ @@ -174,10 +187,8 @@ static int vms_load(DSO *dso) } p = DSO_MALLOC(sizeof(*p)); - if (p == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (p == NULL) goto err; - } strncpy(p->filename, sp1, sp2 - sp1); p->filename[sp2 - sp1] = '\0'; @@ -443,12 +454,10 @@ static char *vms_merger(DSO *dso, const char *filespec1, merged = OPENSSL_malloc(nam.NAMX_ESL + 1); if (merged == NULL) - goto malloc_err; + return NULL; strncpy(merged, nam.NAMX_ESA, nam.NAMX_ESL); merged[nam.NAMX_ESL] = '\0'; return merged; - malloc_err: - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); } static char *vms_name_converter(DSO *dso, const char *filename) diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c index 20fa3dce7d..43210e3d98 100644 --- a/crypto/dso/dso_win32.c +++ b/crypto/dso/dso_win32.c @@ -110,10 +110,8 @@ static int win32_load(DSO *dso) goto err; } p = OPENSSL_malloc(sizeof(*p)); - if (p == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (p == NULL) goto err; - } *p = h; if (!sk_void_push(dso->meth_data, p)) { ERR_raise(ERR_LIB_DSO, DSO_R_STACK_ERROR); @@ -214,10 +212,8 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename, } result = OPENSSL_zalloc(sizeof(*result)); - if (result == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (result == NULL) return NULL; - } position = IN_DEVICE; @@ -333,10 +329,8 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split) } result = OPENSSL_malloc(len + 1); - if (result == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (result == NULL) return NULL; - } if (file_split->node) { strcpy(&result[offset], "\\\\"); @@ -399,25 +393,21 @@ static char *win32_merger(DSO *dso, const char *filespec1, } if (!filespec2) { merged = OPENSSL_strdup(filespec1); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } } else if (!filespec1) { merged = OPENSSL_strdup(filespec2); - if (merged == NULL) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + if (merged == NULL) return NULL; - } } else { filespec1_split = win32_splitter(dso, filespec1, 0); if (!filespec1_split) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSO, ERR_R_DSO_LIB); return NULL; } filespec2_split = win32_splitter(dso, filespec2, 1); if (!filespec2_split) { - ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DSO, ERR_R_DSO_LIB); OPENSSL_free(filespec1_split); return NULL; } diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c index 79884c72bb..d9fee26612 100644 --- a/crypto/ec/ec2_smpl.c +++ b/crypto/ec/ec2_smpl.c @@ -188,7 +188,7 @@ int ossl_ec_GF2m_simple_group_check_discriminant(const EC_GROUP *group, if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } } @@ -826,7 +826,7 @@ int ec_GF2m_simple_ladder_post(const EC_GROUP *group, t1 = BN_CTX_get(ctx); t2 = BN_CTX_get(ctx); if (t2 == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -905,7 +905,7 @@ int ec_GF2m_simple_points_mul(const EC_GROUP *group, EC_POINT *r, */ if ((t = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); return 0; } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 50adca042a..e9866a4e69 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -611,7 +611,7 @@ static int ec_pkey_import_from(const OSSL_PARAM params[], void *vpctx) EC_KEY *ec = EC_KEY_new_ex(pctx->libctx, pctx->propquery); if (ec == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); return 0; } diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 3d9fc197e9..b32697fb85 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -206,7 +206,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) if (nid == NID_X9_62_prime_field) { if ((tmp = BN_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } /* the parameters are specified by the prime number p */ @@ -235,7 +235,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) char_two = field->p.char_two; if (char_two == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } @@ -261,7 +261,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) char_two->p.tpBasis = ASN1_INTEGER_new(); if (char_two->p.tpBasis == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k)) { @@ -276,7 +276,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) char_two->p.ppBasis = X9_62_PENTANOMIAL_new(); if (char_two->p.ppBasis == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } @@ -289,7 +289,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) /* for ONB the parameters are (asn1) NULL */ char_two->p.onBasis = ASN1_NULL_new(); if (char_two->p.onBasis == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } } @@ -318,7 +318,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) return 0; if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -335,10 +335,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) */ len = ((size_t)EC_GROUP_get_degree(group) + 7) / 8; if ((a_buf = OPENSSL_malloc(len)) == NULL - || (b_buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + || (b_buf = OPENSSL_malloc(len)) == NULL) goto err; - } if (BN_bn2binpad(tmp_1, a_buf, len) < 0 || BN_bn2binpad(tmp_2, b_buf, len) < 0) { ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); @@ -356,7 +354,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) if (group->seed) { if (!curve->seed) if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } ossl_asn1_string_set_bits_left(curve->seed, 0); @@ -393,7 +391,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, if (params == NULL) { if ((ret = ECPARAMETERS_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } } else @@ -429,7 +427,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, } if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) { OPENSSL_free(buffer); - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } ASN1_STRING_set0(ret->base, buffer, len); @@ -474,7 +472,7 @@ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, if (ret == NULL) { if ((ret = ECPKPARAMETERS_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); return NULL; } } else { @@ -580,7 +578,7 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) } if ((p = BN_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -698,10 +696,8 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) goto err; } OPENSSL_free(ret->seed); - if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL) goto err; - } memcpy(ret->seed, params->curve->seed->data, params->curve->seed->length); ret->seed_len = params->curve->seed->length; @@ -945,7 +941,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) if (a == NULL || *a == NULL) { if ((ret = EC_KEY_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } else @@ -1033,7 +1029,7 @@ int i2d_ECPrivateKey(const EC_KEY *a, unsigned char **out) } if ((priv_key = EC_PRIVATEKEY_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -1061,7 +1057,7 @@ int i2d_ECPrivateKey(const EC_KEY *a, unsigned char **out) if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) { priv_key->publicKey = ASN1_BIT_STRING_new(); if (priv_key->publicKey == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } @@ -1109,7 +1105,7 @@ EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len) if (a == NULL || *a == NULL) { if ((ret = EC_KEY_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); return NULL; } } else @@ -1173,10 +1169,8 @@ int i2o_ECPublicKey(const EC_KEY *a, unsigned char **out) return buf_len; if (*out == NULL) { - if ((*out = OPENSSL_malloc(buf_len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((*out = OPENSSL_malloc(buf_len)) == NULL) return 0; - } new_buffer = 1; } if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form, @@ -1201,8 +1195,7 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_name(ECDSA_SIG, ECDSA_SIG) ECDSA_SIG *ECDSA_SIG_new(void) { ECDSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig)); - if (sig == NULL) - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + return sig; } diff --git a/crypto/ec/ec_backend.c b/crypto/ec/ec_backend.c index 62cc134ffd..60e88de488 100644 --- a/crypto/ec/ec_backend.c +++ b/crypto/ec/ec_backend.c @@ -190,7 +190,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, BIGNUM *b = BN_CTX_get(bnctx); if (b == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -201,7 +201,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (!ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_P, p) || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_A, a) || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_B, b)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -216,7 +216,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, } if (!ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_ORDER, order)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -226,7 +226,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (!ossl_param_build_set_utf8_string(tmpl, params, OSSL_PKEY_PARAM_EC_FIELD_TYPE, field_type)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -249,7 +249,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (!ossl_param_build_set_octet_string(tmpl, params, OSSL_PKEY_PARAM_EC_GENERATOR, *genbuf, genbuf_len)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -261,7 +261,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (cofactor != NULL && !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_COFACTOR, cofactor)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -276,7 +276,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, && !ossl_param_build_set_octet_string(tmpl, params, OSSL_PKEY_PARAM_EC_SEED, seed, seed_len)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -773,7 +773,7 @@ EC_KEY *ossl_ec_key_param_from_x509_algor(const X509_ALGOR *palg, X509_ALGOR_get0(NULL, &ptype, &pval, palg); if ((eckey = EC_KEY_new_ex(libctx, propq)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto ecerr; } diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c index 484124915d..9ed94b328c 100644 --- a/crypto/ec/ec_check.c +++ b/crypto/ec/ec_check.c @@ -30,7 +30,7 @@ int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only, if (ctx == NULL) { ctx = new_ctx = BN_CTX_new_ex(NULL); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return NID_undef; } } @@ -69,7 +69,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } } diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index b5b2f3342d..2bf6522e84 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3151,7 +3151,7 @@ static EC_GROUP *ec_group_new_from_data(OSSL_LIB_CTX *libctx, curve.meth != NULL ? curve.meth() : NULL); if ((ctx = BN_CTX_new_ex(libctx)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } diff --git a/crypto/ec/ec_deprecated.c b/crypto/ec/ec_deprecated.c index 22ddb3660c..905b560638 100644 --- a/crypto/ec/ec_deprecated.c +++ b/crypto/ec/ec_deprecated.c @@ -47,10 +47,8 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, if ((buf_len = BN_num_bytes(bn)) == 0) buf_len = 1; - if ((buf = OPENSSL_malloc(buf_len)) == NULL) { - ECerr(EC_F_EC_POINT_BN2POINT, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(buf_len)) == NULL) return NULL; - } if (BN_bn2binpad(bn, buf, buf_len) < 0) { OPENSSL_free(buf); diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 44bac9afa7..4d0faa64c7 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -992,7 +992,7 @@ int ossl_ec_key_simple_oct2priv(EC_KEY *eckey, const unsigned char *buf, if (eckey->priv_key == NULL) eckey->priv_key = BN_secure_new(); if (eckey->priv_key == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return 0; } if (BN_bin2bn(buf, len, eckey->priv_key) == NULL) { @@ -1011,10 +1011,8 @@ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf) len = EC_KEY_priv2oct(eckey, NULL, 0); if (len == 0) return 0; - if ((buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(len)) == NULL) return 0; - } len = EC_KEY_priv2oct(eckey, buf, len); if (len == 0) { OPENSSL_free(buf); diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c index 8c011635cb..eca531d2b3 100644 --- a/crypto/ec/ec_kmeth.c +++ b/crypto/ec/ec_kmeth.c @@ -83,24 +83,20 @@ EC_KEY *ossl_ec_key_new_method_int(OSSL_LIB_CTX *libctx, const char *propq, { EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->libctx = libctx; if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); - if (ret->propq == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret->propq == NULL) goto err; - } } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } @@ -129,6 +125,7 @@ EC_KEY *ossl_ec_key_new_method_int(OSSL_LIB_CTX *libctx, const char *propq, /* No ex_data inside the FIPS provider */ #ifndef FIPS_MODULE if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) { + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } #endif diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index a84e088c19..2e7139cbdd 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -40,18 +40,14 @@ EC_GROUP *ossl_ec_group_new_ex(OSSL_LIB_CTX *libctx, const char *propq, } ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->libctx = libctx; if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); - if (ret->propq == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret->propq == NULL) goto err; - } } ret->meth = meth; if ((ret->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) { @@ -246,10 +242,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) if (src->seed) { OPENSSL_free(dest->seed); - if ((dest->seed = OPENSSL_malloc(src->seed_len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((dest->seed = OPENSSL_malloc(src->seed_len)) == NULL) return 0; - } if (!memcpy(dest->seed, src->seed, src->seed_len)) return 0; dest->seed_len = src->seed_len; @@ -532,10 +526,8 @@ size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len) if (!len || !p) return 1; - if ((group->seed = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((group->seed = OPENSSL_malloc(len)) == NULL) return 0; - } memcpy(group->seed, p, len); group->seed_len = len; @@ -726,10 +718,8 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) } ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->meth = group->meth; ret->curve_name = group->curve_name; @@ -1582,7 +1572,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], /* If it gets here then we are trying explicit parameters */ bnctx = BN_CTX_new_ex(libctx); if (bnctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return 0; } BN_CTX_start(bnctx); @@ -1592,7 +1582,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], b = BN_CTX_get(bnctx); order = BN_CTX_get(bnctx); if (order == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index c6ec2964b7..a913c1e786 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -56,10 +56,8 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) return NULL; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return ret; - } ret->group = group; ret->blocksize = 8; /* default */ @@ -68,7 +66,7 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -171,7 +169,7 @@ int ossl_ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r, if (((p = EC_POINT_new(group)) == NULL) || ((s = EC_POINT_new(group)) == NULL)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -195,7 +193,7 @@ int ossl_ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r, lambda = BN_CTX_get(ctx); k = BN_CTX_get(ctx); if (k == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -520,10 +518,8 @@ int ossl_ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (wNAF != NULL) wNAF[0] = NULL; /* preliminary pivot */ - if (wsize == NULL || wNAF_len == NULL || wNAF == NULL || val_sub == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (wsize == NULL || wNAF_len == NULL || wNAF == NULL || val_sub == NULL) goto err; - } /* * num_val will be the total number of temporarily precomputed points @@ -633,7 +629,6 @@ int ossl_ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, wNAF[i + 1] = NULL; wNAF[i] = OPENSSL_malloc(wNAF_len[i]); if (wNAF[i] == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); OPENSSL_free(tmp_wNAF); goto err; } @@ -661,10 +656,8 @@ int ossl_ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, * subarray of 'pre_comp->points' if we already have precomputation. */ val = OPENSSL_malloc((num_val + 1) * sizeof(val[0])); - if (val == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (val == NULL) goto err; - } val[num_val] = NULL; /* pivot element */ /* allocate points for precomputation */ @@ -893,23 +886,21 @@ int ossl_ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) * and store */ points = OPENSSL_malloc(sizeof(*points) * (num + 1)); - if (points == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (points == NULL) goto err; - } var = points; var[num] = NULL; /* pivot */ for (i = 0; i < num; i++) { if ((var[i] = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } if ((tmp_point = EC_POINT_new(group)) == NULL || (base = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } diff --git a/crypto/ec/ec_oct.c b/crypto/ec/ec_oct.c index 790a0b2907..0ad3394c82 100644 --- a/crypto/ec/ec_oct.c +++ b/crypto/ec/ec_oct.c @@ -140,10 +140,8 @@ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point, len = EC_POINT_point2oct(group, point, form, NULL, 0, NULL); if (len == 0) return 0; - if ((buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(len)) == NULL) return 0; - } len = EC_POINT_point2oct(group, point, form, buf, len, ctx); if (len == 0) { OPENSSL_free(buf); diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 19e2f0d0c0..716b1860bb 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -48,10 +48,8 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx) { EC_PKEY_CTX *dctx; - if ((dctx = OPENSSL_zalloc(sizeof(*dctx))) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((dctx = OPENSSL_zalloc(sizeof(*dctx))) == NULL) return 0; - } dctx->cofactor_mode = -1; dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE; @@ -229,10 +227,8 @@ static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx, return 0; if (!pkey_ec_derive(ctx, NULL, &ktmplen)) return 0; - if ((ktmp = OPENSSL_malloc(ktmplen)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((ktmp = OPENSSL_malloc(ktmplen)) == NULL) return 0; - } if (!pkey_ec_derive(ctx, ktmp, &ktmplen)) goto err; /* Do KDF stuff */ diff --git a/crypto/ec/ecdh_ossl.c b/crypto/ec/ecdh_ossl.c index 8016c6d7ad..41f7e39046 100644 --- a/crypto/ec/ecdh_ossl.c +++ b/crypto/ec/ecdh_ossl.c @@ -63,7 +63,7 @@ int ossl_ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen, BN_CTX_start(ctx); x = BN_CTX_get(ctx); if (x == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -80,16 +80,19 @@ int ossl_ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen, * * peer_public_key. */ if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) { - if (!EC_GROUP_get_cofactor(group, x, NULL) || - !BN_mul(x, x, priv_key, ctx)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (!EC_GROUP_get_cofactor(group, x, NULL)) { + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); + goto err; + } + if (!BN_mul(x, x, priv_key, ctx)) { + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } priv_key = x; } if ((tmp = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -118,10 +121,8 @@ int ossl_ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen, ERR_raise(ERR_LIB_EC, ERR_R_INTERNAL_ERROR); goto err; } - if ((buf = OPENSSL_malloc(buflen)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(buflen)) == NULL) goto err; - } memset(buf, 0, buflen - len); if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) { diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index fe9b3cf593..96dab38adf 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -100,7 +100,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, if ((ctx = ctx_in) == NULL) { if ((ctx = BN_CTX_new_ex(eckey->libctx)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return 0; } } @@ -109,7 +109,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, r = BN_new(); /* this value is later returned in *rp */ X = BN_new(); if (k == NULL || r == NULL || X == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } if ((tmp_point = EC_POINT_new(group)) == NULL) { @@ -221,20 +221,20 @@ ECDSA_SIG *ossl_ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, ret = ECDSA_SIG_new(); if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ECDSA_LIB); return NULL; } ret->r = BN_new(); ret->s = BN_new(); if (ret->r == NULL || ret->s == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } s = ret->s; if ((ctx = BN_CTX_new_ex(eckey->libctx)) == NULL || (m = BN_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -264,7 +264,7 @@ ECDSA_SIG *ossl_ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, } else { ckinv = in_kinv; if (BN_copy(ret->r, in_r) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } } @@ -378,7 +378,7 @@ int ossl_ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, ctx = BN_CTX_new_ex(eckey->libctx); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return -1; } BN_CTX_start(ctx); @@ -437,7 +437,7 @@ int ossl_ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, } if ((point = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c index 96ced7c8be..1bb58c6f33 100644 --- a/crypto/ec/eck_prn.c +++ b/crypto/ec/eck_prn.c @@ -89,7 +89,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) ctx = BN_CTX_new(); if (ctx == NULL) { - reason = ERR_R_MALLOC_FAILURE; + reason = ERR_R_BN_LIB; goto err; } @@ -127,7 +127,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) if ((p = BN_new()) == NULL || (a = BN_new()) == NULL || (b = BN_new()) == NULL) { - reason = ERR_R_MALLOC_FAILURE; + reason = ERR_R_BN_LIB; goto err; } diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index 5ab0dd7bef..6c9f9095b6 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -1238,16 +1238,14 @@ static NISTP224_PRE_COMP *nistp224_pre_comp_new(void) { NISTP224_PRE_COMP *ret = OPENSSL_zalloc(sizeof(*ret)); - if (!ret) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return ret; - } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -1487,10 +1485,8 @@ int ossl_ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, tmp_felems = OPENSSL_malloc(sizeof(felem) * (num_points * 17 + 1)); if ((secrets == NULL) || (pre_comp == NULL) - || (mixed && (tmp_felems == NULL))) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + || (mixed && (tmp_felems == NULL))) goto err; - } /* * we treat NULL scalars as 0, and NULL points as points at infinity, diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index 4a55f925c4..f9b1fd1206 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -1849,16 +1849,14 @@ static NISTP256_PRE_COMP *nistp256_pre_comp_new(void) { NISTP256_PRE_COMP *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return ret; - } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -2099,10 +2097,8 @@ int ossl_ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, tmp_smallfelems = OPENSSL_malloc(sizeof(*tmp_smallfelems) * (num_points * 17 + 1)); if ((secrets == NULL) || (pre_comp == NULL) - || (mixed && (tmp_smallfelems == NULL))) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + || (mixed && (tmp_smallfelems == NULL))) goto err; - } /* * we treat NULL scalars as 0, and NULL points as points at infinity, diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 31a97d7937..484c42eac9 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -1742,16 +1742,14 @@ static NISTP521_PRE_COMP *nistp521_pre_comp_new(void) { NISTP521_PRE_COMP *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return ret; - } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -1992,10 +1990,8 @@ int ossl_ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, tmp_felems = OPENSSL_malloc(sizeof(*tmp_felems) * (num_points * 17 + 1)); if ((secrets == NULL) || (pre_comp == NULL) - || (mixed && (tmp_felems == NULL))) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + || (mixed && (tmp_felems == NULL))) goto err; - } /* * we treat NULL scalars as 0, and NULL points as points at infinity, diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index 9825352c6e..bbf9deec4d 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -636,10 +636,8 @@ __owur static int ecp_nistz256_windowed_mul(const EC_GROUP *group, OPENSSL_malloc((num * 16 + 5) * sizeof(P256_POINT) + 64)) == NULL || (p_str = OPENSSL_malloc(num * 33 * sizeof(unsigned char))) == NULL - || (scalars = OPENSSL_malloc(num * sizeof(BIGNUM *))) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + || (scalars = OPENSSL_malloc(num * sizeof(BIGNUM *))) == NULL) goto err; - } table = (void *)ALIGNPTR(table_storage, 64); temp = (P256_POINT *)(table + num); @@ -868,10 +866,8 @@ __owur static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx) w = 7; if ((precomp_storage = - OPENSSL_malloc(37 * 64 * sizeof(P256_POINT_AFFINE) + 64)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + OPENSSL_malloc(37 * 64 * sizeof(P256_POINT_AFFINE) + 64)) == NULL) goto err; - } preComputedTable = (void *)ALIGNPTR(precomp_storage, 64); @@ -974,7 +970,7 @@ __owur static int ecp_nistz256_points_mul(const EC_GROUP *group, BIGNUM *tmp_scalar; if ((num + 1) == 0 || (num + 1) > OPENSSL_MALLOC_MAX_NELEMS(void *)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -1123,16 +1119,12 @@ __owur static int ecp_nistz256_points_mul(const EC_GROUP *group, * handled like a normal point. */ new_scalars = OPENSSL_malloc((num + 1) * sizeof(BIGNUM *)); - if (new_scalars == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (new_scalars == NULL) goto err; - } new_points = OPENSSL_malloc((num + 1) * sizeof(EC_POINT *)); - if (new_points == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (new_points == NULL) goto err; - } memcpy(new_scalars, scalars, num * sizeof(BIGNUM *)); new_scalars[num] = scalar; @@ -1226,10 +1218,8 @@ static NISTZ256_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group) ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return ret; - } ret->group = group; ret->w = 6; /* default */ @@ -1237,7 +1227,7 @@ static NISTZ256_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group) ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } diff --git a/crypto/ec/ecp_s390x_nistp.c b/crypto/ec/ecp_s390x_nistp.c index 0c10196ea3..6bf2da9b4b 100644 --- a/crypto/ec/ecp_s390x_nistp.c +++ b/crypto/ec/ecp_s390x_nistp.c @@ -152,14 +152,14 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst, k = BN_secure_new(); sig = ECDSA_SIG_new(); if (k == NULL || sig == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ECDSA_LIB); goto ret; } sig->r = BN_new(); sig->s = BN_new(); if (sig->r == NULL || sig->s == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto ret; } @@ -247,7 +247,7 @@ static int ecdsa_s390x_nistp_verify_sig(const unsigned char *dgst, int dgstlen, ctx = BN_CTX_new_ex(group->libctx); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return -1; } @@ -256,7 +256,7 @@ static int ecdsa_s390x_nistp_verify_sig(const unsigned char *dgst, int dgstlen, x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); if (x == NULL || y == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto ret; } diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c index 13ce9bfc42..b9c675971b 100644 --- a/crypto/ec/ecp_smpl.c +++ b/crypto/ec/ecp_smpl.c @@ -258,7 +258,7 @@ int ossl_ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, if (ctx == NULL) { ctx = new_ctx = BN_CTX_new_ex(group->libctx); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } } @@ -1438,7 +1438,7 @@ int ossl_ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p, lambda = BN_CTX_get(ctx); temp = BN_CTX_get(ctx); if (temp == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto end; } diff --git a/crypto/ec/ecx_backend.c b/crypto/ec/ecx_backend.c index 2ab7611be9..7a43274d51 100644 --- a/crypto/ec/ecx_backend.c +++ b/crypto/ec/ecx_backend.c @@ -110,10 +110,8 @@ ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection) { ECX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { @@ -138,8 +136,10 @@ ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection) if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 && key->privkey != NULL) { - if (ossl_ecx_key_allocate_privkey(ret) == NULL) + if (ossl_ecx_key_allocate_privkey(ret) == NULL) { + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; + } memcpy(ret->privkey, key->privkey, ret->keylen); } @@ -147,7 +147,6 @@ ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection) err: ossl_ecx_key_free(ret); - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); return NULL; } @@ -186,7 +185,7 @@ ECX_KEY *ossl_ecx_key_op(const X509_ALGOR *palg, key = ossl_ecx_key_new(libctx, KEYNID2TYPE(id), 1, propq); if (key == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); return 0; } pubkey = key->pubkey; @@ -196,7 +195,7 @@ ECX_KEY *ossl_ecx_key_op(const X509_ALGOR *palg, } else { privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } if (op == KEY_OP_KEYGEN) { diff --git a/crypto/ec/ecx_key.c b/crypto/ec/ecx_key.c index 8cf7f1708c..548e49091d 100644 --- a/crypto/ec/ecx_key.c +++ b/crypto/ec/ecx_key.c @@ -51,11 +51,16 @@ ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey } ret->lock = CRYPTO_THREAD_lock_new(); - if (ret->lock == NULL) + if (ret->lock == NULL) { + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; + } return ret; err: - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret != NULL) { + OPENSSL_free(ret->propq); + CRYPTO_THREAD_lock_free(ret->lock); + } OPENSSL_free(ret); return NULL; } diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index c70e0461c0..e83a2d7172 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -39,15 +39,13 @@ static int ecx_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) } penc = OPENSSL_memdup(ecxkey->pubkey, KEYLEN(pkey)); - if (penc == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (penc == NULL) return 0; - } if (!X509_PUBKEY_set0_param(pk, OBJ_nid2obj(pkey->ameth->pkey_id), V_ASN1_UNDEF, NULL, penc, KEYLEN(pkey))) { OPENSSL_free(penc); - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_X509_LIB); return 0; } return 1; @@ -115,14 +113,14 @@ static int ecx_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) penclen = i2d_ASN1_OCTET_STRING(&oct, &penc); if (penclen < 0) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); return 0; } if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0, V_ASN1_UNDEF, NULL, penc, penclen)) { OPENSSL_clear_free(penc, penclen); - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); return 0; } @@ -392,7 +390,7 @@ static int ecx_generic_import_from(const OSSL_PARAM params[], void *vpctx, pctx->propquery); if (ecx == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_EC_LIB); return 0; } @@ -946,7 +944,7 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) unsigned char *privkey = NULL, *pubkey; if (key == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -954,7 +952,7 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -989,7 +987,7 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) unsigned char *privkey = NULL, *pubkey; if (key == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -997,7 +995,7 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -1038,7 +1036,7 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) int rv; if (key == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -1046,7 +1044,7 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -1104,7 +1102,7 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) int rv; if (key == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -1112,7 +1110,7 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } diff --git a/crypto/encode_decode/decoder_lib.c b/crypto/encode_decode/decoder_lib.c index 8863c316d6..8e19532b8e 100644 --- a/crypto/encode_decode/decoder_lib.c +++ b/crypto/encode_decode/decoder_lib.c @@ -224,10 +224,8 @@ OSSL_DECODER_INSTANCE *ossl_decoder_instance_new(OSSL_DECODER *decoder, return 0; } - if ((decoder_inst = OPENSSL_zalloc(sizeof(*decoder_inst))) == NULL) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + if ((decoder_inst = OPENSSL_zalloc(sizeof(*decoder_inst))) == NULL) return 0; - } prov = OSSL_DECODER_get0_provider(decoder); libctx = ossl_provider_libctx(prov); @@ -291,7 +289,7 @@ int ossl_decoder_ctx_add_decoder_inst(OSSL_DECODER_CTX *ctx, if (ctx->decoder_insts == NULL && (ctx->decoder_insts = sk_OSSL_DECODER_INSTANCE_new_null()) == NULL) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB); return 0; } @@ -508,7 +506,7 @@ int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx, skdecoders = sk_OSSL_DECODER_new_null(); if (skdecoders == NULL) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB); return 0; } OSSL_DECODER_do_all_provided(libctx, collect_all_decoders, skdecoders); @@ -824,7 +822,7 @@ static int decoder_process(const OSSL_PARAM params[], void *arg) } if ((cbio = ossl_core_bio_new_from_bio(bio)) == NULL) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_BIO_LIB); goto end; } diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c index 74c86a8fe8..b133402e09 100644 --- a/crypto/encode_decode/decoder_meth.c +++ b/crypto/encode_decode/decoder_meth.c @@ -29,10 +29,11 @@ static OSSL_DECODER *ossl_decoder_new(void) { OSSL_DECODER *decoder = NULL; - if ((decoder = OPENSSL_zalloc(sizeof(*decoder))) == NULL - || (decoder->base.lock = CRYPTO_THREAD_lock_new()) == NULL) { + if ((decoder = OPENSSL_zalloc(sizeof(*decoder))) == NULL) + return NULL; + if ((decoder->base.lock = CRYPTO_THREAD_lock_new()) == NULL) { OSSL_DECODER_free(decoder); - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB); return NULL; } @@ -625,9 +626,7 @@ OSSL_DECODER_CTX *OSSL_DECODER_CTX_new(void) { OSSL_DECODER_CTX *ctx; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); - + ctx = OPENSSL_zalloc(sizeof(*ctx)); return ctx; } diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c index fa32f2b9fb..79b120b95c 100644 --- a/crypto/encode_decode/decoder_pkey.c +++ b/crypto/encode_decode/decoder_pkey.c @@ -395,17 +395,16 @@ int ossl_decoder_ctx_setup_for_pkey(OSSL_DECODER_CTX *ctx, } OSSL_TRACE_END(DECODER); /* Allocate data. */ - if ((process_data = OPENSSL_zalloc(sizeof(*process_data))) == NULL - || (propquery != NULL - && (process_data->propq = OPENSSL_strdup(propquery)) == NULL)) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + if ((process_data = OPENSSL_zalloc(sizeof(*process_data))) == NULL) + goto err; + if ((propquery != NULL + && (process_data->propq = OPENSSL_strdup(propquery)) == NULL)) goto err; - } /* Allocate our list of EVP_KEYMGMTs. */ keymgmts = sk_EVP_KEYMGMT_new_null(); if (keymgmts == NULL) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_CRYPTO_LIB); goto err; } @@ -481,7 +480,7 @@ OSSL_DECODER_CTX_new_for_pkey(EVP_PKEY **pkey, OSSL_DECODER_CTX *ctx = NULL; if ((ctx = OSSL_DECODER_CTX_new()) == NULL) { - ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_OSSL_DECODER_LIB); return NULL; } diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c index 7868da79b7..28dae99dc8 100644 --- a/crypto/encode_decode/encoder_lib.c +++ b/crypto/encode_decode/encoder_lib.c @@ -193,10 +193,8 @@ static OSSL_ENCODER_INSTANCE *ossl_encoder_instance_new(OSSL_ENCODER *encoder, return 0; } - if ((encoder_inst = OPENSSL_zalloc(sizeof(*encoder_inst))) == NULL) { - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); + if ((encoder_inst = OPENSSL_zalloc(sizeof(*encoder_inst))) == NULL) return 0; - } if (!OSSL_ENCODER_up_ref(encoder)) { ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INTERNAL_ERROR); @@ -259,7 +257,7 @@ static int ossl_encoder_ctx_add_encoder_inst(OSSL_ENCODER_CTX *ctx, if (ctx->encoder_insts == NULL && (ctx->encoder_insts = sk_OSSL_ENCODER_INSTANCE_new_null()) == NULL) { - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_CRYPTO_LIB); return 0; } diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c index 7092ba7ef8..9093f29abb 100644 --- a/crypto/encode_decode/encoder_meth.c +++ b/crypto/encode_decode/encoder_meth.c @@ -29,10 +29,11 @@ static OSSL_ENCODER *ossl_encoder_new(void) { OSSL_ENCODER *encoder = NULL; - if ((encoder = OPENSSL_zalloc(sizeof(*encoder))) == NULL - || (encoder->base.lock = CRYPTO_THREAD_lock_new()) == NULL) { + if ((encoder = OPENSSL_zalloc(sizeof(*encoder))) == NULL) + return NULL; + if ((encoder->base.lock = CRYPTO_THREAD_lock_new()) == NULL) { OSSL_ENCODER_free(encoder); - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_CRYPTO_LIB); return NULL; } @@ -609,9 +610,7 @@ OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new(void) { OSSL_ENCODER_CTX *ctx; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); - + ctx = OPENSSL_zalloc(sizeof(*ctx)); return ctx; } diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c index 3a24317cf4..38239f810f 100644 --- a/crypto/encode_decode/encoder_pkey.c +++ b/crypto/encode_decode/encoder_pkey.c @@ -243,10 +243,8 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx, struct collected_encoder_st encoder_data; struct collected_names_st keymgmt_data; - if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL) { - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); + if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL) goto err; - } /* * Select the first encoder implementations in two steps. @@ -254,7 +252,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx, */ keymgmt_data.names = sk_OPENSSL_CSTRING_new_null(); if (keymgmt_data.names == NULL) { - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_CRYPTO_LIB); goto err; } @@ -288,7 +286,7 @@ static int ossl_encoder_ctx_setup_for_pkey(OSSL_ENCODER_CTX *ctx, sk_OPENSSL_CSTRING_free(keymgmt_data.names); if (encoder_data.error_occurred) { - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_CRYPTO_LIB); goto err; } } @@ -335,7 +333,7 @@ OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new_for_pkey(const EVP_PKEY *pkey, } if ((ctx = OSSL_ENCODER_CTX_new()) == NULL) { - ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_OSSL_ENCODER_LIB); return NULL; } diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c index 6d402927c5..cc3a2b0aa3 100644 --- a/crypto/engine/eng_dyn.c +++ b/crypto/engine/eng_dyn.c @@ -159,13 +159,11 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) dynamic_data_ctx *c = OPENSSL_zalloc(sizeof(*c)); int ret = 0; - if (c == NULL) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + if (c == NULL) return 0; - } c->dirs = sk_OPENSSL_STRING_new_null(); if (c->dirs == NULL) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); goto end; } c->DYNAMIC_F1 = "v_check"; @@ -357,13 +355,11 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) } { char *tmp_str = OPENSSL_strdup(p); - if (tmp_str == NULL) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + if (tmp_str == NULL) return 0; - } if (!sk_OPENSSL_STRING_push(ctx->dirs, tmp_str)) { OPENSSL_free(tmp_str); - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); return 0; } } diff --git a/crypto/engine/eng_init.c b/crypto/engine/eng_init.c index a1b9917f44..d262b16917 100644 --- a/crypto/engine/eng_init.c +++ b/crypto/engine/eng_init.c @@ -86,7 +86,8 @@ int ENGINE_init(ENGINE *e) return 0; } if (!RUN_ONCE(&engine_lock_init, do_engine_lock_init)) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + /* Maybe this should be raised in do_engine_lock_init() */ + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); return 0; } if (!CRYPTO_THREAD_write_lock(global_engine_lock)) diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c index 5285200107..40e0413a26 100644 --- a/crypto/engine/eng_lib.c +++ b/crypto/engine/eng_lib.c @@ -28,11 +28,13 @@ ENGINE *ENGINE_new(void) { ENGINE *ret; - if (!RUN_ONCE(&engine_lock_init, do_engine_lock_init) - || (ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); - return NULL; + if (!RUN_ONCE(&engine_lock_init, do_engine_lock_init)) { + /* Maybe this should be raised in do_engine_lock_init() */ + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); + return 0; } + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) + return NULL; ret->struct_ref = 1; ENGINE_REF_PRINT(ret, 0, 1); if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data)) { @@ -125,10 +127,8 @@ static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb) { ENGINE_CLEANUP_ITEM *item; - if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) return NULL; - } item->cb = cb; return item; } diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index 04c73c7628..dd9ada34c8 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -219,7 +219,8 @@ ENGINE *ENGINE_get_first(void) ENGINE *ret; if (!RUN_ONCE(&engine_lock_init, do_engine_lock_init)) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + /* Maybe this should be raised in do_engine_lock_init() */ + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); return NULL; } @@ -239,7 +240,8 @@ ENGINE *ENGINE_get_last(void) ENGINE *ret; if (!RUN_ONCE(&engine_lock_init, do_engine_lock_init)) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + /* Maybe this should be raised in do_engine_lock_init() */ + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); return NULL; } @@ -378,7 +380,8 @@ ENGINE *ENGINE_by_id(const char *id) ENGINE_load_builtin_engines(); if (!RUN_ONCE(&engine_lock_init, do_engine_lock_init)) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + /* Maybe this should be raised in do_engine_lock_init() */ + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); return NULL; } diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index 91656e6b80..8b39e3dec7 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -450,10 +450,8 @@ static int ossl_hmac_init(EVP_PKEY_CTX *ctx) { OSSL_HMAC_PKEY_CTX *hctx; - if ((hctx = OPENSSL_zalloc(sizeof(*hctx))) == NULL) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + if ((hctx = OPENSSL_zalloc(sizeof(*hctx))) == NULL) return 0; - } hctx->ktmp.type = V_ASN1_OCTET_STRING; hctx->ctx = HMAC_CTX_new(); if (hctx->ctx == NULL) { diff --git a/crypto/engine/tb_asnmth.c b/crypto/engine/tb_asnmth.c index bd65ede2f2..fb3953437a 100644 --- a/crypto/engine/tb_asnmth.c +++ b/crypto/engine/tb_asnmth.c @@ -196,7 +196,8 @@ const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, fstr.len = len; if (!RUN_ONCE(&engine_lock_init, do_engine_lock_init)) { - ERR_raise(ERR_LIB_ENGINE, ERR_R_MALLOC_FAILURE); + /* Maybe this should be raised in do_engine_lock_init() */ + ERR_raise(ERR_LIB_ENGINE, ERR_R_CRYPTO_LIB); return NULL; } diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 96f49c8c7c..c2978074a6 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -152,8 +152,8 @@ BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED:143:\ BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED:144:no hostname or service specified BIO_R_NO_PORT_DEFINED:113:no port defined BIO_R_NO_SUCH_FILE:128:no such file -BIO_R_PORT_MISMATCH:150:port mismatch BIO_R_PEER_ADDR_NOT_AVAILABLE:114:peer addr not available +BIO_R_PORT_MISMATCH:150:port mismatch BIO_R_TFO_DISABLED:106:tfo disabled BIO_R_TFO_NO_KERNEL_SUPPORT:108:tfo no kernel support BIO_R_TRANSFER_ERROR:104:transfer error @@ -504,6 +504,7 @@ DH_R_INVALID_PARAMETER_NAME:110:invalid parameter name DH_R_INVALID_PARAMETER_NID:114:invalid parameter nid DH_R_INVALID_PUBKEY:102:invalid public key DH_R_INVALID_SECRET:128:invalid secret +DH_R_INVALID_SIZE:129:invalid size DH_R_KDF_PARAMETER_ERROR:112:kdf parameter error DH_R_KEYS_NOT_SET:108:keys not set DH_R_MISSING_PUBKEY:125:missing pubkey diff --git a/crypto/ess/ess_lib.c b/crypto/ess/ess_lib.c index 65444d383f..0612e68ee6 100644 --- a/crypto/ess/ess_lib.c +++ b/crypto/ess/ess_lib.c @@ -29,28 +29,38 @@ ESS_SIGNING_CERT *OSSL_ESS_signing_cert_new_init(const X509 *signcert, ESS_SIGNING_CERT *sc; int i; - if ((sc = ESS_SIGNING_CERT_new()) == NULL) + if ((sc = ESS_SIGNING_CERT_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; + } if (sc->cert_ids == NULL - && (sc->cert_ids = sk_ESS_CERT_ID_new_null()) == NULL) + && (sc->cert_ids = sk_ESS_CERT_ID_new_null()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB); goto err; + } if ((cid = ESS_CERT_ID_new_init(signcert, set_issuer_serial)) == NULL - || !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) + || !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; + } for (i = 0; i < sk_X509_num(certs); ++i) { X509 *cert = sk_X509_value(certs, i); - if ((cid = ESS_CERT_ID_new_init(cert, 1)) == NULL - || !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) + if ((cid = ESS_CERT_ID_new_init(cert, 1)) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; + } + if (!sk_ESS_CERT_ID_push(sc->cert_ids, cid)) { + ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB); + goto err; + } } return sc; err: ESS_SIGNING_CERT_free(sc); ESS_CERT_ID_free(cid); - ERR_raise(ERR_LIB_ESS, ERR_R_MALLOC_FAILURE); return NULL; } @@ -61,38 +71,53 @@ static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert, GENERAL_NAME *name = NULL; unsigned char cert_sha1[SHA_DIGEST_LENGTH]; - if ((cid = ESS_CERT_ID_new()) == NULL) + if ((cid = ESS_CERT_ID_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; - if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL)) + } + if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL)) { + ERR_raise(ERR_LIB_ESS, ERR_R_X509_LIB); goto err; - if (!ASN1_OCTET_STRING_set(cid->hash, cert_sha1, SHA_DIGEST_LENGTH)) + } + if (!ASN1_OCTET_STRING_set(cid->hash, cert_sha1, SHA_DIGEST_LENGTH)) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } /* Setting the issuer/serial if requested. */ if (!set_issuer_serial) return cid; if (cid->issuer_serial == NULL - && (cid->issuer_serial = ESS_ISSUER_SERIAL_new()) == NULL) + && (cid->issuer_serial = ESS_ISSUER_SERIAL_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; - if ((name = GENERAL_NAME_new()) == NULL) + } + if ((name = GENERAL_NAME_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } name->type = GEN_DIRNAME; - if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) + if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_X509_LIB); goto err; - if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) + } + if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) { + ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB); goto err; + } name = NULL; /* Ownership is lost. */ ASN1_INTEGER_free(cid->issuer_serial->serial); - if ((cid->issuer_serial->serial = - ASN1_INTEGER_dup(X509_get0_serialNumber(cert))) == NULL) + if ((cid->issuer_serial->serial + = ASN1_INTEGER_dup(X509_get0_serialNumber(cert))) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } return cid; err: GENERAL_NAME_free(name); ESS_CERT_ID_free(cid); - ERR_raise(ERR_LIB_ESS, ERR_R_MALLOC_FAILURE); return NULL; } @@ -106,22 +131,32 @@ ESS_SIGNING_CERT_V2 *OSSL_ESS_signing_cert_v2_new_init(const EVP_MD *hash_alg, ESS_SIGNING_CERT_V2 *sc; int i; - if ((sc = ESS_SIGNING_CERT_V2_new()) == NULL) + if ((sc = ESS_SIGNING_CERT_V2_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; + } cid = ESS_CERT_ID_V2_new_init(hash_alg, signcert, set_issuer_serial); - if (cid == NULL) + if (cid == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; - if (!sk_ESS_CERT_ID_V2_push(sc->cert_ids, cid)) + } + if (!sk_ESS_CERT_ID_V2_push(sc->cert_ids, cid)) { + ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB); goto err; + } cid = NULL; for (i = 0; i < sk_X509_num(certs); ++i) { X509 *cert = sk_X509_value(certs, i); - if ((cid = ESS_CERT_ID_V2_new_init(hash_alg, cert, 1)) == NULL) + if ((cid = ESS_CERT_ID_V2_new_init(hash_alg, cert, 1)) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; - if (!sk_ESS_CERT_ID_V2_push(sc->cert_ids, cid)) + } + if (!sk_ESS_CERT_ID_V2_push(sc->cert_ids, cid)) { + ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB); goto err; + } cid = NULL; } @@ -129,7 +164,6 @@ ESS_SIGNING_CERT_V2 *OSSL_ESS_signing_cert_v2_new_init(const EVP_MD *hash_alg, err: ESS_SIGNING_CERT_V2_free(sc); ESS_CERT_ID_V2_free(cid); - ERR_raise(ERR_LIB_ESS, ERR_R_MALLOC_FAILURE); return NULL; } @@ -145,52 +179,71 @@ static ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new_init(const EVP_MD *hash_alg, memset(hash, 0, sizeof(hash)); - if ((cid = ESS_CERT_ID_V2_new()) == NULL) + if ((cid = ESS_CERT_ID_V2_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; + } if (!EVP_MD_is_a(hash_alg, SN_sha256)) { alg = X509_ALGOR_new(); - if (alg == NULL) + if (alg == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } X509_ALGOR_set_md(alg, hash_alg); - if (alg->algorithm == NULL) + if (alg->algorithm == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } cid->hash_alg = alg; alg = NULL; } else { cid->hash_alg = NULL; } - if (!X509_digest(cert, hash_alg, hash, &hash_len)) + if (!X509_digest(cert, hash_alg, hash, &hash_len)) { + ERR_raise(ERR_LIB_ESS, ERR_R_X509_LIB); goto err; + } - if (!ASN1_OCTET_STRING_set(cid->hash, hash, hash_len)) + if (!ASN1_OCTET_STRING_set(cid->hash, hash, hash_len)) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } if (!set_issuer_serial) return cid; - if ((cid->issuer_serial = ESS_ISSUER_SERIAL_new()) == NULL) + if ((cid->issuer_serial = ESS_ISSUER_SERIAL_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB); goto err; - if ((name = GENERAL_NAME_new()) == NULL) + } + if ((name = GENERAL_NAME_new()) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } name->type = GEN_DIRNAME; - if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) + if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; - if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) + } + if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) { + ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB); goto err; + } name = NULL; /* Ownership is lost. */ ASN1_INTEGER_free(cid->issuer_serial->serial); cid->issuer_serial->serial = ASN1_INTEGER_dup(X509_get0_serialNumber(cert)); - if (cid->issuer_serial->serial == NULL) + if (cid->issuer_serial->serial == NULL) { + ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB); goto err; + } return cid; err: X509_ALGOR_free(alg); GENERAL_NAME_free(name); ESS_CERT_ID_V2_free(cid); - ERR_raise(ERR_LIB_ESS, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c index b08e121014..3acf4d1dfd 100644 --- a/crypto/evp/asymcipher.c +++ b/crypto/evp/asymcipher.c @@ -303,14 +303,12 @@ static EVP_ASYM_CIPHER *evp_asym_cipher_new(OSSL_PROVIDER *prov) { EVP_ASYM_CIPHER *cipher = OPENSSL_zalloc(sizeof(EVP_ASYM_CIPHER)); - if (cipher == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (cipher == NULL) return NULL; - } cipher->lock = CRYPTO_THREAD_lock_new(); if (cipher->lock == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); OPENSSL_free(cipher); return NULL; } @@ -331,7 +329,7 @@ static void *evp_asym_cipher_from_algorithm(int name_id, int gparamfncnt = 0, sparamfncnt = 0; if ((cipher = evp_asym_cipher_new(prov)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); goto err; } diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c index 09720eecd9..0292c678c9 100644 --- a/crypto/evp/bio_b64.c +++ b/crypto/evp/bio_b64.c @@ -67,10 +67,8 @@ static int b64_new(BIO *bi) { BIO_B64_CTX *ctx; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return 0; - } ctx->cont = 1; ctx->start = 1; diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 2d52c48d1a..2333c20ef6 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -65,10 +65,8 @@ static int enc_new(BIO *bi) { BIO_ENC_CTX *ctx; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return 0; - } ctx->cipher = EVP_CIPHER_CTX_new(); if (ctx->cipher == NULL) { diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 97e67fcb68..a07c9c5998 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -132,10 +132,8 @@ static int ok_new(BIO *bi) { BIO_OK_CTX *ctx; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return 0; - } ctx->cont = 1; ctx->sigio = 1; diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c index ffea7b108b..c6446fb82c 100644 --- a/crypto/evp/ctrl_params_translate.c +++ b/crypto/evp/ctrl_params_translate.c @@ -458,11 +458,9 @@ static int default_fixup_args(enum state state, if (ctx->p2 != NULL) { if (ctx->action_type == SET) { ctx->buflen = BN_num_bytes(ctx->p2); - if ((ctx->allocated_buf = - OPENSSL_malloc(ctx->buflen)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((ctx->allocated_buf + = OPENSSL_malloc(ctx->buflen)) == NULL) return 0; - } if (BN_bn2nativepad(ctx->p2, ctx->allocated_buf, ctx->buflen) < 0) { OPENSSL_free(ctx->allocated_buf); diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 5de5a9014d..f6819a321b 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -110,7 +110,7 @@ EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id, if ((ctx = EVP_MD_CTX_new()) == NULL || (pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq)) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); goto err; } @@ -342,10 +342,8 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { ctx->update = type->update; ctx->md_data = OPENSSL_zalloc(type->ctx_size); - if (ctx->md_data == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (ctx->md_data == NULL) return 0; - } } } #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) @@ -640,10 +638,8 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) out->md_data = tmp_buf; else { out->md_data = OPENSSL_malloc(out->digest->ctx_size); - if (out->md_data == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (out->md_data == NULL) return 0; - } } memcpy(out->md_data, in->md_data, out->digest->ctx_size); } @@ -964,7 +960,7 @@ static void *evp_md_from_algorithm(int name_id, /* EVP_MD_fetch() will set the legacy NID if available */ if ((md = evp_md_new()) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return NULL; } diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 71ce6df94e..868c7e5bf7 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -1475,10 +1475,8 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) if (gctx->iv != c->iv) OPENSSL_free(gctx->iv); - if ((gctx->iv = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((gctx->iv = OPENSSL_malloc(len)) == NULL) return 0; - } } /* Add padding. */ memset(gctx->iv + arg, 0, len - arg - 8); @@ -1594,10 +1592,8 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) } else { len = S390X_gcm_ivpadlen(gctx->ivlen); - if ((gctx_out->iv = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((gctx_out->iv = OPENSSL_malloc(len)) == NULL) return 0; - } memcpy(gctx_out->iv, gctx->iv, len); } @@ -2682,10 +2678,8 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { if (gctx->iv != c->iv) OPENSSL_free(gctx->iv); - if ((gctx->iv = OPENSSL_malloc(arg)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((gctx->iv = OPENSSL_malloc(arg)) == NULL) return 0; - } } gctx->ivlen = arg; return 1; @@ -2784,10 +2778,8 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) if (gctx->iv == c->iv) gctx_out->iv = out->iv; else { - if ((gctx_out->iv = OPENSSL_malloc(gctx->ivlen)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((gctx_out->iv = OPENSSL_malloc(gctx->ivlen)) == NULL) return 0; - } memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); } return 1; diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index 5bf7c7d2a6..e2a421b43d 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -279,10 +279,8 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { if (gctx->iv != c->iv) OPENSSL_free(gctx->iv); - if ((gctx->iv = OPENSSL_malloc(arg)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((gctx->iv = OPENSSL_malloc(arg)) == NULL) return 0; - } } gctx->ivlen = arg; return 1; @@ -384,10 +382,8 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) if (gctx->iv == c->iv) gctx_out->iv = out->iv; else { - if ((gctx_out->iv = OPENSSL_malloc(gctx->ivlen)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((gctx_out->iv = OPENSSL_malloc(gctx->ivlen)) == NULL) return 0; - } memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); } return 1; diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 77dc815dd9..b4d4441f6f 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -313,7 +313,6 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, ctx->cipher_data = OPENSSL_zalloc(ctx->cipher->ctx_size); if (ctx->cipher_data == NULL) { ctx->cipher = NULL; - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); return 0; } } else { @@ -1458,7 +1457,6 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size); if (out->cipher_data == NULL) { out->cipher = NULL; - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); return 0; } memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size); @@ -1528,7 +1526,7 @@ static void *evp_cipher_from_algorithm(const int name_id, int fnciphcnt = 0, fnctxcnt = 0; if ((cipher = evp_cipher_new()) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return NULL; } diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c index 4908f6cfee..9e4f80d218 100644 --- a/crypto/evp/evp_fetch.c +++ b/crypto/evp/evp_fetch.c @@ -500,7 +500,7 @@ static int evp_default_properties_merge(OSSL_LIB_CTX *libctx, const char *propq, pl2 = ossl_property_merge(pl1, *plp); ossl_property_free(pl1); if (pl2 == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); return 0; } if (!evp_set_parsed_default_properties(libctx, pl2, 0, 0)) { @@ -552,10 +552,8 @@ char *evp_get_global_properties_str(OSSL_LIB_CTX *libctx, int loadconfig) } propstr = OPENSSL_malloc(sz); - if (propstr == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (propstr == NULL) return NULL; - } if (ossl_property_list_to_string(libctx, *plp, propstr, sz) == 0) { ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); OPENSSL_free(propstr); diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index 71e757c28d..5208f7cef8 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -199,12 +199,14 @@ static int pbe_cmp(const EVP_PBE_CTL *const *a, const EVP_PBE_CTL *const *b) int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, EVP_PBE_KEYGEN *keygen) { - EVP_PBE_CTL *pbe_tmp; + EVP_PBE_CTL *pbe_tmp = NULL; if (pbe_algs == NULL) { pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); - if (pbe_algs == NULL) + if (pbe_algs == NULL) { + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); goto err; + } } if ((pbe_tmp = OPENSSL_zalloc(sizeof(*pbe_tmp))) == NULL) @@ -217,13 +219,13 @@ int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, pbe_tmp->keygen = keygen; if (!sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp)) { - OPENSSL_free(pbe_tmp); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); goto err; } return 1; err: - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + OPENSSL_free(pbe_tmp); return 0; } diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 8f3f150375..3ec88be67f 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -32,7 +32,7 @@ EVP_PKEY *evp_pkcs82pkey_legacy(const PKCS8_PRIV_KEY_INFO *p8, OSSL_LIB_CTX *lib return NULL; if ((pkey = EVP_PKEY_new()) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return NULL; } @@ -130,7 +130,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey) } else { p8 = PKCS8_PRIV_KEY_INFO_new(); if (p8 == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_ASN1_LIB); return NULL; } diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c index e92108abb1..40048ed603 100644 --- a/crypto/evp/evp_rand.c +++ b/crypto/evp/evp_rand.c @@ -124,7 +124,7 @@ static void *evp_rand_from_algorithm(int name_id, #endif if ((rand = evp_rand_new()) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return NULL; } rand->name_id = name_id; @@ -339,9 +339,11 @@ EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent) } ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL || (ctx->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) { + if (ctx == NULL) + return NULL; + if ((ctx->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) { OPENSSL_free(ctx); - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); return NULL; } if (parent != NULL) { @@ -357,7 +359,7 @@ EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent) if ((ctx->algctx = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx, parent_dispatch)) == NULL || !EVP_RAND_up_ref(rand)) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); rand->freectx(ctx->algctx); CRYPTO_THREAD_lock_free(ctx->refcnt_lock); OPENSSL_free(ctx); diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c index e80ec566dd..a9311b2792 100644 --- a/crypto/evp/exchange.c +++ b/crypto/evp/exchange.c @@ -22,14 +22,12 @@ static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov) { EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH)); - if (exchange == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (exchange == NULL) return NULL; - } exchange->lock = CRYPTO_THREAD_lock_new(); if (exchange->lock == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); OPENSSL_free(exchange); return NULL; } @@ -49,7 +47,7 @@ static void *evp_keyexch_from_algorithm(int name_id, int fncnt = 0, sparamfncnt = 0, gparamfncnt = 0; if ((exchange = evp_keyexch_new(prov)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); goto err; } diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c index 5b53d9822c..1093aac29e 100644 --- a/crypto/evp/kdf_lib.c +++ b/crypto/evp/kdf_lib.c @@ -31,7 +31,7 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) if (ctx == NULL || (ctx->algctx = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL || !EVP_KDF_up_ref(kdf)) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); if (ctx != NULL) kdf->freectx(ctx->algctx); OPENSSL_free(ctx); @@ -60,14 +60,12 @@ EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src) return NULL; dst = OPENSSL_malloc(sizeof(*dst)); - if (dst == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (dst == NULL) return NULL; - } memcpy(dst, src, sizeof(*dst)); if (!EVP_KDF_up_ref(dst->meth)) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); OPENSSL_free(dst); return NULL; } diff --git a/crypto/evp/kdf_meth.c b/crypto/evp/kdf_meth.c index 94af5d40a0..b383cc6cdd 100644 --- a/crypto/evp/kdf_meth.c +++ b/crypto/evp/kdf_meth.c @@ -65,7 +65,7 @@ static void *evp_kdf_from_algorithm(int name_id, int fnkdfcnt = 0, fnctxcnt = 0; if ((kdf = evp_kdf_new()) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return NULL; } kdf->name_id = name_id; diff --git a/crypto/evp/kem.c b/crypto/evp/kem.c index 8c0c35b54b..499978fc55 100644 --- a/crypto/evp/kem.c +++ b/crypto/evp/kem.c @@ -275,14 +275,12 @@ static EVP_KEM *evp_kem_new(OSSL_PROVIDER *prov) { EVP_KEM *kem = OPENSSL_zalloc(sizeof(EVP_KEM)); - if (kem == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (kem == NULL) return NULL; - } kem->lock = CRYPTO_THREAD_lock_new(); if (kem->lock == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); OPENSSL_free(kem); return NULL; } @@ -302,7 +300,7 @@ static void *evp_kem_from_algorithm(int name_id, const OSSL_ALGORITHM *algodef, int gparamfncnt = 0, sparamfncnt = 0; if ((kem = evp_kem_new(prov)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); goto err; } diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c index 82aa771c38..b06730dc7a 100644 --- a/crypto/evp/keymgmt_lib.c +++ b/crypto/evp/keymgmt_lib.c @@ -34,7 +34,7 @@ int evp_keymgmt_util_try_import(const OSSL_PARAM params[], void *arg) /* Just in time creation of keydata */ if (data->keydata == NULL) { if ((data->keydata = evp_keymgmt_newdata(data->keymgmt)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return 0; } delete_on_error = 1; diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c index 9440eadd78..7ddc69f587 100644 --- a/crypto/evp/keymgmt_meth.c +++ b/crypto/evp/keymgmt_meth.c @@ -21,10 +21,11 @@ static void *keymgmt_new(void) { EVP_KEYMGMT *keymgmt = NULL; - if ((keymgmt = OPENSSL_zalloc(sizeof(*keymgmt))) == NULL - || (keymgmt->lock = CRYPTO_THREAD_lock_new()) == NULL) { + if ((keymgmt = OPENSSL_zalloc(sizeof(*keymgmt))) == NULL) + return NULL; + if ((keymgmt->lock = CRYPTO_THREAD_lock_new()) == NULL) { EVP_KEYMGMT_free(keymgmt); - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); return NULL; } diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index a49c103220..c6b021fcd8 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -23,16 +23,15 @@ EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) { EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); - if (ctx == NULL - || (ctx->algctx = mac->newctx(ossl_provider_ctx(mac->prov))) == NULL - || !EVP_MAC_up_ref(mac)) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); - if (ctx != NULL) - mac->freectx(ctx->algctx); - OPENSSL_free(ctx); - ctx = NULL; - } else { + if (ctx != NULL) { ctx->meth = mac; + if ((ctx->algctx = mac->newctx(ossl_provider_ctx(mac->prov))) == NULL + || !EVP_MAC_up_ref(mac)) { + mac->freectx(ctx->algctx); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); + OPENSSL_free(ctx); + ctx = NULL; + } } return ctx; } @@ -56,14 +55,12 @@ EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src) return NULL; dst = OPENSSL_malloc(sizeof(*dst)); - if (dst == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (dst == NULL) return NULL; - } *dst = *src; if (!EVP_MAC_up_ref(dst->meth)) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); OPENSSL_free(dst); return NULL; } diff --git a/crypto/evp/mac_meth.c b/crypto/evp/mac_meth.c index 85fe7704fd..e133548269 100644 --- a/crypto/evp/mac_meth.c +++ b/crypto/evp/mac_meth.c @@ -66,7 +66,7 @@ static void *evp_mac_from_algorithm(int name_id, int fnmaccnt = 0, fnctxcnt = 0; if ((mac = evp_mac_new()) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return NULL; } mac->name_id = name_id; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index f0f79c4bec..70d17ec37e 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -442,7 +442,7 @@ static EVP_PKEY *new_raw_key_int(OSSL_LIB_CTX *libctx, pkey = EVP_PKEY_new(); if (pkey == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); goto err; } @@ -1437,10 +1437,8 @@ EVP_PKEY *EVP_PKEY_new(void) { EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->type = EVP_PKEY_NONE; ret->save_type = EVP_PKEY_NONE; @@ -1448,14 +1446,14 @@ EVP_PKEY *EVP_PKEY_new(void) ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - EVPerr(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); goto err; } #ifndef FIPS_MODULE ret->save_parameters = 1; if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, ret, &ret->ex_data)) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); goto err; } #endif @@ -2023,7 +2021,7 @@ int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) if (*dest == NULL) { allocpkey = *dest = EVP_PKEY_new(); if (*dest == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return 0; } } else { @@ -2049,7 +2047,7 @@ int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) EVP_PKEY_CTX_new_from_pkey(libctx, *dest, NULL); if (pctx == NULL) - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); if (pctx != NULL && evp_keymgmt_export(keymgmt, keydata, diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index 92fd20f6aa..8630553e79 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -34,7 +34,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, return 1; if ((pctx = EVP_PKEY_CTX_new(priv, NULL)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); goto err; } @@ -42,10 +42,8 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, || EVP_PKEY_decrypt(pctx, NULL, &keylen, ek, ekl) <= 0) goto err; - if ((key = OPENSSL_malloc(keylen)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if ((key = OPENSSL_malloc(keylen)) == NULL) goto err; - } if (EVP_PKEY_decrypt(pctx, key, &keylen, ek, ekl) <= 0) goto err; diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c index b52d33c235..94c8462ab4 100644 --- a/crypto/evp/p_seal.c +++ b/crypto/evp/p_seal.c @@ -58,7 +58,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pubk[i], NULL); if (pctx == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); goto err; } diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 8e430f4704..4eb34db267 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -33,7 +33,7 @@ int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *sigret, EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); if (tmp_ctx == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return 0; } rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index e5667afb7c..eb5084f839 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -31,7 +31,7 @@ int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); if (tmp_ctx == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return 0; } rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c index 8e4940ed59..c8981227d4 100644 --- a/crypto/evp/pmeth_gn.c +++ b/crypto/evp/pmeth_gn.c @@ -145,7 +145,7 @@ int EVP_PKEY_generate(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) *ppkey = allocated_pkey = EVP_PKEY_new(); if (*ppkey == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return -1; } @@ -378,7 +378,7 @@ int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, int selection, allocated_pkey = *ppkey = EVP_PKEY_new(); if (*ppkey == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); return -1; } diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index e58787a5ea..249c895a15 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -128,10 +128,8 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags) EVP_PKEY_METHOD *pmeth; pmeth = OPENSSL_zalloc(sizeof(*pmeth)); - if (pmeth == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (pmeth == NULL) return NULL; - } pmeth->pkey_id = id; pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; @@ -316,8 +314,6 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM); } else { ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); } #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) @@ -481,10 +477,8 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx) } # endif rctx = OPENSSL_zalloc(sizeof(*rctx)); - if (rctx == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (rctx == NULL) return NULL; - } if (pctx->pkey != NULL) EVP_PKEY_up_ref(pctx->pkey); @@ -615,12 +609,12 @@ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) if (app_pkey_methods == NULL) { app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp); if (app_pkey_methods == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); return 0; } } if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); return 0; } sk_EVP_PKEY_METHOD_sort(app_pkey_methods); @@ -1485,17 +1479,13 @@ static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx, evp_pkey_ctx_free_cached_data(ctx, cmd, name); if (name != NULL) { ctx->cached_parameters.dist_id_name = OPENSSL_strdup(name); - if (ctx->cached_parameters.dist_id_name == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (ctx->cached_parameters.dist_id_name == NULL) return 0; - } } if (data_len > 0) { ctx->cached_parameters.dist_id = OPENSSL_memdup(data, data_len); - if (ctx->cached_parameters.dist_id == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (ctx->cached_parameters.dist_id == NULL) return 0; - } } ctx->cached_parameters.dist_id_set = 1; ctx->cached_parameters.dist_id_len = data_len; diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c index c9871668ad..f035a422ca 100644 --- a/crypto/evp/signature.c +++ b/crypto/evp/signature.c @@ -22,14 +22,12 @@ static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) { EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); - if (signature == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (signature == NULL) return NULL; - } signature->lock = CRYPTO_THREAD_lock_new(); if (signature->lock == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB); OPENSSL_free(signature); return NULL; } @@ -51,7 +49,7 @@ static void *evp_signature_from_algorithm(int name_id, int gparamfncnt = 0, sparamfncnt = 0, gmdparamfncnt = 0, smdparamfncnt = 0; if ((signature = evp_signature_new(prov)) == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB); goto err; } diff --git a/crypto/ex_data.c b/crypto/ex_data.c index 40223f06e4..26c225001c 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -163,16 +163,14 @@ int ossl_crypto_get_ex_new_index_ex(OSSL_LIB_CTX *ctx, int class_index, * "app_data" routines use ex_data index zero. See RT 3710. */ if (ip->meth == NULL || !sk_EX_CALLBACK_push(ip->meth, NULL)) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); goto err; } } a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a)); - if (a == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (a == NULL) goto err; - } a->argl = argl; a->argp = argp; a->new_func = new_func; @@ -181,7 +179,7 @@ int ossl_crypto_get_ex_new_index_ex(OSSL_LIB_CTX *ctx, int class_index, a->priority = priority; if (!sk_EX_CALLBACK_push(ip->meth, NULL)) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); OPENSSL_free(a); goto err; } @@ -239,10 +237,8 @@ int ossl_crypto_new_ex_data_ex(OSSL_LIB_CTX *ctx, int class_index, void *obj, } CRYPTO_THREAD_unlock(global->ex_data_lock); - if (mx > 0 && storage == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (mx > 0 && storage == NULL) return 0; - } for (i = 0; i < mx; i++) { if (storage[i] != NULL && storage[i]->new_func != NULL) { ptr = CRYPTO_get_ex_data(ad, i); @@ -305,10 +301,8 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, if (mx == 0) return 1; - if (storage == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (storage == NULL) return 0; - } /* * Make sure the ex_data stack is at least |mx| elements long to avoid * issues in the for loop that follows; so go get the |mx|'th element @@ -468,14 +462,14 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val) if (ad->sk == NULL) { if ((ad->sk = sk_void_new_null()) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); return 0; } } for (i = sk_void_num(ad->sk); i <= idx; ++i) { if (!sk_void_push(ad->sk, NULL)) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); return 0; } } diff --git a/crypto/init.c b/crypto/init.c index 983d76e457..a224542e03 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -706,10 +706,8 @@ int OPENSSL_atexit(void (*handler)(void)) } #endif - if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) return 0; - } newhand->handler = handler; newhand->next = stop_handlers; diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index a652631e10..526af83026 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -48,14 +48,8 @@ OPENSSL_LHASH *OPENSSL_LH_new(OPENSSL_LH_HASHFUNC h, OPENSSL_LH_COMPFUNC c) { OPENSSL_LHASH *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) { - /* - * Do not set the error code, because the ERR code uses LHASH - * and we want to avoid possible endless error loop. - * ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); - */ + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) return NULL; - } if ((ret->b = OPENSSL_zalloc(sizeof(*ret->b) * MIN_NODES)) == NULL) goto err; ret->comp = ((c == NULL) ? (OPENSSL_LH_COMPFUNC)strcmp : c); diff --git a/crypto/modes/ocb128.c b/crypto/modes/ocb128.c index b5202ba5bd..1ae807c100 100644 --- a/crypto/modes/ocb128.c +++ b/crypto/modes/ocb128.c @@ -155,10 +155,8 @@ int CRYPTO_ocb128_init(OCB128_CONTEXT *ctx, void *keyenc, void *keydec, memset(ctx, 0, sizeof(*ctx)); ctx->l_index = 0; ctx->max_l_index = 5; - if ((ctx->l = OPENSSL_malloc(ctx->max_l_index * 16)) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((ctx->l = OPENSSL_malloc(ctx->max_l_index * 16)) == NULL) return 0; - } /* * We set both the encryption and decryption key schedules - decryption @@ -202,10 +200,8 @@ int CRYPTO_ocb128_copy_ctx(OCB128_CONTEXT *dest, OCB128_CONTEXT *src, if (keydec) dest->keydec = keydec; if (src->l) { - if ((dest->l = OPENSSL_malloc(src->max_l_index * 16)) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((dest->l = OPENSSL_malloc(src->max_l_index * 16)) == NULL) return 0; - } memcpy(dest->l, src->l, (src->l_index + 1) * 16); } return 1; diff --git a/crypto/o_fopen.c b/crypto/o_fopen.c index 2936ef95f7..24912bb7d8 100644 --- a/crypto/o_fopen.c +++ b/crypto/o_fopen.c @@ -87,10 +87,8 @@ FILE *openssl_fopen(const char *filename, const char *mode) char *iterator; char lastchar; - if ((newname = OPENSSL_malloc(strlen(filename) + 1)) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((newname = OPENSSL_malloc(strlen(filename) + 1)) == NULL) return NULL; - } for (iterator = newname, lastchar = '\0'; *filename; filename++, iterator++) { diff --git a/crypto/o_str.c b/crypto/o_str.c index 3354ce0927..119d791e20 100644 --- a/crypto/o_str.c +++ b/crypto/o_str.c @@ -56,10 +56,8 @@ void *CRYPTO_memdup(const void *data, size_t siz, const char* file, int line) return NULL; ret = CRYPTO_malloc(siz, file, line); - if (ret == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } return memcpy(ret, data, siz); } @@ -196,10 +194,8 @@ unsigned char *ossl_hexstr2buf_sep(const char *str, long *buflen, return NULL; } buf_n /= 2; - if ((buf = OPENSSL_malloc(buf_n)) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(buf_n)) == NULL) return NULL; - } if (buflen != NULL) *buflen = 0; @@ -272,10 +268,8 @@ char *ossl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep) return OPENSSL_zalloc(1); tmp_n = (sep != CH_ZERO) ? buflen * 3 : 1 + buflen * 2; - if ((tmp = OPENSSL_malloc(tmp_n)) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((tmp = OPENSSL_malloc(tmp_n)) == NULL) return NULL; - } if (buf2hexstr_sep(tmp, tmp_n, NULL, buf, buflen, sep)) return tmp; diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index 1efa0345fb..5a468bba3a 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -89,7 +89,6 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *), for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) { name_funcs = OPENSSL_zalloc(sizeof(*name_funcs)); if (name_funcs == NULL) { - ERR_raise(ERR_LIB_OBJ, ERR_R_MALLOC_FAILURE); ret = 0; goto out; } @@ -98,7 +97,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *), push = sk_NAME_FUNCS_push(name_funcs_stack, name_funcs); if (!push) { - ERR_raise(ERR_LIB_OBJ, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OBJ, ERR_R_CRYPTO_LIB); OPENSSL_free(name_funcs); ret = 0; goto out; diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 852039b6da..ea5d57a77e 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -254,10 +254,8 @@ static int ossl_obj_add_object(const ASN1_OBJECT *obj, int lock) || (o->sn != NULL && (ao[ADDED_SNAME] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL) || (o->ln != NULL - && (ao[ADDED_LNAME] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL)) { - ERR_raise(ERR_LIB_OBJ, ERR_R_MALLOC_FAILURE); + && (ao[ADDED_LNAME] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL)) goto err2; - } if (!ossl_obj_write_lock(lock)) { ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_WRITE_LOCK); @@ -266,7 +264,7 @@ static int ossl_obj_add_object(const ASN1_OBJECT *obj, int lock) if (added == NULL) { added = lh_ADDED_OBJ_new(added_obj_hash, added_obj_cmp); if (added == NULL) { - ERR_raise(ERR_LIB_OBJ, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OBJ, ERR_R_CRYPTO_LIB); goto err; } } @@ -420,10 +418,8 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) if (j < 0) return NULL; - if ((buf = OPENSSL_malloc(j)) == NULL) { - ERR_raise(ERR_LIB_OBJ, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(j)) == NULL) return NULL; - } p = buf; /* Write out tag+length */ diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c index 72c0c2c81d..6cdc1d7e74 100644 --- a/crypto/objects/obj_lib.c +++ b/crypto/objects/obj_lib.c @@ -50,7 +50,6 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) return r; err: ASN1_OBJECT_free(r); - ERR_raise(ERR_LIB_OBJ, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/objects/obj_xref.c b/crypto/objects/obj_xref.c index 8660de2004..2eb757cb77 100644 --- a/crypto/objects/obj_xref.c +++ b/crypto/objects/obj_xref.c @@ -155,10 +155,8 @@ int OBJ_add_sigid(int signid, int dig_id, int pkey_id) if (!obj_sig_init()) return 0; - if ((ntr = OPENSSL_malloc(sizeof(*ntr))) == NULL) { - ERR_raise(ERR_LIB_OBJ, ERR_R_MALLOC_FAILURE); + if ((ntr = OPENSSL_malloc(sizeof(*ntr))) == NULL) return 0; - } ntr->sign_id = signid; ntr->hash_id = dig_id; ntr->pkey_id = pkey_id; diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index d99bab72e1..b0827e9a22 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -36,7 +36,7 @@ static int ocsp_verify_signer(X509 *signer, int response, int ret = -1; if (ctx == NULL) { - ERR_raise(ERR_LIB_OCSP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OCSP, ERR_R_X509_LIB); goto end; } if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) { diff --git a/crypto/ocsp/v3_ocsp.c b/crypto/ocsp/v3_ocsp.c index 2250208a15..4f54b7ceab 100644 --- a/crypto/ocsp/v3_ocsp.c +++ b/crypto/ocsp/v3_ocsp.c @@ -203,7 +203,7 @@ static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length) err: if ((pos == NULL) || (*pos != os)) ASN1_OCTET_STRING_free(os); - ERR_raise(ERR_LIB_OCSP, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OCSP, ERR_R_ASN1_LIB); return NULL; } diff --git a/crypto/packet.c b/crypto/packet.c index 753bbdc59c..feef9d0739 100644 --- a/crypto/packet.c +++ b/crypto/packet.c @@ -104,10 +104,8 @@ static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes) pkt->curr = 0; pkt->written = 0; - if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL) return 0; - } if (lenbytes == 0) return 1; @@ -368,10 +366,8 @@ int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes) if (lenbytes > 0 && pkt->endfirst) return 0; - if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL) return 0; - } sub->parent = pkt->subs; pkt->subs = sub; diff --git a/crypto/param_build.c b/crypto/param_build.c index 0341e63419..f00c0aa809 100644 --- a/crypto/param_build.c +++ b/crypto/param_build.c @@ -54,10 +54,8 @@ static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key, { OSSL_PARAM_BLD_DEF *pd = OPENSSL_zalloc(sizeof(*pd)); - if (pd == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (pd == NULL) return NULL; - } pd->key = key; pd->type = type; pd->size = size; @@ -390,7 +388,6 @@ OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld) } params = OPENSSL_malloc(total); if (params == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); OPENSSL_secure_free(s); return NULL; } diff --git a/crypto/params.c b/crypto/params.c index 7a329a8467..4c5a6f5334 100644 --- a/crypto/params.c +++ b/crypto/params.c @@ -1038,7 +1038,7 @@ int OSSL_PARAM_get_BN(const OSSL_PARAM *p, BIGNUM **val) } if (b == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_BN_LIB); return 0; } @@ -1284,10 +1284,8 @@ static int get_string_internal(const OSSL_PARAM *p, void **val, if (*val == NULL) { char *const q = OPENSSL_malloc(alloc_sz); - if (q == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (q == NULL) return 0; - } *val = q; *max_len = alloc_sz; } diff --git a/crypto/params_dup.c b/crypto/params_dup.c index fd4764a7cd..769629bbf3 100644 --- a/crypto/params_dup.c +++ b/crypto/params_dup.c @@ -37,11 +37,8 @@ static int ossl_param_buf_alloc(OSSL_PARAM_BUF *out, size_t extra_blocks, size_t sz = OSSL_PARAM_ALIGN_SIZE * (extra_blocks + out->blocks); out->alloc = is_secure ? OPENSSL_secure_zalloc(sz) : OPENSSL_zalloc(sz); - if (out->alloc == NULL) { - ERR_raise(ERR_LIB_CRYPTO, is_secure ? CRYPTO_R_SECURE_MALLOC_FAILURE - : ERR_R_MALLOC_FAILURE); + if (out->alloc == NULL) return 0; - } out->alloc_sz = sz; out->cur = out->alloc + extra_blocks; return 1; @@ -185,10 +182,8 @@ OSSL_PARAM *OSSL_PARAM_merge(const OSSL_PARAM *p1, const OSSL_PARAM *p2) /* Allocate enough space to store the merged parameters */ params = OPENSSL_zalloc((list1_sz + list2_sz + 1) * sizeof(*p1)); - if (params == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (params == NULL) return NULL; - } dst = params; p1cur = list1; p2cur = list2; diff --git a/crypto/params_from_text.c b/crypto/params_from_text.c index b681d8f564..38e0927195 100644 --- a/crypto/params_from_text.c +++ b/crypto/params_from_text.c @@ -210,10 +210,8 @@ int OSSL_PARAM_allocate_from_text(OSSL_PARAM *to, ¶mdef, &ishex, &buf_n, &tmpbn, found)) goto err; - if ((buf = OPENSSL_zalloc(buf_n > 0 ? buf_n : 1)) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_zalloc(buf_n > 0 ? buf_n : 1)) == NULL) goto err; - } ok = construct_from_text(to, paramdef, value, value_n, ishex, buf, buf_n, tmpbn); diff --git a/crypto/passphrase.c b/crypto/passphrase.c index fcc40f6dab..563c5acd1e 100644 --- a/crypto/passphrase.c +++ b/crypto/passphrase.c @@ -43,10 +43,8 @@ int ossl_pw_set_passphrase(struct ossl_passphrase_data_st *data, data->_.expl_passphrase.passphrase_copy = passphrase_len != 0 ? OPENSSL_memdup(passphrase, passphrase_len) : OPENSSL_malloc(1); - if (data->_.expl_passphrase.passphrase_copy == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (data->_.expl_passphrase.passphrase_copy == NULL) return 0; - } data->_.expl_passphrase.passphrase_len = passphrase_len; return 1; } @@ -130,7 +128,7 @@ static int do_ui_passphrase(char *pass, size_t pass_size, size_t *pass_len, } if ((ui = UI_new()) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB); return 0; } @@ -143,16 +141,14 @@ static int do_ui_passphrase(char *pass, size_t pass_size, size_t *pass_len, /* Get an application constructed prompt */ prompt = UI_construct_prompt(ui, "pass phrase", prompt_info); if (prompt == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB); goto end; } /* Get a buffer for verification prompt */ ipass = OPENSSL_zalloc(pass_size + 1); - if (ipass == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (ipass == NULL) goto end; - } prompt_idx = UI_add_input_string(ui, prompt, UI_INPUT_FLAG_DEFAULT_PWD, @@ -165,10 +161,8 @@ static int do_ui_passphrase(char *pass, size_t pass_size, size_t *pass_len, if (verify) { /* Get a buffer for verification prompt */ vpass = OPENSSL_zalloc(pass_size + 1); - if (vpass == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (vpass == NULL) goto end; - } verify_idx = UI_add_verify_string(ui, prompt, UI_INPUT_FLAG_DEFAULT_PWD, vpass, 0, pass_size, @@ -269,7 +263,7 @@ int ossl_pw_get_passphrase(char *pass, size_t pass_size, size_t *pass_len, ui_data = data->_.pem_password.password_cbarg; if (ui_method == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB); return 0; } } else if (data->type == is_ui_method) { @@ -299,7 +293,6 @@ int ossl_pw_get_passphrase(char *pass, size_t pass_size, size_t *pass_len, if (new_cache == NULL) { OPENSSL_cleanse(pass, *pass_len); - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } data->cached_passphrase = new_cache; diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 061c9b9f68..f8dc4416e2 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -67,7 +67,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, if (sk == NULL) { if ((ret = sk_X509_INFO_new_null()) == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_CRYPTO_LIB); goto err; } } else diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 98050f8348..4c6b94da6b 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -218,18 +218,25 @@ static int check_pem(const char *nm, const char *name) return 0; } -static void pem_free(void *p, unsigned int flags, size_t num) +#define PEM_FREE(p, flags, num) \ + pem_free((p), (flags), (num), OPENSSL_FILE, OPENSSL_LINE) +static void pem_free(void *p, unsigned int flags, size_t num, + const char *file, int line) { if (flags & PEM_FLAG_SECURE) - OPENSSL_secure_clear_free(p, num); + CRYPTO_secure_clear_free(p, num, file, line); else - OPENSSL_free(p); + CRYPTO_free(p, file, line); } -static void *pem_malloc(int num, unsigned int flags) +#define PEM_MALLOC(num, flags) \ + pem_malloc((num), (flags), OPENSSL_FILE, OPENSSL_LINE) +static void *pem_malloc(int num, unsigned int flags, + const char *file, int line) { - return (flags & PEM_FLAG_SECURE) ? OPENSSL_secure_malloc(num) - : OPENSSL_malloc(num); + return (flags & PEM_FLAG_SECURE) ? CRYPTO_secure_malloc(num, file, line) + : CRYPTO_malloc(num, file, line); + } static int pem_bytes_read_bio_flags(unsigned char **pdata, long *plen, @@ -244,9 +251,9 @@ static int pem_bytes_read_bio_flags(unsigned char **pdata, long *plen, int ret = 0; do { - pem_free(nm, flags, 0); - pem_free(header, flags, 0); - pem_free(data, flags, len); + PEM_FREE(nm, flags, 0); + PEM_FREE(header, flags, 0); + PEM_FREE(data, flags, len); if (!PEM_read_bio_ex(bp, &nm, &header, &data, &len, flags)) { if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE) ERR_add_error_data(2, "Expecting: ", name); @@ -268,10 +275,10 @@ static int pem_bytes_read_bio_flags(unsigned char **pdata, long *plen, err: if (!ret || pnm == NULL) - pem_free(nm, flags, 0); - pem_free(header, flags, 0); + PEM_FREE(nm, flags, 0); + PEM_FREE(header, flags, 0); if (!ret) - pem_free(data, flags, len); + PEM_FREE(data, flags, len); return ret; } @@ -345,10 +352,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, /* dsize + 8 bytes are needed */ /* actually it needs the cipher block size extra... */ data = OPENSSL_malloc((unsigned int)dsize + 20); - if (data == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (data == NULL) goto err; - } p = data; i = i2d(x, &p); @@ -608,11 +613,11 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, int nlen, n, i, j, outl; unsigned char *buf = NULL; EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new(); - int reason = ERR_R_BUF_LIB; + int reason = 0; int retval = 0; if (ctx == NULL) { - reason = ERR_R_MALLOC_FAILURE; + reason = ERR_R_EVP_LIB; goto err; } @@ -621,43 +626,53 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, if ((BIO_write(bp, "-----BEGIN ", 11) != 11) || (BIO_write(bp, name, nlen) != nlen) || - (BIO_write(bp, "-----\n", 6) != 6)) + (BIO_write(bp, "-----\n", 6) != 6)) { + reason = ERR_R_BIO_LIB; goto err; + } i = header != NULL ? strlen(header) : 0; if (i > 0) { - if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1)) + if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1)) { + reason = ERR_R_BIO_LIB; goto err; + } } buf = OPENSSL_malloc(PEM_BUFSIZE * 8); - if (buf == NULL) { - reason = ERR_R_MALLOC_FAILURE; + if (buf == NULL) goto err; - } i = j = 0; while (len > 0) { n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len); - if (!EVP_EncodeUpdate(ctx, buf, &outl, &(data[j]), n)) + if (!EVP_EncodeUpdate(ctx, buf, &outl, &(data[j]), n)) { + reason = ERR_R_EVP_LIB; goto err; - if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl)) + } + if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl)) { + reason = ERR_R_BIO_LIB; goto err; + } i += outl; len -= n; j += n; } EVP_EncodeFinal(ctx, buf, &outl); - if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl)) + if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl)) { + reason = ERR_R_BIO_LIB; goto err; + } if ((BIO_write(bp, "-----END ", 9) != 9) || (BIO_write(bp, name, nlen) != nlen) || - (BIO_write(bp, "-----\n", 6) != 6)) + (BIO_write(bp, "-----\n", 6) != 6)) { + reason = ERR_R_BIO_LIB; goto err; + } retval = i + outl; err: - if (retval == 0) + if (retval == 0 && reason != 0) ERR_raise(ERR_LIB_PEM, reason); EVP_ENCODE_CTX_free(ctx); OPENSSL_clear_free(buf, PEM_BUFSIZE * 8); @@ -747,11 +762,9 @@ static int get_name(BIO *bp, char **name, unsigned int flags) * Need to hold trailing NUL (accounted for by BIO_gets() and the newline * that will be added by sanitize_line() (the extra '1'). */ - linebuf = pem_malloc(LINESIZE + 1, flags); - if (linebuf == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + linebuf = PEM_MALLOC(LINESIZE + 1, flags); + if (linebuf == NULL) return 0; - } do { len = BIO_gets(bp, linebuf, LINESIZE); @@ -771,16 +784,14 @@ static int get_name(BIO *bp, char **name, unsigned int flags) || !HAS_PREFIX(linebuf + len - TAILLEN, TAILSTR)); linebuf[len - TAILLEN] = '\0'; len = len - BEGINLEN - TAILLEN + 1; - *name = pem_malloc(len, flags); - if (*name == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + *name = PEM_MALLOC(len, flags); + if (*name == NULL) goto err; - } memcpy(*name, linebuf + BEGINLEN, len); ret = 1; err: - pem_free(linebuf, flags, LINESIZE + 1); + PEM_FREE(linebuf, flags, LINESIZE + 1); return ret; } @@ -815,11 +826,9 @@ static int get_header_and_data(BIO *bp, BIO **header, BIO **data, char *name, /* Need to hold trailing NUL (accounted for by BIO_gets() and the newline * that will be added by sanitize_line() (the extra '1'). */ - linebuf = pem_malloc(LINESIZE + 1, flags); - if (linebuf == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + linebuf = PEM_MALLOC(LINESIZE + 1, flags); + if (linebuf == NULL) return 0; - } for (line = 0; ; line++) { flags_mask = ~0u; @@ -902,7 +911,7 @@ static int get_header_and_data(BIO *bp, BIO **header, BIO **data, char *name, ret = 1; err: - pem_free(linebuf, flags, LINESIZE + 1); + PEM_FREE(linebuf, flags, LINESIZE + 1); return ret; } @@ -935,7 +944,7 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header, headerB = BIO_new(bmeth); dataB = BIO_new(bmeth); if (headerB == NULL || dataB == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BIO_LIB); goto end; } @@ -953,7 +962,7 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header, ctx = EVP_ENCODE_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_EVP_LIB); goto end; } @@ -969,8 +978,8 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header, buf_mem->length = len; headerlen = BIO_get_mem_data(headerB, NULL); - *header = pem_malloc(headerlen + 1, flags); - *data = pem_malloc(len, flags); + *header = PEM_MALLOC(headerlen + 1, flags); + *data = PEM_MALLOC(len, flags); if (*header == NULL || *data == NULL) goto out_free; if (headerlen != 0 && BIO_read(headerB, *header, headerlen) != headerlen) @@ -985,11 +994,11 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header, goto end; out_free: - pem_free(*header, flags, 0); - pem_free(*data, flags, 0); + PEM_FREE(*header, flags, 0); + PEM_FREE(*data, flags, 0); end: EVP_ENCODE_CTX_free(ctx); - pem_free(name, flags, 0); + PEM_FREE(name, flags, 0); BIO_free(headerB); BIO_free(dataB); return ret; diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c index 6ad8e43037..f6b0ff4dda 100644 --- a/crypto/pem/pem_sign.c +++ b/crypto/pem/pem_sign.c @@ -33,10 +33,8 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int m_len; m = OPENSSL_malloc(EVP_PKEY_get_size(pkey)); - if (m == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (m == NULL) goto err; - } if (EVP_SignFinal(ctx, m, &m_len, pkey) <= 0) goto err; diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 83166b5887..8931386fae 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -90,6 +90,7 @@ static EVP_PKEY *evp_pkey_new0_key(void *key, int evp_type) case EVP_PKEY_RSA: if (EVP_PKEY_set1_RSA(pkey, key)) break; + ERR_raise(ERR_LIB_PEM, ERR_R_EVP_LIB); EVP_PKEY_free(pkey); pkey = NULL; break; @@ -97,11 +98,14 @@ static EVP_PKEY *evp_pkey_new0_key(void *key, int evp_type) case EVP_PKEY_DSA: if (EVP_PKEY_set1_DSA(pkey, key)) break; + ERR_raise(ERR_LIB_PEM, ERR_R_EVP_LIB); EVP_PKEY_free(pkey); pkey = NULL; break; #endif } + } else { + ERR_raise(ERR_LIB_PEM, ERR_R_EVP_LIB); } switch (evp_type) { @@ -115,8 +119,6 @@ static EVP_PKEY *evp_pkey_new0_key(void *key, int evp_type) #endif } - if (pkey == NULL) - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); return pkey; } @@ -343,10 +345,8 @@ EVP_PKEY *ossl_b2i_bio(BIO *in, int *ispub) return NULL; } buf = OPENSSL_malloc(length); - if (buf == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (buf == NULL) goto err; - } p = buf; if (BIO_read(in, buf, length) != (int)length) { ERR_raise(ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT); @@ -384,22 +384,22 @@ DSA *ossl_b2i_DSA_after_header(const unsigned char **in, unsigned int bitlen, dsa = DSA_new(); if (dsa == NULL) - goto memerr; + goto dsaerr; if (!read_lebn(&p, nbyte, &pbn)) - goto memerr; + goto bnerr; if (!read_lebn(&p, 20, &qbn)) - goto memerr; + goto bnerr; if (!read_lebn(&p, nbyte, &gbn)) - goto memerr; + goto bnerr; if (ispub) { if (!read_lebn(&p, nbyte, &pub_key)) - goto memerr; + goto bnerr; } else { if (!read_lebn(&p, 20, &priv_key)) - goto memerr; + goto bnerr; /* Set constant time flag before public key calculation */ BN_set_flags(priv_key, BN_FLG_CONSTTIME); @@ -407,28 +407,33 @@ DSA *ossl_b2i_DSA_after_header(const unsigned char **in, unsigned int bitlen, /* Calculate public key */ pub_key = BN_new(); if (pub_key == NULL) - goto memerr; + goto bnerr; if ((ctx = BN_CTX_new()) == NULL) - goto memerr; + goto bnerr; if (!BN_mod_exp(pub_key, gbn, priv_key, pbn, ctx)) - goto memerr; + goto bnerr; BN_CTX_free(ctx); ctx = NULL; } if (!DSA_set0_pqg(dsa, pbn, qbn, gbn)) - goto memerr; + goto dsaerr; pbn = qbn = gbn = NULL; if (!DSA_set0_key(dsa, pub_key, priv_key)) - goto memerr; + goto dsaerr; pub_key = priv_key = NULL; *in = p; return dsa; - memerr: - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + dsaerr: + ERR_raise(ERR_LIB_PEM, ERR_R_DSA_LIB); + goto err; + bnerr: + ERR_raise(ERR_LIB_PEM, ERR_R_BN_LIB); + + err: DSA_free(dsa); BN_free(pbn); BN_free(qbn); @@ -452,42 +457,48 @@ RSA *ossl_b2i_RSA_after_header(const unsigned char **in, unsigned int bitlen, rsa = RSA_new(); if (rsa == NULL) - goto memerr; + goto rsaerr; e = BN_new(); if (e == NULL) - goto memerr; + goto bnerr; if (!BN_set_word(e, read_ledword(&pin))) - goto memerr; + goto bnerr; if (!read_lebn(&pin, nbyte, &n)) - goto memerr; + goto bnerr; if (!ispub) { if (!read_lebn(&pin, hnbyte, &p)) - goto memerr; + goto bnerr; if (!read_lebn(&pin, hnbyte, &q)) - goto memerr; + goto bnerr; if (!read_lebn(&pin, hnbyte, &dmp1)) - goto memerr; + goto bnerr; if (!read_lebn(&pin, hnbyte, &dmq1)) - goto memerr; + goto bnerr; if (!read_lebn(&pin, hnbyte, &iqmp)) - goto memerr; + goto bnerr; if (!read_lebn(&pin, nbyte, &d)) - goto memerr; + goto bnerr; if (!RSA_set0_factors(rsa, p, q)) - goto memerr; + goto rsaerr; p = q = NULL; if (!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) - goto memerr; + goto rsaerr; dmp1 = dmq1 = iqmp = NULL; } if (!RSA_set0_key(rsa, n, e, d)) - goto memerr; + goto rsaerr; n = e = d = NULL; *in = pin; return rsa; - memerr: - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + + rsaerr: + ERR_raise(ERR_LIB_PEM, ERR_R_RSA_LIB); + goto err; + bnerr: + ERR_raise(ERR_LIB_PEM, ERR_R_BN_LIB); + + err: BN_free(e); BN_free(n); BN_free(p); @@ -579,7 +590,6 @@ static int do_i2b(unsigned char **out, const EVP_PKEY *pk, int ispub) p = *out; else { if ((p = OPENSSL_malloc(outlen)) == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); outlen = -1; goto end; } @@ -840,7 +850,7 @@ static void *do_PVK_body_key(const unsigned char **in, EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new(); if (cctx == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_EVP_LIB); goto err; } @@ -860,10 +870,8 @@ static void *do_PVK_body_key(const unsigned char **in, goto err; } enctmp = OPENSSL_malloc(keylen + 8); - if (enctmp == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (enctmp == NULL) goto err; - } if (!derive_pvk_key(keybuf, sizeof(keybuf), p, saltlen, (unsigned char *)psbuf, inlen, libctx, propq)) goto err; @@ -941,10 +949,8 @@ static void *do_PVK_key_bio(BIO *in, pem_password_cb *cb, void *u, return 0; buflen = (int)keylen + saltlen; buf = OPENSSL_malloc(buflen); - if (buf == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (buf == NULL) return 0; - } p = buf; if (BIO_read(in, buf, buflen) != buflen) { ERR_raise(ERR_LIB_PEM, PEM_R_PVK_DATA_TOO_SHORT); @@ -1027,10 +1033,8 @@ static int i2b_PVK(unsigned char **out, const EVP_PKEY *pk, int enclevel, p = *out; } else { start = p = OPENSSL_malloc(outlen); - if (p == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (p == NULL) return -1; - } } cctx = EVP_CIPHER_CTX_new(); diff --git a/crypto/pkcs12/p12_add.c b/crypto/pkcs12/p12_add.c index 6fd4184af5..8a56644368 100644 --- a/crypto/pkcs12/p12_add.c +++ b/crypto/pkcs12/p12_add.c @@ -24,16 +24,16 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, PKCS12_SAFEBAG *safebag; if ((bag = PKCS12_BAGS_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return NULL; } bag->type = OBJ_nid2obj(nid1); if (!ASN1_item_pack(obj, it, &bag->value.octet)) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } if ((safebag = PKCS12_SAFEBAG_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } safebag->value.bag = bag; @@ -51,12 +51,12 @@ PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk) PKCS7 *p7; if ((p7 = PKCS7_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return NULL; } p7->type = OBJ_nid2obj(NID_pkcs7_data); if ((p7->d.data = ASN1_OCTET_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } @@ -94,7 +94,7 @@ PKCS7 *PKCS12_pack_p7encdata_ex(int pbe_nid, const char *pass, int passlen, EVP_CIPHER *pbe_ciph_fetch = NULL; if ((p7 = PKCS7_new_ex(ctx, propq)) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return NULL; } if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) { @@ -115,7 +115,7 @@ PKCS7 *PKCS12_pack_p7encdata_ex(int pbe_nid, const char *pass, int passlen, } if (pbe == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm); diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index c4c63a2701..b916db0ab1 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -28,7 +28,7 @@ unsigned char *PKCS12_pbe_crypt_ex(const X509_ALGOR *algor, int max_out_len, mac_len = 0; if (ctx == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_EVP_LIB); goto err; } @@ -67,10 +67,8 @@ unsigned char *PKCS12_pbe_crypt_ex(const X509_ALGOR *algor, } } - if ((out = OPENSSL_malloc(max_out_len)) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + if ((out = OPENSSL_malloc(max_out_len)) == NULL) goto err; - } if (!EVP_CipherUpdate(ctx, out, &i, in, inlen)) { OPENSSL_free(out); @@ -180,7 +178,7 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt_ex(X509_ALGOR *algor, int inlen; if ((oct = ASN1_OCTET_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } inlen = ASN1_item_i2d(obj, &in, it); diff --git a/crypto/pkcs12/p12_init.c b/crypto/pkcs12/p12_init.c index 45aa2f9154..dd469b5c5c 100644 --- a/crypto/pkcs12/p12_init.c +++ b/crypto/pkcs12/p12_init.c @@ -20,7 +20,7 @@ PKCS12 *PKCS12_init_ex(int mode, OSSL_LIB_CTX *ctx, const char *propq) PKCS12 *pkcs12; if ((pkcs12 = PKCS12_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return NULL; } if (!ASN1_INTEGER_set(pkcs12->version, 3)) @@ -29,14 +29,14 @@ PKCS12 *PKCS12_init_ex(int mode, OSSL_LIB_CTX *ctx, const char *propq) ossl_pkcs7_set0_libctx(pkcs12->authsafes, ctx); if (!ossl_pkcs7_set1_propq(pkcs12->authsafes, propq)) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_PKCS7_LIB); goto err; } switch (mode) { case NID_pkcs7_data: if ((pkcs12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } break; diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 41a2d7293e..9f7012a2c9 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -29,7 +29,7 @@ int PKCS12_key_gen_asc_ex(const char *pass, int passlen, unsigned char *salt, unipass = NULL; uniplen = 0; } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_PKCS12_LIB); return 0; } ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter, @@ -59,7 +59,7 @@ int PKCS12_key_gen_utf8_ex(const char *pass, int passlen, unsigned char *salt, unipass = NULL; uniplen = 0; } else if (!OPENSSL_utf82uni(pass, passlen, &unipass, &uniplen)) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_PKCS12_LIB); return 0; } ret = PKCS12_key_gen_uni_ex(unipass, uniplen, salt, saltlen, id, iter, diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c index b0864c1fbf..0f7a437a28 100644 --- a/crypto/pkcs12/p12_kiss.c +++ b/crypto/pkcs12/p12_kiss.c @@ -76,7 +76,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, /* If needed, allocate stack for other certificates */ if ((cert != NULL || ca != NULL) && (ocerts = sk_X509_new_null()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_CRYPTO_LIB); goto err; } diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index afdb8d688b..9497a5ce61 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -241,11 +241,11 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, return PKCS12_ERROR; if (iter > 1) { if ((p12->mac->iter = ASN1_INTEGER_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return 0; } if (!ASN1_INTEGER_set(p12->mac->iter, iter)) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return 0; } } @@ -253,10 +253,8 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, saltlen = PKCS12_SALT_LEN; else if (saltlen < 0) return 0; - if ((p12->mac->salt->data = OPENSSL_malloc(saltlen)) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + if ((p12->mac->salt->data = OPENSSL_malloc(saltlen)) == NULL) return 0; - } p12->mac->salt->length = saltlen; if (salt == NULL) { if (RAND_bytes_ex(p12->authsafes->ctx.libctx, p12->mac->salt->data, @@ -268,7 +266,7 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, X509_SIG_getm(p12->mac->dinfo, &macalg, NULL); if (!X509_ALGOR_set0(macalg, OBJ_nid2obj(EVP_MD_get_type(md_type)), V_ASN1_NULL, NULL)) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return 0; } diff --git a/crypto/pkcs12/p12_p8e.c b/crypto/pkcs12/p12_p8e.c index 9c27534017..1230c8c88c 100644 --- a/crypto/pkcs12/p12_p8e.c +++ b/crypto/pkcs12/p12_p8e.c @@ -84,7 +84,6 @@ X509_SIG *PKCS8_set0_pbe_ex(const char *pass, int passlen, p8 = OPENSSL_zalloc(sizeof(*p8)); if (p8 == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); ASN1_OCTET_STRING_free(enckey); return NULL; } diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c index 4593d595ec..7106936c62 100644 --- a/crypto/pkcs12/p12_sbag.c +++ b/crypto/pkcs12/p12_sbag.c @@ -119,7 +119,7 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, const unsigned PKCS12_SAFEBAG *safebag; if ((bag = PKCS12_BAGS_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return NULL; } bag->type = OBJ_nid2obj(type); @@ -130,7 +130,7 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, const unsigned ASN1_OCTET_STRING *strtmp = ASN1_OCTET_STRING_new(); if (strtmp == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } /* Pack data into an octet string */ @@ -142,7 +142,7 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, const unsigned bag->value.other = ASN1_TYPE_new(); if (bag->value.other == NULL) { ASN1_OCTET_STRING_free(strtmp); - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } ASN1_TYPE_set(bag->value.other, vtype, strtmp); @@ -155,7 +155,7 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, const unsigned } if ((safebag = PKCS12_SAFEBAG_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); goto err; } safebag->value.bag = bag; @@ -174,7 +174,7 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8) PKCS12_SAFEBAG *bag = PKCS12_SAFEBAG_new(); if (bag == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return NULL; } bag->type = OBJ_nid2obj(NID_keyBag); @@ -190,7 +190,7 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8) /* Set up the safe bag */ if (bag == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS12, ERR_R_ASN1_LIB); return NULL; } bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c index 3afc8b2f13..6046b70886 100644 --- a/crypto/pkcs12/p12_utl.c +++ b/crypto/pkcs12/p12_utl.c @@ -24,10 +24,8 @@ unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, if (asclen < 0) return NULL; ulen = asclen * 2 + 2; - if ((unitmp = OPENSSL_malloc(ulen)) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + if ((unitmp = OPENSSL_malloc(ulen)) == NULL) return NULL; - } for (i = 0; i < ulen - 2; i += 2) { unitmp[i] = 0; unitmp[i + 1] = asc[i >> 1]; @@ -57,10 +55,8 @@ char *OPENSSL_uni2asc(const unsigned char *uni, int unilen) if (!unilen || uni[unilen - 1]) asclen++; uni++; - if ((asctmp = OPENSSL_malloc(asclen)) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + if ((asctmp = OPENSSL_malloc(asclen)) == NULL) return NULL; - } for (i = 0; i < unilen; i += 2) asctmp[i >> 1] = uni[i]; asctmp[asclen - 1] = 0; @@ -119,10 +115,8 @@ unsigned char *OPENSSL_utf82uni(const char *asc, int asclen, ulen += 2; /* for trailing UTF16 zero */ - if ((ret = OPENSSL_malloc(ulen)) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + if ((ret = OPENSSL_malloc(ulen)) == NULL) return NULL; - } /* re-run the loop writing down UTF-16 characters in big-endian order */ for (unitmp = ret, i = 0; i < asclen; i += j) { j = UTF8_getc((const unsigned char *)asc+i, asclen-i, &utf32chr); @@ -204,10 +198,8 @@ char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen) if (!unilen || (uni[unilen-2]||uni[unilen - 1])) asclen++; - if ((asctmp = OPENSSL_malloc(asclen)) == NULL) { - ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); + if ((asctmp = OPENSSL_malloc(asclen)) == NULL) return NULL; - } /* re-run the loop emitting UTF-8 string */ for (asclen = 0, i = 0; i < unilen; ) { diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c index 1cd867721e..e338b8f1af 100644 --- a/crypto/pkcs7/pk7_asn1.c +++ b/crypto/pkcs7/pk7_asn1.c @@ -104,7 +104,6 @@ PKCS7 *PKCS7_new_ex(OSSL_LIB_CTX *libctx, const char *propq) if (pkcs7->ctx.propq == NULL) { PKCS7_free(pkcs7); pkcs7 = NULL; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); } } } diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c index e9904c5950..68f0a5c290 100644 --- a/crypto/pkcs7/pk7_attr.c +++ b/crypto/pkcs7/pk7_attr.c @@ -23,7 +23,7 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, ASN1_STRING *seq; if ((seq = ASN1_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); return 0; } seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data, @@ -53,19 +53,22 @@ int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) X509_ALGOR *alg; if ((alg = X509_ALGOR_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); return 0; } ASN1_OBJECT_free(alg->algorithm); alg->algorithm = OBJ_nid2obj(nid); if (arg > 0) { if ((alg->parameter = ASN1_TYPE_new()) == NULL) { + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); goto err; } if ((nbit = ASN1_INTEGER_new()) == NULL) { + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); goto err; } if (!ASN1_INTEGER_set(nbit, arg)) { + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); goto err; } alg->parameter->value.integer = nbit; @@ -73,11 +76,11 @@ int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) nbit = NULL; } if (!sk_X509_ALGOR_push(sk, alg)) { + ERR_raise(ERR_LIB_PKCS7, ERR_R_CRYPTO_LIB); goto err; } return 1; err: - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); ASN1_INTEGER_free(nbit); X509_ALGOR_free(alg); return 0; @@ -96,7 +99,7 @@ int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid) int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t) { if (t == NULL && (t = X509_gmtime_adj(NULL, 0)) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB); return 0; } return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 13a820345e..31b368bda3 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -127,11 +127,8 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, goto err; ek = OPENSSL_malloc(eklen); - - if (ek == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + if (ek == NULL) goto err; - } if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0) goto err; @@ -171,11 +168,8 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, goto err; ek = OPENSSL_malloc(eklen); - - if (ek == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + if (ek == NULL) goto err; - } if (EVP_PKEY_decrypt(pctx, ek, &eklen, ri->enc_key->data, ri->enc_key->length) <= 0 @@ -694,7 +688,7 @@ static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx) /* Add signing time if not already present */ if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) { if (!PKCS7_add0_attrib_signing_time(si, NULL)) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_PKCS7_LIB); return 0; } } @@ -705,7 +699,7 @@ static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx) return 0; } if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_PKCS7_LIB); return 0; } @@ -742,7 +736,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) ctx_tmp = EVP_MD_CTX_new(); if (ctx_tmp == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB); return 0; } @@ -760,7 +754,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) if (os == NULL) { os = ASN1_OCTET_STRING_new(); if (os == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); goto err; } p7->d.signed_and_enveloped->enc_data->enc_data = os; @@ -772,7 +766,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) if (os == NULL) { os = ASN1_OCTET_STRING_new(); if (os == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); goto err; } p7->d.enveloped->enc_data->enc_data = os; @@ -911,7 +905,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) mctx = EVP_MD_CTX_new(); if (mctx == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB); goto err; } @@ -1027,7 +1021,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, mdc_tmp = EVP_MD_CTX_new(); if (mdc_tmp == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB); goto err; } diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index eaa46a3338..188f421d87 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -224,7 +224,7 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) if ((alg = X509_ALGOR_new()) == NULL || (alg->parameter = ASN1_TYPE_new()) == NULL) { X509_ALGOR_free(alg); - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); return 0; } /* @@ -290,7 +290,7 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) if (*sk == NULL) *sk = sk_X509_CRL_new_null(); if (*sk == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_CRYPTO_LIB); return 0; } @@ -483,10 +483,8 @@ int ossl_pkcs7_set1_propq(PKCS7 *p7, const char *propq) } if (propq != NULL) { p7->ctx.propq = OPENSSL_strdup(propq); - if (p7->ctx.propq == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (p7->ctx.propq == NULL) return 0; - } } return 1; } @@ -514,7 +512,7 @@ int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) { if (PKCS7_type_is_digest(p7)) { if ((p7->d.digest->md->parameter = ASN1_TYPE_new()) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB); return 0; } p7->d.digest->md->parameter->type = V_ASN1_NULL; diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index 21a317446d..a635e4ddce 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -28,7 +28,7 @@ PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, int i; if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_PKCS7_LIB); return NULL; } @@ -77,7 +77,7 @@ int PKCS7_final(PKCS7 *p7, BIO *data, int flags) int ret = 0; if ((p7bio = PKCS7_dataInit(p7, NULL)) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_PKCS7_LIB); return 0; } @@ -144,7 +144,7 @@ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, /* Add SMIMECapabilities */ if (!(flags & PKCS7_NOSMIMECAP)) { if ((smcap = sk_X509_ALGOR_new_null()) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_CRYPTO_LIB); goto err; } if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) @@ -306,7 +306,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, if (flags & PKCS7_TEXT) { if ((tmpout = BIO_new(BIO_s_mem())) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB); goto err; } BIO_set_mem_eof_return(tmpout, 0); @@ -314,10 +314,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, tmpout = out; /* We now have to 'read' from p7bio to calculate digests etc. */ - if ((buf = OPENSSL_malloc(BUFFERSIZE)) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(BUFFERSIZE)) == NULL) goto err; - } for (;;) { i = BIO_read(p7bio, buf, BUFFERSIZE); if (i <= 0) @@ -389,7 +387,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, } if ((signers = sk_X509_new_null()) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_CRYPTO_LIB); return NULL; } @@ -432,7 +430,7 @@ PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in, X509 *x509; if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_PKCS7_LIB); return NULL; } @@ -503,12 +501,12 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) BIO *tmpbuf, *bread; /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ if ((tmpbuf = BIO_new(BIO_f_buffer())) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB); BIO_free_all(tmpmem); return 0; } if ((bread = BIO_push(tmpbuf, tmpmem)) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB); BIO_free_all(tmpbuf); BIO_free_all(tmpmem); return 0; @@ -521,10 +519,8 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) BIO_free_all(bread); return ret; } - if ((buf = OPENSSL_malloc(BUFFERSIZE)) == NULL) { - ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(BUFFERSIZE)) == NULL) goto err; - } for (;;) { i = BIO_read(tmpmem, buf, BUFFERSIZE); if (i <= 0) { diff --git a/crypto/provider.c b/crypto/provider.c index 114b426929..65f919aec2 100644 --- a/crypto/provider.c +++ b/crypto/provider.c @@ -123,10 +123,8 @@ int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name, } memset(&entry, 0, sizeof(entry)); entry.name = OPENSSL_strdup(name); - if (entry.name == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (entry.name == NULL) return 0; - } entry.init = init_fn; if (!ossl_provider_info_add_to_store(libctx, &entry)) { ossl_provider_info_clear(&entry); diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c index 058fb58837..9751caac8e 100644 --- a/crypto/provider_conf.c +++ b/crypto/provider_conf.c @@ -256,17 +256,13 @@ static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name, ok = 1; if (name != NULL) { entry.name = OPENSSL_strdup(name); - if (entry.name == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (entry.name == NULL) ok = 0; - } } if (ok && path != NULL) { entry.path = OPENSSL_strdup(path); - if (entry.path == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (entry.path == NULL) ok = 0; - } } if (ok) ok = provider_conf_params(NULL, &entry, NULL, value, cnf); diff --git a/crypto/provider_core.c b/crypto/provider_core.c index d224375571..afc3c4a559 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -372,10 +372,8 @@ int ossl_provider_info_add_to_store(OSSL_LIB_CTX *libctx, if (store->provinfosz == 0) { store->provinfo = OPENSSL_zalloc(sizeof(*store->provinfo) * BUILTINS_BLOCK_SIZE); - if (store->provinfo == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (store->provinfo == NULL) goto err; - } store->provinfosz = BUILTINS_BLOCK_SIZE; } else if (store->numprovinfo == store->provinfosz) { OSSL_PROVIDER_INFO *tmpbuiltins; @@ -383,10 +381,8 @@ int ossl_provider_info_add_to_store(OSSL_LIB_CTX *libctx, tmpbuiltins = OPENSSL_realloc(store->provinfo, sizeof(*store->provinfo) * newsz); - if (tmpbuiltins == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (tmpbuiltins == NULL) goto err; - } store->provinfo = tmpbuiltins; store->provinfosz = newsz; } @@ -448,26 +444,29 @@ static OSSL_PROVIDER *provider_new(const char *name, { OSSL_PROVIDER *prov = NULL; - if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL + if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL) + return NULL; #ifndef HAVE_ATOMICS - || (prov->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL -#endif - ) { + if ((prov->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) { OPENSSL_free(prov); - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); return NULL; } +#endif prov->refcnt = 1; /* 1 One reference to be returned */ if ((prov->opbits_lock = CRYPTO_THREAD_lock_new()) == NULL || (prov->flag_lock = CRYPTO_THREAD_lock_new()) == NULL - || (prov->name = OPENSSL_strdup(name)) == NULL || (prov->parameters = sk_INFOPAIR_deep_copy(parameters, infopair_copy, infopair_free)) == NULL) { ossl_provider_free(prov); - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); + return NULL; + } + if ((prov->name = OPENSSL_strdup(name)) == NULL) { + ossl_provider_free(prov); return NULL; } @@ -639,7 +638,7 @@ int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, if (actualprov != NULL) { if (!ossl_provider_up_ref(actualtmp)) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); actualtmp = NULL; return 0; } @@ -737,7 +736,6 @@ int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *module_path) return 1; if ((prov->path = OPENSSL_strdup(module_path)) != NULL) return 1; - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } @@ -746,20 +744,26 @@ static int infopair_add(STACK_OF(INFOPAIR) **infopairsk, const char *name, { INFOPAIR *pair = NULL; - if ((pair = OPENSSL_zalloc(sizeof(*pair))) != NULL - && (*infopairsk != NULL - || (*infopairsk = sk_INFOPAIR_new_null()) != NULL) - && (pair->name = OPENSSL_strdup(name)) != NULL - && (pair->value = OPENSSL_strdup(value)) != NULL - && sk_INFOPAIR_push(*infopairsk, pair) > 0) - return 1; + if ((pair = OPENSSL_zalloc(sizeof(*pair))) == NULL + || (pair->name = OPENSSL_strdup(name)) == NULL + || (pair->value = OPENSSL_strdup(value)) == NULL) + goto err; + if ((*infopairsk == NULL + && (*infopairsk = sk_INFOPAIR_new_null()) == NULL) + || sk_INFOPAIR_push(*infopairsk, pair) <= 0) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB); + goto err; + } + + return 1; + + err: if (pair != NULL) { OPENSSL_free(pair->name); OPENSSL_free(pair->value); OPENSSL_free(pair); } - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } @@ -798,10 +802,8 @@ int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, if (path != NULL) { p = OPENSSL_strdup(path); - if (p == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (p == NULL) return 0; - } } if ((store = get_provider_store(libctx)) != NULL && CRYPTO_THREAD_write_lock(store->default_path_lock)) { @@ -863,10 +865,8 @@ static int provider_init(OSSL_PROVIDER *prov) if (store->default_path != NULL) { allocated_load_dir = OPENSSL_strdup(store->default_path); CRYPTO_THREAD_unlock(store->default_path_lock); - if (allocated_load_dir == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (allocated_load_dir == NULL) goto end; - } load_dir = allocated_load_dir; } else { CRYPTO_THREAD_unlock(store->default_path_lock); @@ -1599,7 +1599,6 @@ int ossl_provider_set_operation_bit(OSSL_PROVIDER *provider, size_t bitnum) if (tmp == NULL) { CRYPTO_THREAD_unlock(provider->opbits_lock); - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); return 0; } provider->operation_bits = tmp; diff --git a/crypto/rand/prov_seed.c b/crypto/rand/prov_seed.c index b394242f71..546c204094 100644 --- a/crypto/rand/prov_seed.c +++ b/crypto/rand/prov_seed.c @@ -22,7 +22,7 @@ size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, pool = ossl_rand_pool_new(entropy, 1, min_len, max_len); if (pool == NULL) { - ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB); return 0; } @@ -53,7 +53,7 @@ size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, pool = ossl_rand_pool_new(0, 0, min_len, max_len); if (pool == NULL) { - ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB); return 0; } diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 227c505117..c69fc4f2af 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -731,10 +731,8 @@ static int random_set_string(char **p, const char *s) if (s != NULL) { d = OPENSSL_strdup(s); - if (d == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (d == NULL) return 0; - } } OPENSSL_free(*p); *p = d; diff --git a/crypto/rand/rand_pool.c b/crypto/rand/rand_pool.c index 55f14be60e..8dc230b540 100644 --- a/crypto/rand/rand_pool.c +++ b/crypto/rand/rand_pool.c @@ -25,10 +25,8 @@ RAND_POOL *ossl_rand_pool_new(int entropy_requested, int secure, RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool)); size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure); - if (pool == NULL) { - ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); + if (pool == NULL) return NULL; - } pool->min_len = min_len; pool->max_len = (max_len > RAND_POOL_MAX_LENGTH) ? @@ -42,10 +40,8 @@ RAND_POOL *ossl_rand_pool_new(int entropy_requested, int secure, else pool->buffer = OPENSSL_zalloc(pool->alloc_len); - if (pool->buffer == NULL) { - ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); + if (pool->buffer == NULL) goto err; - } pool->entropy_requested = entropy_requested; pool->secure = secure; @@ -67,10 +63,8 @@ RAND_POOL *ossl_rand_pool_attach(const unsigned char *buffer, size_t len, { RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool)); - if (pool == NULL) { - ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); + if (pool == NULL) return NULL; - } /* * The const needs to be cast away, but attached buffers will not be @@ -222,10 +216,8 @@ static int rand_pool_grow(RAND_POOL *pool, size_t len) p = OPENSSL_secure_zalloc(newlen); else p = OPENSSL_zalloc(newlen); - if (p == NULL) { - ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); + if (p == NULL) return 0; - } memcpy(p, pool->buffer, pool->len); if (pool->secure) OPENSSL_secure_clear_free(pool->buffer, pool->alloc_len); diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 9d5c32776d..03bbeecee0 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -151,14 +151,14 @@ static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); if (rklen <= 0) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_ASN1_LIB); ASN1_STRING_free(str); return 0; } if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0, strtype, str, rk, rklen)) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_ASN1_LIB); ASN1_STRING_free(str); OPENSSL_clear_free(rk, rklen); return 0; @@ -799,7 +799,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, int ok = 0; if (rsa == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_DH, ERR_R_RSA_LIB); return 0; } diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index bc658d9d30..c416d4bf61 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -401,10 +401,8 @@ RSA *ossl_rsa_dup(const RSA *rsa, int selection) const RSA_PRIME_INFO *pinfo = NULL; RSA_PRIME_INFO *duppinfo = NULL; - if ((duppinfo = OPENSSL_zalloc(sizeof(*duppinfo))) == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if ((duppinfo = OPENSSL_zalloc(sizeof(*duppinfo))) == NULL) goto err; - } /* push first so cleanup in error case works */ (void)sk_RSA_PRIME_INFO_push(dupkey->prime_infos, duppinfo); diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 8ab1166874..f2fc89285b 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -51,7 +51,7 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) if (i == NULL || j == NULL || k == NULL || l == NULL || m == NULL || ctx == NULL) { ret = -1; - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c index 6bc6aafcc8..21c922e609 100644 --- a/crypto/rsa/rsa_crpt.c +++ b/crypto/rsa/rsa_crpt.c @@ -129,7 +129,7 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) BN_CTX_start(ctx); e = BN_CTX_get(ctx); if (e == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } @@ -147,7 +147,7 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) BIGNUM *n = BN_new(); if (n == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 9588a75964..fa3561c33f 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -76,15 +76,13 @@ static RSA *rsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx) { RSA *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -787,10 +785,8 @@ int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, goto err; /* Using ossl_rsa_multip_info_new() is wasteful, so allocate directly */ - if ((pinfo = OPENSSL_zalloc(sizeof(*pinfo))) == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if ((pinfo = OPENSSL_zalloc(sizeof(*pinfo))) == NULL) goto err; - } pinfo->r = prime; pinfo->d = exp; diff --git a/crypto/rsa/rsa_meth.c b/crypto/rsa/rsa_meth.c index 82f13bb359..f04098bd08 100644 --- a/crypto/rsa/rsa_meth.c +++ b/crypto/rsa/rsa_meth.c @@ -31,7 +31,6 @@ RSA_METHOD *RSA_meth_new(const char *name, int flags) OPENSSL_free(meth); } - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); return NULL; } @@ -57,7 +56,6 @@ RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth) OPENSSL_free(ret); } - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); return NULL; } @@ -70,10 +68,8 @@ int RSA_meth_set1_name(RSA_METHOD *meth, const char *name) { char *tmpname = OPENSSL_strdup(name); - if (tmpname == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (tmpname == NULL) return 0; - } OPENSSL_free(meth->name); meth->name = tmpname; diff --git a/crypto/rsa/rsa_mp.c b/crypto/rsa/rsa_mp.c index b785344cf0..45e2280944 100644 --- a/crypto/rsa/rsa_mp.c +++ b/crypto/rsa/rsa_mp.c @@ -33,10 +33,8 @@ RSA_PRIME_INFO *ossl_rsa_multip_info_new(void) RSA_PRIME_INFO *pinfo; /* create a RSA_PRIME_INFO structure */ - if ((pinfo = OPENSSL_zalloc(sizeof(RSA_PRIME_INFO))) == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if ((pinfo = OPENSSL_zalloc(sizeof(RSA_PRIME_INFO))) == NULL) return NULL; - } if ((pinfo->r = BN_secure_new()) == NULL) goto err; if ((pinfo->d = BN_secure_new()) == NULL) diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index d9be1a4f98..b9030440c4 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -112,10 +112,8 @@ int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx, dbmask_len = emlen - mdlen; dbmask = OPENSSL_malloc(dbmask_len); - if (dbmask == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (dbmask == NULL) goto err; - } /* step 3e: dbMask = MGF(mgfSeed, nLen - HLen - 1) */ if (PKCS1_MGF1(dbmask, dbmask_len, seed, mdlen, mgf1md) < 0) @@ -203,16 +201,12 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, dblen = num - mdlen - 1; db = OPENSSL_malloc(dblen); - if (db == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (db == NULL) goto cleanup; - } em = OPENSSL_malloc(num); - if (em == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (em == NULL) goto cleanup; - } /* * Caller is encouraged to pass zero-padded message created with diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index 381c659352..54e2a1c61c 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -104,10 +104,8 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = OPENSSL_malloc(num); - if (ret == NULL || buf == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (ret == NULL || buf == NULL) goto err; - } switch (padding) { case RSA_PKCS1_PADDING: @@ -261,10 +259,8 @@ static int rsa_ossl_private_encrypt(int flen, const unsigned char *from, ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); buf = OPENSSL_malloc(num); - if (ret == NULL || buf == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (ret == NULL || buf == NULL) goto err; - } switch (padding) { case RSA_PKCS1_PADDING: @@ -307,7 +303,7 @@ static int rsa_ossl_private_encrypt(int flen, const unsigned char *from, if (blinding != NULL) { if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } if (!rsa_blinding_convert(blinding, f, unblind, ctx)) @@ -324,7 +320,7 @@ static int rsa_ossl_private_encrypt(int flen, const unsigned char *from, } else { BIGNUM *d = BN_new(); if (d == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } if (rsa->d == NULL) { @@ -391,12 +387,14 @@ static int rsa_ossl_private_decrypt(int flen, const unsigned char *from, BN_CTX_start(ctx); f = BN_CTX_get(ctx); ret = BN_CTX_get(ctx); - num = BN_num_bytes(rsa->n); - buf = OPENSSL_malloc(num); - if (ret == NULL || buf == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (ret == NULL) { + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } + num = BN_num_bytes(rsa->n); + buf = OPENSSL_malloc(num); + if (buf == NULL) + goto err; /* * This check was for equality but PGP does evil things and chops off the @@ -426,7 +424,7 @@ static int rsa_ossl_private_decrypt(int flen, const unsigned char *from, if (blinding != NULL) { if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } if (!rsa_blinding_convert(blinding, f, unblind, ctx)) @@ -444,7 +442,7 @@ static int rsa_ossl_private_decrypt(int flen, const unsigned char *from, } else { BIGNUM *d = BN_new(); if (d == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } if (rsa->d == NULL) { @@ -540,12 +538,14 @@ static int rsa_ossl_public_decrypt(int flen, const unsigned char *from, BN_CTX_start(ctx); f = BN_CTX_get(ctx); ret = BN_CTX_get(ctx); - num = BN_num_bytes(rsa->n); - buf = OPENSSL_malloc(num); - if (ret == NULL || buf == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (ret == NULL) { + ERR_raise(ERR_LIB_RSA, ERR_R_BN_LIB); goto err; } + num = BN_num_bytes(rsa->n); + buf = OPENSSL_malloc(num); + if (buf == NULL) + goto err; /* * This check was for equality but PGP does evil things and chops off the diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 51507fc030..5f72fe1735 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -188,10 +188,8 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } em = OPENSSL_malloc(num); - if (em == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (em == NULL) return -1; - } /* * Caller is encouraged to pass zero-padded message created with * BN_bn2binpad. Trouble is that since we can't read out of |from|'s diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 1eebfea2cc..8b35e5c3c6 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -112,10 +112,8 @@ static int setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk) if (ctx->tbuf != NULL) return 1; if ((ctx->tbuf = - OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pk->pkey)))) == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pk->pkey)))) == NULL) return 0; - } return 1; } @@ -164,7 +162,7 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, return -1; } if (!setup_tbuf(rctx, ctx)) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_RSA, ERR_R_RSA_LIB); return -1; } memcpy(rctx->tbuf, tbs, tbslen); diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index 33874bfef8..0b408d9bfb 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -97,10 +97,8 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; DB = OPENSSL_malloc(maskedDBLen); - if (DB == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (DB == NULL) goto err; - } if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) goto err; for (i = 0; i < maskedDBLen; i++) @@ -201,10 +199,8 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } if (sLen > 0) { salt = OPENSSL_malloc(sLen); - if (salt == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (salt == NULL) goto err; - } if (RAND_bytes_ex(rsa->libctx, salt, sLen, 0) <= 0) goto err; } diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index 58fa50785b..dc96b6dada 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -40,10 +40,8 @@ int RSA_sign_ASN1_OCTET_STRING(int type, return 0; } s = OPENSSL_malloc((unsigned int)j + 1); - if (s == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (s == NULL) return 0; - } p = s; i2d_ASN1_OCTET_STRING(&sig, &p); i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING); @@ -72,10 +70,8 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, } s = OPENSSL_malloc((unsigned int)siglen); - if (s == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (s == NULL) goto err; - } i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING); if (i <= 0) diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index c5a664dc0b..cec4d639e3 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -258,10 +258,8 @@ static int encode_pkcs1(unsigned char **out, size_t *out_len, int type, } dig_info_len = di_prefix_len + m_len; dig_info = OPENSSL_malloc(dig_info_len); - if (dig_info == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (dig_info == NULL) return 0; - } memcpy(dig_info, di_prefix, di_prefix_len); memcpy(dig_info + di_prefix_len, m, m_len); @@ -343,10 +341,8 @@ int ossl_rsa_verify(int type, const unsigned char *m, unsigned int m_len, /* Recover the encoded digest. */ decrypt_buf = OPENSSL_malloc(siglen); - if (decrypt_buf == NULL) { - ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); + if (decrypt_buf == NULL) goto err; - } len = RSA_public_decrypt((int)siglen, sigbuf, decrypt_buf, rsa, RSA_PKCS1_PADDING); diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c index 5318c6199f..971d348cce 100644 --- a/crypto/sm2/sm2_crypt.c +++ b/crypto/sm2/sm2_crypt.c @@ -151,9 +151,13 @@ int ossl_sm2_encrypt(const EC_KEY *key, kG = EC_POINT_new(group); kP = EC_POINT_new(group); + if (kG == NULL || kP == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_EC_LIB); + goto done; + } ctx = BN_CTX_new_ex(libctx); - if (kG == NULL || kP == NULL || ctx == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -172,10 +176,8 @@ int ossl_sm2_encrypt(const EC_KEY *key, x2y2 = OPENSSL_zalloc(2 * field_size); C3 = OPENSSL_zalloc(C3_size); - if (x2y2 == NULL || C3 == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (x2y2 == NULL || C3 == NULL) goto done; - } memset(ciphertext_buf, 0, *ciphertext_len); @@ -199,10 +201,8 @@ int ossl_sm2_encrypt(const EC_KEY *key, } msg_mask = OPENSSL_zalloc(msg_len); - if (msg_mask == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (msg_mask == NULL) goto done; - } /* X9.63 with no salt happens to match the KDF used in SM2 */ if (!ossl_ecdh_kdf_X9_63(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0, @@ -234,7 +234,7 @@ int ossl_sm2_encrypt(const EC_KEY *key, ctext_struct.C2 = ASN1_OCTET_STRING_new(); if (ctext_struct.C3 == NULL || ctext_struct.C2 == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_ASN1_LIB); goto done; } if (!ASN1_OCTET_STRING_set(ctext_struct.C3, C3, C3_size) @@ -319,7 +319,7 @@ int ossl_sm2_decrypt(const EC_KEY *key, ctx = BN_CTX_new_ex(libctx); if (ctx == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -336,14 +336,12 @@ int ossl_sm2_decrypt(const EC_KEY *key, x2y2 = OPENSSL_zalloc(2 * field_size); computed_C3 = OPENSSL_zalloc(hash_size); - if (msg_mask == NULL || x2y2 == NULL || computed_C3 == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (msg_mask == NULL || x2y2 == NULL || computed_C3 == NULL) goto done; - } C1 = EC_POINT_new(group); if (C1 == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_EC_LIB); goto done; } @@ -369,7 +367,7 @@ int ossl_sm2_decrypt(const EC_KEY *key, hash = EVP_MD_CTX_new(); if (hash == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_EVP_LIB); goto done; } diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c index a2e644b642..7113f4740b 100644 --- a/crypto/sm2/sm2_sign.c +++ b/crypto/sm2/sm2_sign.c @@ -43,9 +43,13 @@ int ossl_sm2_compute_z_digest(uint8_t *out, uint8_t e_byte = 0; hash = EVP_MD_CTX_new(); + if (hash == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_EVP_LIB); + goto done; + } ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(key)); - if (hash == NULL || ctx == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -58,7 +62,7 @@ int ossl_sm2_compute_z_digest(uint8_t *out, yA = BN_CTX_get(ctx); if (yA == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -100,10 +104,8 @@ int ossl_sm2_compute_z_digest(uint8_t *out, p_bytes = BN_num_bytes(p); buf = OPENSSL_zalloc(p_bytes); - if (buf == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (buf == NULL) goto done; - } if (BN_bn2binpad(a, buf, p_bytes) < 0 || !EVP_DigestUpdate(hash, buf, p_bytes) @@ -155,13 +157,15 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest, ERR_raise(ERR_LIB_SM2, SM2_R_INVALID_DIGEST); goto done; } - - z = OPENSSL_zalloc(md_size); - if (hash == NULL || z == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (hash == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_EVP_LIB); goto done; } + z = OPENSSL_zalloc(md_size); + if (z == NULL) + goto done; + fetched_digest = EVP_MD_fetch(libctx, EVP_MD_get0_name(digest), propq); if (fetched_digest == NULL) { ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR); @@ -210,9 +214,13 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) OSSL_LIB_CTX *libctx = ossl_ec_key_get_libctx(key); kG = EC_POINT_new(group); + if (kG == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_EC_LIB); + goto done; + } ctx = BN_CTX_new_ex(libctx); - if (kG == NULL || ctx == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) { + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -222,7 +230,7 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) x1 = BN_CTX_get(ctx); tmp = BN_CTX_get(ctx); if (tmp == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -234,7 +242,7 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) s = BN_new(); if (r == NULL || s == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -288,7 +296,7 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) sig = ECDSA_SIG_new(); if (sig == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_ECDSA_LIB); goto done; } @@ -325,7 +333,7 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig, ctx = BN_CTX_new_ex(libctx); pt = EC_POINT_new(group); if (ctx == NULL || pt == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_EC_LIB); goto done; } @@ -333,7 +341,7 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig, t = BN_CTX_get(ctx); x1 = BN_CTX_get(ctx); if (x1 == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_BN_LIB); goto done; } @@ -481,7 +489,7 @@ int ossl_sm2_internal_verify(const unsigned char *dgst, int dgstlen, s = ECDSA_SIG_new(); if (s == NULL) { - ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SM2, ERR_R_ECDSA_LIB); goto done; } if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL) { diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c index 2f36b27744..b490845e22 100644 --- a/crypto/srp/srp_vfy.c +++ b/crypto/srp/srp_vfy.c @@ -191,10 +191,8 @@ SRP_user_pwd *SRP_user_pwd_new(void) { SRP_user_pwd *ret; - if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { - /* ERR_raise(ERR_LIB_SRP, ERR_R_MALLOC_FAILURE); */ /*ckerr_ignore*/ + if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) return NULL; - } ret->N = NULL; ret->g = NULL; ret->s = NULL; diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c index 0ef62d623f..7e1c24515c 100644 --- a/crypto/stack/stack.c +++ b/crypto/stack/stack.c @@ -75,7 +75,6 @@ OPENSSL_STACK *OPENSSL_sk_dup(const OPENSSL_STACK *sk) return ret; err: - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); OPENSSL_sk_free(ret); return NULL; } @@ -124,7 +123,6 @@ OPENSSL_STACK *OPENSSL_sk_deep_copy(const OPENSSL_STACK *sk, return ret; err: - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); OPENSSL_sk_free(ret); return NULL; } @@ -198,10 +196,8 @@ static int sk_reserve(OPENSSL_STACK *st, int n, int exact) * At this point, |st->num_alloc| and |st->num| are 0; * so |num_alloc| value is |n| or |min_nodes| if greater than |n|. */ - if ((st->data = OPENSSL_zalloc(sizeof(void *) * num_alloc)) == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if ((st->data = OPENSSL_zalloc(sizeof(void *) * num_alloc)) == NULL) return 0; - } st->num_alloc = num_alloc; return 1; } @@ -219,10 +215,8 @@ static int sk_reserve(OPENSSL_STACK *st, int n, int exact) } tmpdata = OPENSSL_realloc((void *)st->data, sizeof(void *) * num_alloc); - if (tmpdata == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (tmpdata == NULL) return 0; - } st->data = tmpdata; st->num_alloc = num_alloc; @@ -233,10 +227,8 @@ OPENSSL_STACK *OPENSSL_sk_new_reserve(OPENSSL_sk_compfunc c, int n) { OPENSSL_STACK *st = OPENSSL_zalloc(sizeof(OPENSSL_STACK)); - if (st == NULL) { - ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); + if (st == NULL) return NULL; - } st->comp = c; diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 3d91f159b6..2a2894b617 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -168,10 +168,8 @@ OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, OSSL_TRACE2(STORE, "Opened %s => %p\n", uri, (void *)loader_ctx); if ((propq != NULL && (propq_copy = OPENSSL_strdup(propq)) == NULL) - || (ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + || (ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) goto err; - } if (ui_method != NULL && (!ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data) @@ -338,7 +336,7 @@ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search) } if ((bld = OSSL_PARAM_BLD_new()) == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); return 0; } @@ -562,7 +560,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name) OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_NAME, NULL); if (info == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_OSSL_STORE_LIB); return NULL; } @@ -588,7 +586,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params) OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_PARAMS, params); if (info == NULL) - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_OSSL_STORE_LIB); return info; } @@ -597,7 +595,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pkey) OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_PUBKEY, pkey); if (info == NULL) - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_OSSL_STORE_LIB); return info; } @@ -606,7 +604,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey) OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_PKEY, pkey); if (info == NULL) - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_OSSL_STORE_LIB); return info; } @@ -615,7 +613,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509) OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_CERT, x509); if (info == NULL) - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_OSSL_STORE_LIB); return info; } @@ -624,7 +622,7 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl) OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_CRL, crl); if (info == NULL) - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_OSSL_STORE_LIB); return info; } @@ -652,13 +650,8 @@ const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *info) char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *info) { - if (info->type == OSSL_STORE_INFO_NAME) { - char *ret = OPENSSL_strdup(info->_.name.name); - - if (ret == NULL) - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); - return ret; - } + if (info->type == OSSL_STORE_INFO_NAME) + return OPENSSL_strdup(info->_.name.name); ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME); return NULL; } @@ -672,14 +665,8 @@ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO *info) char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info) { - if (info->type == OSSL_STORE_INFO_NAME) { - char *ret = OPENSSL_strdup(info->_.name.desc - ? info->_.name.desc : ""); - - if (ret == NULL) - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); - return ret; - } + if (info->type == OSSL_STORE_INFO_NAME) + return OPENSSL_strdup(info->_.name.desc ? info->_.name.desc : ""); ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME); return NULL; } @@ -858,10 +845,8 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name) { OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); - if (search == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + if (search == NULL) return NULL; - } search->search_type = OSSL_STORE_SEARCH_BY_NAME; search->name = name; @@ -873,10 +858,8 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name, { OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); - if (search == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + if (search == NULL) return NULL; - } search->search_type = OSSL_STORE_SEARCH_BY_ISSUER_SERIAL; search->name = name; @@ -890,10 +873,8 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest, { OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); - if (search == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + if (search == NULL) return NULL; - } if (digest != NULL && len != (size_t)EVP_MD_get_size(digest)) { ERR_raise_data(ERR_LIB_OSSL_STORE, @@ -915,10 +896,8 @@ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias) { OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); - if (search == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + if (search == NULL) return NULL; - } search->search_type = OSSL_STORE_SEARCH_BY_ALIAS; search->string = (const unsigned char *)alias; @@ -1017,7 +996,6 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bp, const char *scheme, if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { ERR_clear_last_mark(); - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/crypto/store/store_register.c b/crypto/store/store_register.c index 6fa7352ccd..6f73e19720 100644 --- a/crypto/store/store_register.c +++ b/crypto/store/store_register.c @@ -43,10 +43,8 @@ OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme) return NULL; } - if ((res = OPENSSL_zalloc(sizeof(*res))) == NULL) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + if ((res = OPENSSL_zalloc(sizeof(*res))) == NULL) return NULL; - } res->engine = e; res->scheme = scheme; @@ -191,7 +189,8 @@ int ossl_store_register_loader_int(OSSL_STORE_LOADER *loader) } if (!RUN_ONCE(®istry_init, do_registry_init)) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + /* Should this error be raised in do_registry_init()? */ + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); return 0; } if (!CRYPTO_THREAD_write_lock(registry_lock)) @@ -224,7 +223,8 @@ const OSSL_STORE_LOADER *ossl_store_get0_loader_int(const char *scheme) template.open_ex = NULL; if (!RUN_ONCE(®istry_init, do_registry_init)) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + /* Should this error be raised in do_registry_init()? */ + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); return NULL; } if (!CRYPTO_THREAD_write_lock(registry_lock)) @@ -254,7 +254,8 @@ OSSL_STORE_LOADER *ossl_store_unregister_loader_int(const char *scheme) template.closefn = NULL; if (!RUN_ONCE(®istry_init, do_registry_init)) { - ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); + /* Should this error be raised in do_registry_init()? */ + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); return NULL; } if (!CRYPTO_THREAD_write_lock(registry_lock)) diff --git a/crypto/ts/ts_req_utils.c b/crypto/ts/ts_req_utils.c index b560fc7b38..89e1bda450 100644 --- a/crypto/ts/ts_req_utils.c +++ b/crypto/ts/ts_req_utils.c @@ -32,7 +32,7 @@ int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint) return 1; new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint); if (new_msg_imprint == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_TS_LIB); return 0; } TS_MSG_IMPRINT_free(a->msg_imprint); @@ -53,7 +53,7 @@ int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg) return 1; new_alg = X509_ALGOR_dup(alg); if (new_alg == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } X509_ALGOR_free(a->hash_algo); @@ -84,7 +84,7 @@ int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy) return 1; new_policy = OBJ_dup(policy); if (new_policy == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_OBJ_LIB); return 0; } ASN1_OBJECT_free(a->policy_id); @@ -105,7 +105,7 @@ int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce) return 1; new_nonce = ASN1_INTEGER_dup(nonce); if (new_nonce == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } ASN1_INTEGER_free(a->nonce); diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c index 88be6fa7bc..79d3e67837 100644 --- a/crypto/ts/ts_rsp_sign.c +++ b/crypto/ts/ts_rsp_sign.c @@ -52,7 +52,7 @@ static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data) return serial; err: - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, "Error during serial number generation."); ASN1_INTEGER_free(serial); @@ -95,16 +95,13 @@ TS_RESP_CTX *TS_RESP_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { TS_RESP_CTX *ctx; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return NULL; - } if (propq != NULL) { ctx->propq = OPENSSL_strdup(propq); if (ctx->propq == NULL) { OPENSSL_free(ctx); - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); return NULL; } } @@ -173,7 +170,7 @@ int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy) goto err; return 1; err: - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_OBJ_LIB); return 0; } @@ -190,16 +187,21 @@ int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy) ASN1_OBJECT *copy = NULL; if (ctx->policies == NULL - && (ctx->policies = sk_ASN1_OBJECT_new_null()) == NULL) + && (ctx->policies = sk_ASN1_OBJECT_new_null()) == NULL) { + ERR_raise(ERR_LIB_TS, ERR_R_CRYPTO_LIB); goto err; - if ((copy = OBJ_dup(policy)) == NULL) + } + if ((copy = OBJ_dup(policy)) == NULL) { + ERR_raise(ERR_LIB_TS, ERR_R_OBJ_LIB); goto err; - if (!sk_ASN1_OBJECT_push(ctx->policies, copy)) + } + if (!sk_ASN1_OBJECT_push(ctx->policies, copy)) { + ERR_raise(ERR_LIB_TS, ERR_R_CRYPTO_LIB); goto err; + } return 1; err: - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); ASN1_OBJECT_free(copy); return 0; } @@ -214,7 +216,7 @@ int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md) return 1; err: - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_CRYPTO_LIB); return 0; } @@ -247,7 +249,7 @@ int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, return 1; err: TS_RESP_CTX_accuracy_free(ctx); - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } @@ -282,27 +284,37 @@ int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, ASN1_UTF8STRING *utf8_text = NULL; int ret = 0; - if ((si = TS_STATUS_INFO_new()) == NULL) + if ((si = TS_STATUS_INFO_new()) == NULL) { + ERR_raise(ERR_LIB_TS, ERR_R_TS_LIB); goto err; - if (!ASN1_INTEGER_set(si->status, status)) + } + if (!ASN1_INTEGER_set(si->status, status)) { + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); goto err; + } if (text) { if ((utf8_text = ASN1_UTF8STRING_new()) == NULL - || !ASN1_STRING_set(utf8_text, text, strlen(text))) + || !ASN1_STRING_set(utf8_text, text, strlen(text))) { + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); goto err; + } if (si->text == NULL - && (si->text = sk_ASN1_UTF8STRING_new_null()) == NULL) + && (si->text = sk_ASN1_UTF8STRING_new_null()) == NULL) { + ERR_raise(ERR_LIB_TS, ERR_R_CRYPTO_LIB); goto err; - if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text)) + } + if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text)) { + ERR_raise(ERR_LIB_TS, ERR_R_CRYPTO_LIB); goto err; + } utf8_text = NULL; /* Ownership is lost. */ } - if (!TS_RESP_set_status_info(ctx->response, si)) + if (!TS_RESP_set_status_info(ctx->response, si)) { + ERR_raise(ERR_LIB_TS, ERR_R_TS_LIB); goto err; + } ret = 1; err: - if (!ret) - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); TS_STATUS_INFO_free(si); ASN1_UTF8STRING_free(utf8_text); return ret; @@ -330,7 +342,7 @@ int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure) goto err; return 1; err: - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } @@ -363,7 +375,7 @@ TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio) ts_RESP_CTX_init(ctx); if ((ctx->response = TS_RESP_new()) == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_TS_LIB); goto end; } if ((ctx->request = d2i_TS_REQ_bio(req_bio, NULL)) == NULL) { @@ -673,7 +685,7 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx) } if ((p7 = PKCS7_new_ex(ctx->libctx, ctx->propq)) == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); goto err; } if (!PKCS7_set_type(p7, NID_pkcs7_signed)) @@ -738,7 +750,7 @@ static int ts_RESP_sign(TS_RESP_CTX *ctx) if (!ts_TST_INFO_content_new(p7)) goto err; if ((p7bio = PKCS7_dataInit(p7, NULL)) == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_PKCS7_LIB); goto err; } if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info)) { diff --git a/crypto/ts/ts_rsp_utils.c b/crypto/ts/ts_rsp_utils.c index cae076f21a..2352c7adb9 100644 --- a/crypto/ts/ts_rsp_utils.c +++ b/crypto/ts/ts_rsp_utils.c @@ -22,7 +22,7 @@ int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *status_info) return 1; new_status_info = TS_STATUS_INFO_dup(status_info); if (new_status_info == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_TS_LIB); return 0; } TS_STATUS_INFO_free(a->status_info); @@ -73,7 +73,7 @@ int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy) return 1; new_policy = OBJ_dup(policy); if (new_policy == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_OBJ_LIB); return 0; } ASN1_OBJECT_free(a->policy_id); @@ -94,7 +94,7 @@ int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint) return 1; new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint); if (new_msg_imprint == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_TS_LIB); return 0; } TS_MSG_IMPRINT_free(a->msg_imprint); @@ -115,7 +115,7 @@ int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial) return 1; new_serial = ASN1_INTEGER_dup(serial); if (new_serial == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } ASN1_INTEGER_free(a->serial); @@ -136,7 +136,7 @@ int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime) return 1; new_time = ASN1_STRING_dup(gtime); if (new_time == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } ASN1_GENERALIZEDTIME_free(a->time); @@ -157,7 +157,7 @@ int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy) return 1; new_accuracy = TS_ACCURACY_dup(accuracy); if (new_accuracy == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_TS_LIB); return 0; } TS_ACCURACY_free(a->accuracy); @@ -178,7 +178,7 @@ int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds) return 1; new_seconds = ASN1_INTEGER_dup(seconds); if (new_seconds == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } ASN1_INTEGER_free(a->seconds); @@ -200,7 +200,7 @@ int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis) if (millis != NULL) { new_millis = ASN1_INTEGER_dup(millis); if (new_millis == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } } @@ -223,7 +223,7 @@ int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros) if (micros != NULL) { new_micros = ASN1_INTEGER_dup(micros); if (new_micros == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } } @@ -256,7 +256,7 @@ int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce) return 1; new_nonce = ASN1_INTEGER_dup(nonce); if (new_nonce == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } ASN1_INTEGER_free(a->nonce); @@ -277,7 +277,7 @@ int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa) return 1; new_tsa = GENERAL_NAME_dup(tsa); if (new_tsa == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_ASN1_LIB); return 0; } GENERAL_NAME_free(a->tsa); diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index 410f688255..46b47d9595 100644 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -178,7 +178,7 @@ static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, *chain = NULL; cert_ctx = X509_STORE_CTX_new(); if (cert_ctx == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_X509_LIB); goto err; } if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) @@ -451,14 +451,12 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info, if (length < 0) goto err; *imprint_len = length; - if ((*imprint = OPENSSL_malloc(*imprint_len)) == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + if ((*imprint = OPENSSL_malloc(*imprint_len)) == NULL) goto err; - } md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_TS, ERR_R_EVP_LIB); goto err; } if (!EVP_DigestInit(md_ctx, md)) diff --git a/crypto/ts/ts_verify_ctx.c b/crypto/ts/ts_verify_ctx.c index 127e35623e..6dbba3df50 100644 --- a/crypto/ts/ts_verify_ctx.c +++ b/crypto/ts/ts_verify_ctx.c @@ -16,8 +16,6 @@ TS_VERIFY_CTX *TS_VERIFY_CTX_new(void) { TS_VERIFY_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) - ERR_raise(ERR_LIB_TS, ERR_R_MALLOC_FAILURE); return ctx; } diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c index 1ff8c6fa35..9c779df48d 100644 --- a/crypto/ui/ui_lib.c +++ b/crypto/ui/ui_lib.c @@ -24,14 +24,12 @@ UI *UI_new_method(const UI_METHOD *method) { UI *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_UI, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -210,10 +208,8 @@ int UI_dup_input_string(UI *ui, const char *prompt, int flags, if (prompt != NULL) { prompt_copy = OPENSSL_strdup(prompt); - if (prompt_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (prompt_copy == NULL) return 0; - } } return general_allocate_string(ui, prompt_copy, 1, @@ -238,10 +234,8 @@ int UI_dup_verify_string(UI *ui, const char *prompt, int flags, if (prompt != NULL) { prompt_copy = OPENSSL_strdup(prompt); - if (prompt_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (prompt_copy == NULL) return -1; - } } return general_allocate_string(ui, prompt_copy, 1, @@ -269,34 +263,26 @@ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc, if (prompt != NULL) { prompt_copy = OPENSSL_strdup(prompt); - if (prompt_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (prompt_copy == NULL) goto err; - } } if (action_desc != NULL) { action_desc_copy = OPENSSL_strdup(action_desc); - if (action_desc_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (action_desc_copy == NULL) goto err; - } } if (ok_chars != NULL) { ok_chars_copy = OPENSSL_strdup(ok_chars); - if (ok_chars_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (ok_chars_copy == NULL) goto err; - } } if (cancel_chars != NULL) { cancel_chars_copy = OPENSSL_strdup(cancel_chars); - if (cancel_chars_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (cancel_chars_copy == NULL) goto err; - } } return general_allocate_boolean(ui, prompt_copy, action_desc_copy, @@ -322,10 +308,8 @@ int UI_dup_info_string(UI *ui, const char *text) if (text != NULL) { text_copy = OPENSSL_strdup(text); - if (text_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (text_copy == NULL) return -1; - } } return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL, @@ -344,10 +328,8 @@ int UI_dup_error_string(UI *ui, const char *text) if (text != NULL) { text_copy = OPENSSL_strdup(text); - if (text_copy == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if (text_copy == NULL) return -1; - } } return general_allocate_string(ui, text_copy, 1, UIT_ERROR, 0, NULL, 0, 0, NULL); @@ -373,10 +355,8 @@ char *UI_construct_prompt(UI *ui, const char *phrase_desc, len += sizeof(prompt2) - 1 + strlen(object_name); len += sizeof(prompt3) - 1; - if ((prompt = OPENSSL_malloc(len + 1)) == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + if ((prompt = OPENSSL_malloc(len + 1)) == NULL) return NULL; - } OPENSSL_strlcpy(prompt, prompt1, len + 1); OPENSSL_strlcat(prompt, phrase_desc, len + 1); if (object_name != NULL) { @@ -413,7 +393,7 @@ int UI_dup_user_data(UI *ui, void *user_data) duplicate = ui->meth->ui_duplicate_data(ui, user_data); if (duplicate == NULL) { - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_UI, ERR_R_UI_LIB); return -1; } @@ -599,10 +579,17 @@ UI_METHOD *UI_create_method(const char *name) || (ui_method->name = OPENSSL_strdup(name)) == NULL || !CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI_METHOD, ui_method, &ui_method->ex_data)) { - if (ui_method) + + if (ui_method != NULL) { + if (ui_method->name != NULL) + /* + * These conditions indicate that the CRYPTO_new_ex_data() + * call failed. + */ + ERR_raise(ERR_LIB_UI, ERR_R_CRYPTO_LIB); OPENSSL_free(ui_method->name); + } OPENSSL_free(ui_method); - ERR_raise(ERR_LIB_UI, ERR_R_MALLOC_FAILURE); return NULL; } return ui_method; diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index 8d61c27d70..68b0b865d3 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -114,20 +114,18 @@ static int new_dir(X509_LOOKUP *lu) { BY_DIR *a = OPENSSL_malloc(sizeof(*a)); - if (a == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (a == NULL) return 0; - } if ((a->buffer = BUF_MEM_new()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_BN_LIB); goto err; } a->dirs = NULL; a->lock = CRYPTO_THREAD_lock_new(); if (a->lock == NULL) { BUF_MEM_free(a->buffer); - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } lu->method_data = a; @@ -202,15 +200,13 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) if (ctx->dirs == NULL) { ctx->dirs = sk_BY_DIR_ENTRY_new_null(); if (!ctx->dirs) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); return 0; } } ent = OPENSSL_malloc(sizeof(*ent)); - if (ent == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (ent == NULL) return 0; - } ent->dir_type = type; ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); ent->dir = OPENSSL_strndup(ss, len); @@ -220,7 +216,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) } if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) { by_dir_entry_free(ent); - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); return 0; } } @@ -277,7 +273,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i); j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1; if (!BUF_MEM_grow(b, j)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB); goto finish; } if (type == X509_LU_CRL && ent->hashes) { @@ -376,7 +372,6 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, hent = OPENSSL_malloc(sizeof(*hent)); if (hent == NULL) { CRYPTO_THREAD_unlock(ctx->lock); - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); ok = 0; goto finish; } @@ -385,7 +380,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) { CRYPTO_THREAD_unlock(ctx->lock); OPENSSL_free(hent); - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); ok = 0; goto finish; } diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index 37d73ca84c..811b840ff1 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -107,7 +107,7 @@ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, } x = X509_new_ex(libctx, propq); if (x == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; } diff --git a/crypto/x509/pcy_cache.c b/crypto/x509/pcy_cache.c index 79b16c905c..e9f45a80bb 100644 --- a/crypto/x509/pcy_cache.c +++ b/crypto/x509/pcy_cache.c @@ -35,14 +35,14 @@ static int policy_cache_create(X509 *x, goto bad_policy; cache->data = sk_X509_POLICY_DATA_new(policy_data_cmp); if (cache->data == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto just_cleanup; } for (i = 0; i < num; i++) { policy = sk_POLICYINFO_value(policies, i); data = ossl_policy_data_new(policy, NULL, crit); if (data == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509_LIB); goto just_cleanup; } /* @@ -58,7 +58,7 @@ static int policy_cache_create(X509 *x, ret = -1; goto bad_policy; } else if (!sk_X509_POLICY_DATA_push(cache->data, data)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto bad_policy; } data = NULL; @@ -90,10 +90,8 @@ static int policy_cache_new(X509 *x) if (x->policy_cache != NULL) return 1; cache = OPENSSL_malloc(sizeof(*cache)); - if (cache == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if (cache == NULL) return 0; - } cache->anyPolicy = NULL; cache->data = NULL; cache->any_skip = -1; diff --git a/crypto/x509/pcy_data.c b/crypto/x509/pcy_data.c index 6fb8f14ba8..8e8b91a781 100644 --- a/crypto/x509/pcy_data.c +++ b/crypto/x509/pcy_data.c @@ -52,14 +52,13 @@ X509_POLICY_DATA *ossl_policy_data_new(POLICYINFO *policy, ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { ASN1_OBJECT_free(id); - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); return NULL; } ret->expected_policy_set = sk_ASN1_OBJECT_new_null(); if (ret->expected_policy_set == NULL) { OPENSSL_free(ret); ASN1_OBJECT_free(id); - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); return NULL; } diff --git a/crypto/x509/pcy_node.c b/crypto/x509/pcy_node.c index 04aba646be..5bee8c2a0b 100644 --- a/crypto/x509/pcy_node.c +++ b/crypto/x509/pcy_node.c @@ -64,10 +64,8 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, X509_POLICY_NODE *node; node = OPENSSL_zalloc(sizeof(*node)); - if (node == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if (node == NULL) return NULL; - } node->data = data; node->parent = parent; if (level) { @@ -80,11 +78,11 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, if (level->nodes == NULL) level->nodes = ossl_policy_node_cmp_new(); if (level->nodes == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509_LIB); goto node_error; } if (!sk_X509_POLICY_NODE_push(level->nodes, node)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto node_error; } } @@ -94,11 +92,11 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, if (tree->extra_data == NULL) tree->extra_data = sk_X509_POLICY_DATA_new_null(); if (tree->extra_data == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto node_error; } if (!sk_X509_POLICY_DATA_push(tree->extra_data, data)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto node_error; } } diff --git a/crypto/x509/pcy_tree.c b/crypto/x509/pcy_tree.c index fa45da5117..4b954b0776 100644 --- a/crypto/x509/pcy_tree.c +++ b/crypto/x509/pcy_tree.c @@ -158,10 +158,8 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, return ret; /* If we get this far initialize the tree */ - if ((tree = OPENSSL_zalloc(sizeof(*tree))) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((tree = OPENSSL_zalloc(sizeof(*tree))) == NULL) return X509_PCY_TREE_INTERNAL; - } /* * http://tools.ietf.org/html/rfc5280#section-6.1.2, figure 3. @@ -172,7 +170,6 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, */ if ((tree->levels = OPENSSL_zalloc(sizeof(*tree->levels)*(n+1))) == NULL) { OPENSSL_free(tree); - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); return X509_PCY_TREE_INTERNAL; } tree->nlevel = n+1; diff --git a/crypto/x509/v3_addr.c b/crypto/x509/v3_addr.c index 1697bf7895..31b439a816 100644 --- a/crypto/x509/v3_addr.c +++ b/crypto/x509/v3_addr.c @@ -923,7 +923,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, int i; if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); return NULL; } @@ -978,10 +978,8 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, } else { s = OPENSSL_strdup(val->value); } - if (s == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if (s == NULL) goto err; - } /* * Check for inheritance. Not worth additional complexity to @@ -1021,7 +1019,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, goto err; } if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); goto err; } break; @@ -1044,13 +1042,13 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, goto err; } if (!X509v3_addr_add_range(addr, afi, safi, min, max)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); goto err; } break; case '\0': if (!X509v3_addr_add_prefix(addr, afi, safi, min, length * 8)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); goto err; } break; @@ -1235,7 +1233,7 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx, validation_err(X509_V_ERR_INVALID_EXTENSION); (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); if (ctx != NULL) ctx->error = X509_V_ERR_OUT_OF_MEM; ret = 0; diff --git a/crypto/x509/v3_akid.c b/crypto/x509/v3_akid.c index 17807c6032..de93dae70e 100644 --- a/crypto/x509/v3_akid.c +++ b/crypto/x509/v3_akid.c @@ -46,7 +46,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, if (akeyid->keyid) { tmp = i2s_ASN1_OCTET_STRING(NULL, akeyid->keyid); if (tmp == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } if (!X509V3_add_value((akeyid->issuer || akeyid->serial) ? "keyid" : NULL, @@ -68,7 +68,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, if (akeyid->serial) { tmp = i2s_ASN1_OCTET_STRING(NULL, akeyid->serial); if (tmp == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } if (!X509V3_add_value("serial", tmp, &extlist)) { @@ -204,9 +204,12 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, if (isname != NULL) { if ((gens = sk_GENERAL_NAME_new_null()) == NULL - || (gen = GENERAL_NAME_new()) == NULL - || !sk_GENERAL_NAME_push(gens, gen)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + || (gen = GENERAL_NAME_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } + if (!sk_GENERAL_NAME_push(gens, gen)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; } gen->type = GEN_DIRNAME; diff --git a/crypto/x509/v3_asid.c b/crypto/x509/v3_asid.c index 4a362ff0e1..d1c3dd5d9f 100644 --- a/crypto/x509/v3_asid.c +++ b/crypto/x509/v3_asid.c @@ -301,14 +301,14 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) if ((bn == NULL && (bn = BN_new()) == NULL) || ASN1_INTEGER_to_BN(a_max, bn) == NULL || !BN_add_word(bn, 1)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_BN_LIB); goto done; } if ((a_max_plus_one = BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { a_max_plus_one = orig; - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto done; } @@ -422,14 +422,14 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) if ((bn == NULL && (bn = BN_new()) == NULL) || ASN1_INTEGER_to_BN(a_max, bn) == NULL || !BN_add_word(bn, 1)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_BN_LIB); goto done; } if ((a_max_plus_one = BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { a_max_plus_one = orig; - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto done; } @@ -440,10 +440,8 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) ASRange *r; switch (a->type) { case ASIdOrRange_id: - if ((r = OPENSSL_malloc(sizeof(*r))) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((r = OPENSSL_malloc(sizeof(*r))) == NULL) goto done; - } r->min = a_min; r->max = b_max; a->type = ASIdOrRange_range; @@ -517,7 +515,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method, int i; if ((asid = ASIdentifiers_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); return NULL; } @@ -578,21 +576,19 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method, */ if (!is_range) { if (!X509V3_get_value_int(val, &min)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); goto err; } } else { char *s = OPENSSL_strdup(val->value); - if (s == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if (s == NULL) goto err; - } s[i1] = '\0'; min = s2i_ASN1_INTEGER(NULL, s); max = s2i_ASN1_INTEGER(NULL, s + i2); OPENSSL_free(s); if (min == NULL || max == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); goto err; } if (ASN1_INTEGER_cmp(min, max) > 0) { @@ -601,7 +597,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method, } } if (!X509v3_asid_add_id_or_range(asid, which, min, max)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); goto err; } min = max = NULL; diff --git a/crypto/x509/v3_bcons.c b/crypto/x509/v3_bcons.c index 6e7a165f26..17962ed43f 100644 --- a/crypto/x509/v3_bcons.c +++ b/crypto/x509/v3_bcons.c @@ -61,7 +61,7 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, int i; if ((bcons = BASIC_CONSTRAINTS_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } for (i = 0; i < sk_CONF_VALUE_num(values); i++) { diff --git a/crypto/x509/v3_bitst.c b/crypto/x509/v3_bitst.c index b53c5ba3ec..d41c95b513 100644 --- a/crypto/x509/v3_bitst.c +++ b/crypto/x509/v3_bitst.c @@ -64,7 +64,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, int i; BIT_STRING_BITNAME *bnam; if ((bs = ASN1_BIT_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -73,7 +73,7 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, if (strcmp(bnam->sname, val->name) == 0 || strcmp(bnam->lname, val->name) == 0) { if (!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ASN1_BIT_STRING_free(bs); return NULL; } diff --git a/crypto/x509/v3_conf.c b/crypto/x509/v3_conf.c index 8201ba0d86..c575a43459 100644 --- a/crypto/x509/v3_conf.c +++ b/crypto/x509/v3_conf.c @@ -148,34 +148,41 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, ext_der = NULL; ext_len = ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it)); - if (ext_len < 0) - goto merr; + if (ext_len < 0) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } } else { unsigned char *p; ext_len = method->i2d(ext_struc, NULL); - if (ext_len <= 0) - goto merr; + if (ext_len <= 0) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } if ((ext_der = OPENSSL_malloc(ext_len)) == NULL) - goto merr; + goto err; p = ext_der; method->i2d(ext_struc, &p); } - if ((ext_oct = ASN1_OCTET_STRING_new()) == NULL) - goto merr; + if ((ext_oct = ASN1_OCTET_STRING_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } ext_oct->data = ext_der; ext_der = NULL; ext_oct->length = ext_len; ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct); - if (!ext) - goto merr; + if (!ext) { + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); + goto err; + } ASN1_OCTET_STRING_free(ext_oct); return ext; - merr: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + err: OPENSSL_free(ext_der); ASN1_OCTET_STRING_free(ext_oct); return NULL; @@ -256,7 +263,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, const char *value, } if ((oct = ASN1_OCTET_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } diff --git a/crypto/x509/v3_cpols.c b/crypto/x509/v3_cpols.c index 65fab71406..ae602ea2cd 100644 --- a/crypto/x509/v3_cpols.c +++ b/crypto/x509/v3_cpols.c @@ -105,7 +105,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, pols = sk_POLICYINFO_new_reserve(NULL, num); if (pols == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; } @@ -144,14 +144,14 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, pol = POLICYINFO_new(); if (pol == NULL) { ASN1_OBJECT_free(pobj); - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } pol->policyid = pobj; } if (!sk_POLICYINFO_push(pols, pol)) { POLICYINFO_free(pol); - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; } } @@ -171,8 +171,10 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, POLICYINFO *pol; POLICYQUALINFO *qual; - if ((pol = POLICYINFO_new()) == NULL) - goto merr; + if ((pol = POLICYINFO_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) { cnf = sk_CONF_VALUE_value(polstrs, i); if (strcmp(cnf->name, "policyIdentifier") == 0) { @@ -188,19 +190,27 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, } else if (!ossl_v3_name_cmp(cnf->name, "CPS")) { if (pol->qualifiers == NULL) pol->qualifiers = sk_POLICYQUALINFO_new_null(); - if ((qual = POLICYQUALINFO_new()) == NULL) - goto merr; - if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) - goto merr; + if ((qual = POLICYQUALINFO_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } + if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); + goto err; + } if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_cps)) == NULL) { ERR_raise(ERR_LIB_X509V3, ERR_R_INTERNAL_ERROR); goto err; } - if ((qual->d.cpsuri = ASN1_IA5STRING_new()) == NULL) - goto merr; + if ((qual->d.cpsuri = ASN1_IA5STRING_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value, - strlen(cnf->value))) - goto merr; + strlen(cnf->value))) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } } else if (!ossl_v3_name_cmp(cnf->name, "userNotice")) { STACK_OF(CONF_VALUE) *unot; if (*cnf->value != '@') { @@ -221,8 +231,10 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, goto err; if (pol->qualifiers == NULL) pol->qualifiers = sk_POLICYQUALINFO_new_null(); - if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) - goto merr; + if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); + goto err; + } } else { ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_OPTION); X509V3_conf_err(cnf); @@ -236,9 +248,6 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, return pol; - merr: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); - err: POLICYINFO_free(pol); return NULL; @@ -287,14 +296,18 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, POLICYQUALINFO *qual; char *value = NULL; - if ((qual = POLICYQUALINFO_new()) == NULL) - goto merr; + if ((qual = POLICYQUALINFO_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice)) == NULL) { ERR_raise(ERR_LIB_X509V3, ERR_R_INTERNAL_ERROR); goto err; } - if ((not = USERNOTICE_new()) == NULL) - goto merr; + if ((not = USERNOTICE_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } qual->d.usernotice = not; for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { cnf = sk_CONF_VALUE_value(unot, i); @@ -302,19 +315,25 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, value = cnf->value; if (strcmp(cnf->name, "explicitText") == 0) { tag = displaytext_str2tag(value, &tag_len); - if ((not->exptext = ASN1_STRING_type_new(tag)) == NULL) - goto merr; + if ((not->exptext = ASN1_STRING_type_new(tag)) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } if (tag_len != 0) value += tag_len + 1; len = strlen(value); - if (!ASN1_STRING_set(not->exptext, value, len)) - goto merr; + if (!ASN1_STRING_set(not->exptext, value, len)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } } else if (strcmp(cnf->name, "organization") == 0) { NOTICEREF *nref; if (!not->noticeref) { - if ((nref = NOTICEREF_new()) == NULL) - goto merr; + if ((nref = NOTICEREF_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } not->noticeref = nref; } else nref = not->noticeref; @@ -323,15 +342,19 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, else nref->organization->type = V_ASN1_VISIBLESTRING; if (!ASN1_STRING_set(nref->organization, cnf->value, - strlen(cnf->value))) - goto merr; + strlen(cnf->value))) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } } else if (strcmp(cnf->name, "noticeNumbers") == 0) { NOTICEREF *nref; STACK_OF(CONF_VALUE) *nos; if (!not->noticeref) { - if ((nref = NOTICEREF_new()) == NULL) - goto merr; + if ((nref = NOTICEREF_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } not->noticeref = nref; } else nref = not->noticeref; @@ -361,9 +384,6 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, return qual; - merr: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); - err: POLICYQUALINFO_free(qual); return NULL; @@ -380,19 +400,15 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) cnf = sk_CONF_VALUE_value(nos, i); if ((aint = s2i_ASN1_INTEGER(NULL, cnf->name)) == NULL) { ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_NUMBER); - goto err; + return 0; + } + if (!sk_ASN1_INTEGER_push(nnums, aint)) { + ASN1_INTEGER_free(aint); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); + return 0; } - if (!sk_ASN1_INTEGER_push(nnums, aint)) - goto merr; } return 1; - - merr: - ASN1_INTEGER_free(aint); - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); - - err: - return 0; } static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c index b4ac457f22..08df3faf86 100644 --- a/crypto/x509/v3_crld.c +++ b/crypto/x509/v3_crld.c @@ -244,8 +244,10 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method, int i; crld = sk_DIST_POINT_new_reserve(NULL, num); - if (crld == NULL) - goto merr; + if (crld == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); + goto err; + } for (i = 0; i < num; i++) { DIST_POINT *point; @@ -263,16 +265,24 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method, } else { if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL) goto err; - if ((gens = GENERAL_NAMES_new()) == NULL) - goto merr; - if (!sk_GENERAL_NAME_push(gens, gen)) - goto merr; + if ((gens = GENERAL_NAMES_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } + if (!sk_GENERAL_NAME_push(gens, gen)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); + goto err; + } gen = NULL; - if ((point = DIST_POINT_new()) == NULL) - goto merr; + if ((point = DIST_POINT_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } sk_DIST_POINT_push(crld, point); /* no failure as it was reserved */ - if ((point->distpoint = DIST_POINT_NAME_new()) == NULL) - goto merr; + if ((point->distpoint = DIST_POINT_NAME_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } point->distpoint->name.fullname = gens; point->distpoint->type = 0; gens = NULL; @@ -280,8 +290,6 @@ static void *v2i_crld(const X509V3_EXT_METHOD *method, } return crld; - merr: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); err: GENERAL_NAME_free(gen); GENERAL_NAMES_free(gens); @@ -364,8 +372,10 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *name, *val; int i, ret; idp = ISSUING_DIST_POINT_new(); - if (idp == NULL) - goto merr; + if (idp == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { cnf = sk_CONF_VALUE_value(nval, i); name = cnf->name; @@ -398,8 +408,6 @@ static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, } return idp; - merr: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); err: ISSUING_DIST_POINT_free(idp); return NULL; diff --git a/crypto/x509/v3_extku.c b/crypto/x509/v3_extku.c index 4f2a86bdcb..22c951e251 100644 --- a/crypto/x509/v3_extku.c +++ b/crypto/x509/v3_extku.c @@ -79,7 +79,7 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, extku = sk_ASN1_OBJECT_new_reserve(NULL, num); if (extku == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); sk_ASN1_OBJECT_free(extku); return NULL; } diff --git a/crypto/x509/v3_ia5.c b/crypto/x509/v3_ia5.c index 6722b6c01f..7b79935872 100644 --- a/crypto/x509/v3_ia5.c +++ b/crypto/x509/v3_ia5.c @@ -31,10 +31,8 @@ char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5) if (ia5 == NULL || ia5->length <= 0) return NULL; - if ((tmp = OPENSSL_malloc(ia5->length + 1)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((tmp = OPENSSL_malloc(ia5->length + 1)) == NULL) return NULL; - } memcpy(tmp, ia5->data, ia5->length); tmp[ia5->length] = 0; return tmp; @@ -48,8 +46,10 @@ ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } - if ((ia5 = ASN1_IA5STRING_new()) == NULL) - goto err; + if ((ia5 = ASN1_IA5STRING_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + return NULL; + } if (!ASN1_STRING_set((ASN1_STRING *)ia5, str, strlen(str))) { ASN1_IA5STRING_free(ia5); return NULL; @@ -58,7 +58,4 @@ ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ebcdic2ascii(ia5->data, ia5->data, ia5->length); #endif /* CHARSET_EBCDIC */ return ia5; - err: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); - return NULL; } diff --git a/crypto/x509/v3_info.c b/crypto/x509/v3_info.c index 5f21ce11e7..7e4d9313d8 100644 --- a/crypto/x509/v3_info.c +++ b/crypto/x509/v3_info.c @@ -73,8 +73,10 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS( desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); tmp = i2v_GENERAL_NAME(method, desc->location, tret); - if (tmp == NULL) + if (tmp == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; + } tret = tmp; vtmp = sk_CONF_VALUE_value(tret, i); i2t_ASN1_OBJECT(objtmp, sizeof(objtmp), desc->method); @@ -91,7 +93,6 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS( return tret; err: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); if (ret == NULL && tret != NULL) sk_CONF_VALUE_pop_free(tret, X509V3_conf_free); return NULL; @@ -111,13 +112,13 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD char *objtmp, *ptmp; if ((ainfo = sk_ACCESS_DESCRIPTION_new_reserve(NULL, num)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); return NULL; } for (i = 0; i < num; i++) { cnf = sk_CONF_VALUE_value(nval, i); if ((acc = ACCESS_DESCRIPTION_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } sk_ACCESS_DESCRIPTION_push(ainfo, acc); /* Cannot fail due to reserve */ @@ -130,10 +131,8 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD ctmp.value = cnf->value; if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) goto err; - if ((objtmp = OPENSSL_strndup(cnf->name, ptmp - cnf->name)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((objtmp = OPENSSL_strndup(cnf->name, ptmp - cnf->name)) == NULL) goto err; - } acc->method = OBJ_txt2obj(objtmp, 0); if (!acc->method) { ERR_raise_data(ERR_LIB_X509V3, X509V3_R_BAD_OBJECT, diff --git a/crypto/x509/v3_ist.c b/crypto/x509/v3_ist.c index 71bb76c48e..cb3a68cf40 100644 --- a/crypto/x509/v3_ist.c +++ b/crypto/x509/v3_ist.c @@ -39,7 +39,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_ int i; if (ist == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } for (i = 0; i < sk_CONF_VALUE_num(nval); ++i) { @@ -51,7 +51,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_ if (strcmp(cnf->name, "signTool") == 0) { ist->signTool = ASN1_UTF8STRING_new(); if (ist->signTool == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ISSUER_SIGN_TOOL_free(ist); return NULL; } @@ -59,7 +59,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_ } else if (strcmp(cnf->name, "cATool") == 0) { ist->cATool = ASN1_UTF8STRING_new(); if (ist->cATool == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ISSUER_SIGN_TOOL_free(ist); return NULL; } @@ -67,7 +67,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_ } else if (strcmp(cnf->name, "signToolCert") == 0) { ist->signToolCert = ASN1_UTF8STRING_new(); if (ist->signToolCert == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ISSUER_SIGN_TOOL_free(ist); return NULL; } @@ -75,7 +75,7 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_ } else if (strcmp(cnf->name, "cAToolCert") == 0) { ist->cAToolCert = ASN1_UTF8STRING_new(); if (ist->cAToolCert == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ISSUER_SIGN_TOOL_free(ist); return NULL; } diff --git a/crypto/x509/v3_lib.c b/crypto/x509/v3_lib.c index 5c05b56d9c..ced105adfa 100644 --- a/crypto/x509/v3_lib.c +++ b/crypto/x509/v3_lib.c @@ -26,11 +26,11 @@ int X509V3_EXT_add(X509V3_EXT_METHOD *ext) { if (ext_list == NULL && (ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); return 0; } if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); return 0; } return 1; @@ -92,10 +92,8 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from) ERR_raise(ERR_LIB_X509V3, X509V3_R_EXTENSION_NOT_FOUND); return 0; } - if ((tmpext = OPENSSL_malloc(sizeof(*tmpext))) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((tmpext = OPENSSL_malloc(sizeof(*tmpext))) == NULL) return 0; - } *tmpext = *ext; tmpext->ext_nid = nid_to; tmpext->ext_flags |= X509V3_EXT_DYNAMIC; @@ -291,7 +289,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, return 1; m_fail: - /* ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); */ + /* ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); */ if (ret != *x) sk_X509_EXTENSION_free(ret); X509_EXTENSION_free(ext); diff --git a/crypto/x509/v3_ncons.c b/crypto/x509/v3_ncons.c index 7ffb88c4c0..2860c788a7 100644 --- a/crypto/x509/v3_ncons.c +++ b/crypto/x509/v3_ncons.c @@ -134,8 +134,10 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, GENERAL_SUBTREE *sub = NULL; ncons = NAME_CONSTRAINTS_new(); - if (ncons == NULL) - goto memerr; + if (ncons == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + goto err; + } for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { val = sk_CONF_VALUE_value(nval, i); if (HAS_PREFIX(val->name, "permitted") && val->name[9]) { @@ -150,21 +152,25 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, } tval.value = val->value; sub = GENERAL_SUBTREE_new(); - if (sub == NULL) - goto memerr; - if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1)) + if (sub == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; + } + if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); + goto err; + } if (*ptree == NULL) *ptree = sk_GENERAL_SUBTREE_new_null(); - if (*ptree == NULL || !sk_GENERAL_SUBTREE_push(*ptree, sub)) - goto memerr; + if (*ptree == NULL || !sk_GENERAL_SUBTREE_push(*ptree, sub)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); + goto err; + } sub = NULL; } return ncons; - memerr: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); err: NAME_CONSTRAINTS_free(ncons); GENERAL_SUBTREE_free(sub); diff --git a/crypto/x509/v3_pci.c b/crypto/x509/v3_pci.c index 79fe76d042..8b8b6e3ab8 100644 --- a/crypto/x509/v3_pci.c +++ b/crypto/x509/v3_pci.c @@ -119,7 +119,7 @@ static int process_pci_value(CONF_VALUE *val, if (*policy == NULL) { *policy = ASN1_OCTET_STRING_new(); if (*policy == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); X509V3_conf_err(val); return 0; } @@ -151,7 +151,6 @@ static int process_pci_value(CONF_VALUE *val, OPENSSL_free((*policy)->data); (*policy)->data = NULL; (*policy)->length = 0; - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -177,7 +176,6 @@ static int process_pci_value(CONF_VALUE *val, OPENSSL_free((*policy)->data); (*policy)->data = NULL; (*policy)->length = 0; - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); BIO_free_all(b); goto err; @@ -213,7 +211,6 @@ static int process_pci_value(CONF_VALUE *val, OPENSSL_free((*policy)->data); (*policy)->data = NULL; (*policy)->length = 0; - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -223,7 +220,6 @@ static int process_pci_value(CONF_VALUE *val, goto err; } if (!tmp_data) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -297,7 +293,7 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, pci = PROXY_CERT_INFO_EXTENSION_new(); if (pci == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } diff --git a/crypto/x509/v3_pcons.c b/crypto/x509/v3_pcons.c index 128365f572..72c2364b05 100644 --- a/crypto/x509/v3_pcons.c +++ b/crypto/x509/v3_pcons.c @@ -61,7 +61,7 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, int i; if ((pcons = POLICY_CONSTRAINTS_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } for (i = 0; i < sk_CONF_VALUE_num(values); i++) { diff --git a/crypto/x509/v3_pmaps.c b/crypto/x509/v3_pmaps.c index 2094e96711..e5d7dddc0a 100644 --- a/crypto/x509/v3_pmaps.c +++ b/crypto/x509/v3_pmaps.c @@ -73,7 +73,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, int i; if ((pmaps = sk_POLICY_MAPPING_new_reserve(NULL, num)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); return NULL; } @@ -93,7 +93,7 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, } pmap = POLICY_MAPPING_new(); if (pmap == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } pmap->issuerDomainPolicy = obj1; diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c index cac539b1e4..d3a66267ee 100644 --- a/crypto/x509/v3_purp.c +++ b/crypto/x509/v3_purp.c @@ -171,10 +171,8 @@ int X509_PURPOSE_add(int id, int trust, int flags, idx = X509_PURPOSE_get_by_id(id); /* Need a new entry */ if (idx == -1) { - if ((ptmp = OPENSSL_malloc(sizeof(*ptmp))) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((ptmp = OPENSSL_malloc(sizeof(*ptmp))) == NULL) return 0; - } ptmp->flags = X509_PURPOSE_DYNAMIC; } else { ptmp = X509_PURPOSE_get0(idx); @@ -188,10 +186,8 @@ int X509_PURPOSE_add(int id, int trust, int flags, /* Dup supplied name */ ptmp->name = OPENSSL_strdup(name); ptmp->sname = OPENSSL_strdup(sname); - if (ptmp->name == NULL || ptmp->sname == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if (ptmp->name == NULL || ptmp->sname == NULL) goto err; - } /* Keep the dynamic flag of existing entry */ ptmp->flags &= X509_PURPOSE_DYNAMIC; /* Set all other flags */ @@ -206,11 +202,11 @@ int X509_PURPOSE_add(int id, int trust, int flags, if (idx == -1) { if (xptable == NULL && (xptable = sk_X509_PURPOSE_new(xp_cmp)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; } if (!sk_X509_PURPOSE_push(xptable, ptmp)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; } } diff --git a/crypto/x509/v3_san.c b/crypto/x509/v3_san.c index c081f02e19..7798505eec 100644 --- a/crypto/x509/v3_san.c +++ b/crypto/x509/v3_san.c @@ -307,7 +307,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, int i; if (gens == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); sk_GENERAL_NAME_free(gens); return NULL; } @@ -358,7 +358,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens) num = sk_GENERAL_NAME_num(ialt); if (!sk_GENERAL_NAME_reserve(gens, num)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; } @@ -386,7 +386,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, gens = sk_GENERAL_NAME_new_reserve(NULL, num); if (gens == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); sk_GENERAL_NAME_free(gens); return NULL; } @@ -449,14 +449,14 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) i--; } if (email == NULL || (gen = GENERAL_NAME_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } gen->d.ia5 = email; email = NULL; gen->type = GEN_EMAIL; if (!sk_GENERAL_NAME_push(gens, gen)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; } gen = NULL; @@ -482,7 +482,7 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, gens = sk_GENERAL_NAME_new_reserve(NULL, num); if (gens == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); sk_GENERAL_NAME_free(gens); return NULL; } @@ -523,7 +523,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, else { gen = GENERAL_NAME_new(); if (gen == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } } @@ -581,7 +581,7 @@ GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, if ((gen->d.ia5 = ASN1_IA5STRING_new()) == NULL || !ASN1_STRING_set(gen->d.ia5, (unsigned char *)value, strlen(value))) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } } diff --git a/crypto/x509/v3_skid.c b/crypto/x509/v3_skid.c index 18223f2ef4..8657f4cdf2 100644 --- a/crypto/x509/v3_skid.c +++ b/crypto/x509/v3_skid.c @@ -37,7 +37,7 @@ ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, long length; if ((oct = ASN1_OCTET_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } diff --git a/crypto/x509/v3_sxnet.c b/crypto/x509/v3_sxnet.c index 5ac3bab354..8540f10d1e 100644 --- a/crypto/x509/v3_sxnet.c +++ b/crypto/x509/v3_sxnet.c @@ -135,7 +135,7 @@ int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, const char *user, if ((izone = ASN1_INTEGER_new()) == NULL || !ASN1_INTEGER_set(izone, lzone)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ASN1_INTEGER_free(izone); return 0; } @@ -165,10 +165,14 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user, return 0; } if (*psx == NULL) { - if ((sx = SXNET_new()) == NULL) + if ((sx = SXNET_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; - if (!ASN1_INTEGER_set(sx->version, 0)) + } + if (!ASN1_INTEGER_set(sx->version, 0)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; + } } else sx = *psx; if (SXNET_get_id_INTEGER(sx, zone)) { @@ -178,19 +182,24 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user, return 0; } - if ((id = SXNETID_new()) == NULL) + if ((id = SXNETID_new()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; + } - if (!ASN1_OCTET_STRING_set(id->user, (const unsigned char *)user, userlen)) + if (!ASN1_OCTET_STRING_set(id->user, (const unsigned char *)user, userlen)){ + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; - if (!sk_SXNETID_push(sx->ids, id)) + } + if (!sk_SXNETID_push(sx->ids, id)) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; + } id->zone = zone; *psx = sx; return 1; err: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); SXNETID_free(id); if (*psx == NULL) SXNET_free(sx); @@ -218,7 +227,7 @@ ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone) if ((izone = ASN1_INTEGER_new()) == NULL || !ASN1_INTEGER_set(izone, lzone)) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ASN1_INTEGER_free(izone); return NULL; } diff --git a/crypto/x509/v3_tlsf.c b/crypto/x509/v3_tlsf.c index a1446bc074..85dea65f35 100644 --- a/crypto/x509/v3_tlsf.c +++ b/crypto/x509/v3_tlsf.c @@ -96,7 +96,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method, long tlsextid; if ((tlsf = sk_ASN1_INTEGER_new_null()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); return NULL; } @@ -125,7 +125,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method, if ((ai = ASN1_INTEGER_new()) == NULL || !ASN1_INTEGER_set(ai, tlsextid) || sk_ASN1_INTEGER_push(tlsf, ai) <= 0) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); goto err; } /* So it doesn't get purged if an error occurs next time around */ diff --git a/crypto/x509/v3_utf8.c b/crypto/x509/v3_utf8.c index 51cfbf01cf..22345c3a65 100644 --- a/crypto/x509/v3_utf8.c +++ b/crypto/x509/v3_utf8.c @@ -35,10 +35,8 @@ char *i2s_ASN1_UTF8STRING(X509V3_EXT_METHOD *method, ERR_raise(ERR_LIB_X509V3, ERR_R_PASSED_NULL_PARAMETER); return NULL; } - if ((tmp = OPENSSL_malloc(utf8->length + 1)) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((tmp = OPENSSL_malloc(utf8->length + 1)) == NULL) return NULL; - } memcpy(tmp, utf8->data, utf8->length); tmp[utf8->length] = 0; return tmp; @@ -53,11 +51,11 @@ ASN1_UTF8STRING *s2i_ASN1_UTF8STRING(X509V3_EXT_METHOD *method, return NULL; } if ((utf8 = ASN1_UTF8STRING_new()) == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); return NULL; } if (!ASN1_STRING_set((ASN1_STRING *)utf8, str, strlen(str))) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); ASN1_UTF8STRING_free(utf8); return NULL; } diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c index 4ef0d20f29..1a18174995 100644 --- a/crypto/x509/v3_utl.c +++ b/crypto/x509/v3_utl.c @@ -56,8 +56,10 @@ static int x509v3_add_len_value(const char *name, const char *value, } if ((vtmp = OPENSSL_malloc(sizeof(*vtmp))) == NULL) goto err; - if (sk_allocated && (*extlist = sk_CONF_VALUE_new_null()) == NULL) + if (sk_allocated && (*extlist = sk_CONF_VALUE_new_null()) == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB); goto err; + } vtmp->section = NULL; vtmp->name = tname; vtmp->value = tvalue; @@ -65,7 +67,6 @@ static int x509v3_add_len_value(const char *name, const char *value, goto err; return 1; err: - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); if (sk_allocated) { sk_CONF_VALUE_free(*extlist); *extlist = NULL; @@ -146,7 +147,6 @@ static char *bignum_to_string(const BIGNUM *bn) len = strlen(tmp) + 3; ret = OPENSSL_malloc(len); if (ret == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); OPENSSL_free(tmp); return NULL; } @@ -170,9 +170,10 @@ char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a) if (!a) return NULL; - if ((bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) == NULL - || (strtmp = bignum_to_string(bntmp)) == NULL) - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) == NULL) + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + else if ((strtmp = bignum_to_string(bntmp)) == NULL) + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); BN_free(bntmp); return strtmp; } @@ -184,9 +185,10 @@ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, const ASN1_INTEGER *a) if (!a) return NULL; - if ((bntmp = ASN1_INTEGER_to_BN(a, NULL)) == NULL - || (strtmp = bignum_to_string(bntmp)) == NULL) - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if ((bntmp = ASN1_INTEGER_to_BN(a, NULL)) == NULL) + ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); + else if ((strtmp = bignum_to_string(bntmp)) == NULL) + ERR_raise(ERR_LIB_X509V3, ERR_R_X509V3_LIB); BN_free(bntmp); return strtmp; } @@ -204,7 +206,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, const char *value) } bn = BN_new(); if (bn == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509V3, ERR_R_BN_LIB); return NULL; } if (value[0] == '-') { @@ -320,10 +322,8 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) /* We are going to modify the line so copy it first */ linebuf = OPENSSL_strdup(line); - if (linebuf == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); + if (linebuf == NULL) goto err; - } state = HDR_NAME; ntmp = NULL; /* Go through all characters */ diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c index 9e6434187c..1fc99f7cad 100644 --- a/crypto/x509/x509_att.c +++ b/crypto/x509/x509_att.c @@ -95,22 +95,24 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, } if (*x == NULL) { - if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL) + if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; + } } else { sk = *x; } if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL) - goto err2; - if (!sk_X509_ATTRIBUTE_push(sk, new_attr)) goto err; + if (!sk_X509_ATTRIBUTE_push(sk, new_attr)) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); + goto err; + } if (*x == NULL) *x = sk; return sk; err: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); - err2: X509_ATTRIBUTE_free(new_attr); if (*x == NULL) sk_X509_ATTRIBUTE_free(sk); @@ -223,7 +225,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, if (attr == NULL || *attr == NULL) { if ((ret = X509_ATTRIBUTE_new()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); return NULL; } } else { @@ -293,10 +295,11 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, } atype = stmp->type; } else if (len != -1) { - if ((stmp = ASN1_STRING_type_new(attrtype)) == NULL) - goto err; - if (!ASN1_STRING_set(stmp, data, len)) + if ((stmp = ASN1_STRING_type_new(attrtype)) == NULL + || !ASN1_STRING_set(stmp, data, len)) { + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; + } atype = attrtype; } /* @@ -308,20 +311,25 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, ASN1_STRING_free(stmp); return 1; } - if ((ttmp = ASN1_TYPE_new()) == NULL) + if ((ttmp = ASN1_TYPE_new()) == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; + } if (len == -1 && (attrtype & MBSTRING_FLAG) == 0) { - if (!ASN1_TYPE_set1(ttmp, attrtype, data)) + if (!ASN1_TYPE_set1(ttmp, attrtype, data)) { + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; + } } else { ASN1_TYPE_set(ttmp, atype, stmp); stmp = NULL; } - if (!sk_ASN1_TYPE_push(attr->set, ttmp)) + if (!sk_ASN1_TYPE_push(attr->set, ttmp)) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; + } return 1; err: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); ASN1_TYPE_free(ttmp); ASN1_STRING_free(stmp); return 0; diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 18f9fba764..6fc2fd719e 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -184,7 +184,7 @@ int X509_cmp(const X509 *a, const X509 *b) int ossl_x509_add_cert_new(STACK_OF(X509) **p_sk, X509 *cert, int flags) { if (*p_sk == NULL && (*p_sk = sk_X509_new_null()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); return 0; } return X509_add_cert(*p_sk, cert, flags); @@ -216,7 +216,7 @@ int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags) } if (!sk_X509_insert(sk, cert, (flags & X509_ADD_FLAG_PREPEND) != 0 ? 0 : -1)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); return 0; } if ((flags & X509_ADD_FLAG_UP_REF) != 0) diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 40f1d23b73..1f31b56e0b 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -19,10 +19,8 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { X509_LOOKUP *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->method = method; if (method->new_item != NULL && method->new_item(ret) == 0) { @@ -180,32 +178,30 @@ X509_STORE *X509_STORE_new(void) { X509_STORE *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } if ((ret->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } ret->cache = 1; if ((ret->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); goto err; } if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } ret->references = 1; @@ -276,15 +272,15 @@ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *xs, X509_LOOKUP_METHOD *m) /* a new one */ lu = X509_LOOKUP_new(m); if (lu == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); return NULL; } lu->store_ctx = xs; if (sk_X509_LOOKUP_push(xs->get_cert_methods, lu)) return lu; - /* malloc failed */ - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + /* sk_X509_LOOKUP_push() failed */ + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); X509_LOOKUP_free(lu); return NULL; } @@ -413,7 +409,7 @@ static int x509_store_add(X509_STORE *store, void *x, int crl) int X509_STORE_add_cert(X509_STORE *xs, X509 *x) { if (!x509_store_add(xs, x, 0)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); return 0; } return 1; @@ -422,7 +418,7 @@ int X509_STORE_add_cert(X509_STORE *xs, X509 *x) int X509_STORE_add_crl(X509_STORE *xs, X509_CRL *x) { if (!x509_store_add(xs, x, 1)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); return 0; } return 1; @@ -464,10 +460,8 @@ X509_OBJECT *X509_OBJECT_new(void) { X509_OBJECT *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->type = X509_LU_NONE; return ret; } diff --git a/crypto/x509/x509_meth.c b/crypto/x509/x509_meth.c index a8eedd9b59..305fe4c6d3 100644 --- a/crypto/x509/x509_meth.c +++ b/crypto/x509/x509_meth.c @@ -23,10 +23,8 @@ X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name) if (method != NULL) { method->name = OPENSSL_strdup(name); - if (method->name == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (method->name == NULL) goto err; - } } return method; diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c index 12c6d6f78b..2af7203b01 100644 --- a/crypto/x509/x509_obj.c +++ b/crypto/x509/x509_obj.c @@ -41,9 +41,9 @@ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len) if (buf == NULL) { if ((b = BUF_MEM_new()) == NULL) - goto err; + goto buferr; if (!BUF_MEM_grow(b, 200)) - goto err; + goto buferr; b->data[0] = '\0'; len = 200; } else if (len == 0) { @@ -124,7 +124,7 @@ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len) } if (b != NULL) { if (!BUF_MEM_grow(b, l + 1)) - goto err; + goto buferr; p = &(b->data[lold]); } else if (l > len) { break; @@ -179,8 +179,8 @@ char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len) if (i == 0) *p = '\0'; return p; - err: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + buferr: + ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB); end: BUF_MEM_free(b); return NULL; diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index c7f6181c44..a6ea8e36a0 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -25,7 +25,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) EVP_PKEY *pubkey = NULL; if ((ret = X509_new()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); return NULL; } diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index 94fa856795..2a7836c23e 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -28,7 +28,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) ret = X509_REQ_new_ex(x->libctx, x->propq); if (ret == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; } diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c index da29526d27..656b3b8440 100644 --- a/crypto/x509/x509_trust.c +++ b/crypto/x509/x509_trust.c @@ -136,10 +136,8 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), idx = X509_TRUST_get_by_id(id); /* Need a new entry */ if (idx < 0) { - if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) return 0; - } trtmp->flags = X509_TRUST_DYNAMIC; } else trtmp = X509_TRUST_get0(idx); @@ -148,10 +146,8 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), if (trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name); /* dup supplied name */ - if ((trtmp->name = OPENSSL_strdup(name)) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if ((trtmp->name = OPENSSL_strdup(name)) == NULL) goto err; - } /* Keep the dynamic flag of existing entry */ trtmp->flags &= X509_TRUST_DYNAMIC; /* Set all other flags */ @@ -166,11 +162,11 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), if (idx < 0) { if (trtable == NULL && (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } if (!sk_X509_TRUST_push(trtable, trtmp)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } } diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c index 262061a20f..e9f256cee2 100644 --- a/crypto/x509/x509_v3.c +++ b/crypto/x509/x509_v3.c @@ -102,12 +102,14 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, if (x == NULL) { ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER); - goto err2; + goto err; } if (*x == NULL) { - if ((sk = sk_X509_EXTENSION_new_null()) == NULL) + if ((sk = sk_X509_EXTENSION_new_null()) == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; + } } else sk = *x; @@ -117,16 +119,18 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, else if (loc < 0) loc = n; - if ((new_ex = X509_EXTENSION_dup(ex)) == NULL) - goto err2; - if (!sk_X509_EXTENSION_insert(sk, new_ex, loc)) + if ((new_ex = X509_EXTENSION_dup(ex)) == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; + } + if (!sk_X509_EXTENSION_insert(sk, new_ex, loc)) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); + goto err; + } if (*x == NULL) *x = sk; return sk; err: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); - err2: X509_EXTENSION_free(new_ex); if (x != NULL && *x == NULL) sk_X509_EXTENSION_free(sk); @@ -159,7 +163,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, if ((ex == NULL) || (*ex == NULL)) { if ((ret = X509_EXTENSION_new()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); return NULL; } } else diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index d9158bd795..cc1f606167 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -714,7 +714,7 @@ static int check_name_constraints(X509_STORE_CTX *ctx) */ tmpsubject = X509_NAME_dup(tmpsubject); if (tmpsubject == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); ctx->error = X509_V_ERR_OUT_OF_MEM; return -1; } @@ -1655,15 +1655,19 @@ static int check_policy(X509_STORE_CTX *ctx) * was verified via a bare public key, and pop it off right after the * X509_policy_check() call. */ - if (ctx->bare_ta_signed && !sk_X509_push(ctx->chain, NULL)) + if (ctx->bare_ta_signed && !sk_X509_push(ctx->chain, NULL)) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto memerr; + } ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, ctx->param->policies, ctx->param->flags); if (ctx->bare_ta_signed) (void)sk_X509_pop(ctx->chain); - if (ret == X509_PCY_TREE_INTERNAL) + if (ret == X509_PCY_TREE_INTERNAL) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); goto memerr; + } /* Invalid or inconsistent extensions */ if (ret == X509_PCY_TREE_INVALID) { int i; @@ -1702,7 +1706,6 @@ static int check_policy(X509_STORE_CTX *ctx) return 1; memerr: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); ctx->error = X509_V_ERR_OUT_OF_MEM; return -1; } @@ -2068,20 +2071,30 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, } /* Create new CRL */ crl = X509_CRL_new_ex(base->libctx, base->propq); - if (crl == NULL || !X509_CRL_set_version(crl, X509_CRL_VERSION_2)) - goto memerr; + if (crl == NULL || !X509_CRL_set_version(crl, X509_CRL_VERSION_2)) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; + } /* Set issuer name */ - if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer))) - goto memerr; + if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer))) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; + } - if (!X509_CRL_set1_lastUpdate(crl, X509_CRL_get0_lastUpdate(newer))) - goto memerr; - if (!X509_CRL_set1_nextUpdate(crl, X509_CRL_get0_nextUpdate(newer))) - goto memerr; + if (!X509_CRL_set1_lastUpdate(crl, X509_CRL_get0_lastUpdate(newer))) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; + } + if (!X509_CRL_set1_nextUpdate(crl, X509_CRL_get0_nextUpdate(newer))) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; + } /* Set base CRL number: must be critical */ - if (!X509_CRL_add1_ext_i2d(crl, NID_delta_crl, base->crl_number, 1, 0)) - goto memerr; + if (!X509_CRL_add1_ext_i2d(crl, NID_delta_crl, base->crl_number, 1, 0)) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; + } /* * Copy extensions across from newest CRL to delta: this will set CRL @@ -2090,8 +2103,10 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, for (i = 0; i < X509_CRL_get_ext_count(newer); i++) { X509_EXTENSION *ext = X509_CRL_get_ext(newer, i); - if (!X509_CRL_add_ext(crl, ext, -1)) - goto memerr; + if (!X509_CRL_add_ext(crl, ext, -1)) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; + } } /* Go through revoked entries, copying as needed */ @@ -2108,22 +2123,26 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, */ if (!X509_CRL_get0_by_serial(base, &rvtmp, &rvn->serialNumber)) { rvtmp = X509_REVOKED_dup(rvn); - if (rvtmp == NULL) - goto memerr; + if (rvtmp == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); + goto err; + } if (!X509_CRL_add0_revoked(crl, rvtmp)) { X509_REVOKED_free(rvtmp); - goto memerr; + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; } } } - if (skey != NULL && md != NULL && !X509_CRL_sign(crl, skey, md)) - goto memerr; + if (skey != NULL && md != NULL && !X509_CRL_sign(crl, skey, md)) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); + goto err; + } return crl; - memerr: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + err: X509_CRL_free(crl); return NULL; } @@ -2289,17 +2308,14 @@ X509_STORE_CTX *X509_STORE_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { X509_STORE_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->libctx = libctx; if (propq != NULL) { ctx->propq = OPENSSL_strdup(propq); if (ctx->propq == NULL) { OPENSSL_free(ctx); - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); return NULL; } } @@ -2419,7 +2435,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, ctx->param = X509_VERIFY_PARAM_new(); if (ctx->param == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; } @@ -2447,7 +2463,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &ctx->ex_data)) return 1; - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); err: /* @@ -2677,7 +2693,7 @@ static unsigned char *dane_i2d(X509 *cert, uint8_t selector, } if (len < 0 || buf == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); return NULL; } @@ -3034,24 +3050,30 @@ static int build_chain(X509_STORE_CTX *ctx) } /* Initialize empty untrusted stack. */ - if ((sk_untrusted = sk_X509_new_null()) == NULL) + if ((sk_untrusted = sk_X509_new_null()) == NULL) { + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto memerr; + } /* * If we got any "Cert(0) Full(0)" trust anchors from DNS, *prepend* them * to our working copy of the untrusted certificate stack. */ if (DANETLS_ENABLED(dane) && dane->certs != NULL - && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT)) + && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT)) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); goto memerr; + } /* * Shallow-copy the stack of untrusted certificates (with TLS, this is * typically the content of the peer's certificate message) so we can make * multiple passes over it, while free to remove elements as we go. */ - if (!X509_add_certs(sk_untrusted, ctx->untrusted, X509_ADD_FLAG_DEFAULT)) + if (!X509_add_certs(sk_untrusted, ctx->untrusted, X509_ADD_FLAG_DEFAULT)) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); goto memerr; + } /* * Still absurdly large, but arithmetically safe, a lower hard upper bound @@ -3163,6 +3185,7 @@ static int build_chain(X509_STORE_CTX *ctx) /* Grow the chain by trusted issuer */ if (!sk_X509_push(ctx->chain, issuer)) { X509_free(issuer); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto memerr; } if ((self_signed = X509_self_signed(issuer, 0)) < 0) @@ -3330,7 +3353,6 @@ static int build_chain(X509_STORE_CTX *ctx) return -1; memerr: - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); ctx->error = X509_V_ERR_OUT_OF_MEM; sk_X509_free(sk_untrusted); return -1; diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index 101f2dfe94..28d11dedfa 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -84,10 +84,8 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void) X509_VERIFY_PARAM *param; param = OPENSSL_zalloc(sizeof(*param)); - if (param == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (param == NULL) return NULL; - } param->trust = X509_TRUST_DEFAULT; /* param->inh_flags = X509_VP_FLAG_DEFAULT; */ param->depth = -1; diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c index 690e2799ff..de29f9713a 100644 --- a/crypto/x509/x509name.c +++ b/crypto/x509/x509name.c @@ -222,7 +222,7 @@ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, goto err; new_name->set = set; if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } if (inc) { diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c index 1d66697db0..142eeb79bd 100644 --- a/crypto/x509/x509spki.c +++ b/crypto/x509/x509spki.c @@ -35,10 +35,8 @@ NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len) NETSCAPE_SPKI *spki; if (len <= 0) len = strlen(str); - if ((spki_der = OPENSSL_malloc(len + 1)) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if ((spki_der = OPENSSL_malloc(len + 1)) == NULL) return NULL; - } spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len); if (spki_len < 0) { ERR_raise(ERR_LIB_X509, X509_R_BASE64_DECODE_ERROR); @@ -65,7 +63,6 @@ char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) der_spki = OPENSSL_malloc(der_len); b64_str = OPENSSL_malloc(der_len * 2); if (der_spki == NULL || b64_str == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); OPENSSL_free(der_spki); OPENSSL_free(b64_str); return NULL; diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c index a19b0528b7..d021a6ff88 100644 --- a/crypto/x509/x_crl.c +++ b/crypto/x509/x_crl.c @@ -366,7 +366,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) if (inf->revoked == NULL) inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); if (inf->revoked == NULL || !sk_X509_REVOKED_push(inf->revoked, rev)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB); return 0; } inf->enc.modified = 1; @@ -490,10 +490,8 @@ X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl), { X509_CRL_METHOD *m = OPENSSL_malloc(sizeof(*m)); - if (m == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (m == NULL) return NULL; - } m->crl_init = crl_init; m->crl_free = crl_free; m->crl_lookup = crl_lookup; diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index bed2d049b4..98d03cf120 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -92,17 +92,20 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) X509_NAME *ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) - goto memerr; - if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL) - goto memerr; - if ((ret->bytes = BUF_MEM_new()) == NULL) - goto memerr; + return 0; + if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB); + goto err; + } + if ((ret->bytes = BUF_MEM_new()) == NULL) { + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); + goto err; + } ret->modified = 1; *val = (ASN1_VALUE *)ret; return 1; - memerr: - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + err: if (ret) { sk_X509_NAME_ENTRY_free(ret->entries); OPENSSL_free(ret); @@ -246,26 +249,28 @@ static int x509_name_encode(X509_NAME *a) intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null(); if (!intname.s) - goto memerr; + goto cerr; for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { entry = sk_X509_NAME_ENTRY_value(a->entries, i); if (entry->set != set) { entries = sk_X509_NAME_ENTRY_new_null(); if (!entries) - goto memerr; + goto cerr; if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) { sk_X509_NAME_ENTRY_free(entries); - goto memerr; + goto cerr; } set = entry->set; } if (!sk_X509_NAME_ENTRY_push(entries, entry)) - goto memerr; + goto cerr; } len = ASN1_item_ex_i2d(&intname.a, NULL, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); - if (!BUF_MEM_grow(a->bytes, len)) - goto memerr; + if (!BUF_MEM_grow(a->bytes, len)) { + ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB); + goto err; + } p = (unsigned char *)a->bytes->data; ASN1_item_ex_i2d(&intname.a, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); @@ -273,10 +278,11 @@ static int x509_name_encode(X509_NAME *a) local_sk_X509_NAME_ENTRY_free); a->modified = 0; return len; - memerr: + cerr: + ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB); + err: sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, local_sk_X509_NAME_ENTRY_free); - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); return -1; } @@ -318,7 +324,7 @@ static int x509_name_canon(X509_NAME *a) } intname = sk_STACK_OF_X509_NAME_ENTRY_new_null(); if (intname == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { @@ -329,25 +335,25 @@ static int x509_name_canon(X509_NAME *a) goto err; if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) { sk_X509_NAME_ENTRY_free(entries); - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } set = entry->set; } tmpentry = X509_NAME_ENTRY_new(); if (tmpentry == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto err; } tmpentry->object = OBJ_dup(entry->object); if (tmpentry->object == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_OBJ_LIB); goto err; } if (!asn1_string_canon(tmpentry->value, entry->value)) goto err; if (!sk_X509_NAME_ENTRY_push(entries, tmpentry)) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); goto err; } tmpentry = NULL; @@ -360,10 +366,8 @@ static int x509_name_canon(X509_NAME *a) a->canon_enclen = len; p = OPENSSL_malloc(a->canon_enclen); - if (p == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (p == NULL) goto err; - } a->canon_enc = p; diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index c8d76f882e..89184fc910 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -112,12 +112,13 @@ static int x509_pubkey_ex_new_ex(ASN1_VALUE **pval, const ASN1_ITEM *it, { X509_PUBKEY *ret; - if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL - || !x509_pubkey_ex_populate((ASN1_VALUE **)&ret, NULL) + if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) + return 0; + if (!x509_pubkey_ex_populate((ASN1_VALUE **)&ret, NULL) || !x509_pubkey_set0_libctx(ret, libctx, propq)) { x509_pubkey_ex_free((ASN1_VALUE **)&ret, NULL); ret = NULL; - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); } else { *pval = (ASN1_VALUE *)ret; } @@ -141,7 +142,7 @@ static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval, if (*pval == NULL && !x509_pubkey_ex_new_ex(pval, it, libctx, propq)) return 0; if (!x509_pubkey_ex_populate(pval, NULL)) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_X509_LIB); return 0; } @@ -190,10 +191,8 @@ static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval, */ if (aclass != V_ASN1_UNIVERSAL) { tmpbuf = OPENSSL_memdup(in_saved, publen); - if (tmpbuf == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + if (tmpbuf == NULL) return 0; - } in_saved = tmpbuf; *tmpbuf = V_ASN1_CONSTRUCTED | V_ASN1_SEQUENCE; } @@ -284,16 +283,22 @@ X509_PUBKEY *X509_PUBKEY_dup(const X509_PUBKEY *a) { X509_PUBKEY *pubkey = OPENSSL_zalloc(sizeof(*pubkey)); - if (pubkey == NULL - || !x509_pubkey_set0_libctx(pubkey, a->libctx, a->propq) - || (pubkey->algor = X509_ALGOR_dup(a->algor)) == NULL - || (pubkey->public_key = ASN1_BIT_STRING_new()) == NULL - || !ASN1_BIT_STRING_set(pubkey->public_key, - a->public_key->data, - a->public_key->length)) { + if (pubkey == NULL) + return NULL; + if (!x509_pubkey_set0_libctx(pubkey, a->libctx, a->propq)) { + ERR_raise(ERR_LIB_X509, ERR_R_X509_LIB); x509_pubkey_ex_free((ASN1_VALUE **)&pubkey, ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL)); - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + return NULL; + } + if ((pubkey->algor = X509_ALGOR_dup(a->algor)) == NULL + || (pubkey->public_key = ASN1_BIT_STRING_new()) == NULL + || !ASN1_BIT_STRING_set(pubkey->public_key, + a->public_key->data, + a->public_key->length)) { + x509_pubkey_ex_free((ASN1_VALUE **)&pubkey, + ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL)); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); return NULL; } @@ -325,7 +330,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) if (pkey->ameth != NULL) { if ((pk = X509_PUBKEY_new()) == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); goto error; } if (pkey->ameth->pub_encode != NULL) { @@ -416,7 +421,7 @@ static int x509_pubkey_decode(EVP_PKEY **ppkey, const X509_PUBKEY *key) pkey = EVP_PKEY_new(); if (pkey == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_EVP_LIB); return -1; } @@ -499,10 +504,8 @@ static EVP_PKEY *d2i_PUBKEY_int(EVP_PKEY **a, */ if (libctx != NULL || propq != NULL || force_legacy) { xpk2 = OPENSSL_zalloc(sizeof(*xpk2)); - if (xpk2 == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (xpk2 == NULL) return NULL; - } if (!x509_pubkey_set0_libctx(xpk2, libctx, propq)) goto end; xpk2->flag_force_legacy = !!force_legacy; @@ -628,7 +631,7 @@ int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp) return 0; pktmp = EVP_PKEY_new(); if (pktmp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign_RSA(pktmp, (RSA *)a); @@ -670,7 +673,7 @@ int ossl_i2d_DH_PUBKEY(const DH *a, unsigned char **pp) return 0; pktmp = EVP_PKEY_new(); if (pktmp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign_DH(pktmp, (DH *)a); @@ -711,7 +714,7 @@ int ossl_i2d_DHx_PUBKEY(const DH *a, unsigned char **pp) return 0; pktmp = EVP_PKEY_new(); if (pktmp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign(pktmp, EVP_PKEY_DHX, (DH *)a); @@ -753,7 +756,7 @@ int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp) return 0; pktmp = EVP_PKEY_new(); if (pktmp == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign_DSA(pktmp, (DSA *)a); @@ -798,7 +801,7 @@ int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp) if (a == NULL) return 0; if ((pktmp = EVP_PKEY_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign_EC_KEY(pktmp, (EC_KEY *)a); @@ -839,7 +842,7 @@ int ossl_i2d_ED25519_PUBKEY(const ECX_KEY *a, unsigned char **pp) if (a == NULL) return 0; if ((pktmp = EVP_PKEY_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED25519, (ECX_KEY *)a); @@ -881,7 +884,7 @@ int ossl_i2d_ED448_PUBKEY(const ECX_KEY *a, unsigned char **pp) if (a == NULL) return 0; if ((pktmp = EVP_PKEY_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign(pktmp, EVP_PKEY_ED448, (ECX_KEY *)a); @@ -923,7 +926,7 @@ int ossl_i2d_X25519_PUBKEY(const ECX_KEY *a, unsigned char **pp) if (a == NULL) return 0; if ((pktmp = EVP_PKEY_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign(pktmp, EVP_PKEY_X25519, (ECX_KEY *)a); @@ -965,7 +968,7 @@ int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp) if (a == NULL) return 0; if ((pktmp = EVP_PKEY_new()) == NULL) { - ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return -1; } (void)EVP_PKEY_assign(pktmp, EVP_PKEY_X448, (ECX_KEY *)a); diff --git a/crypto/x509/x_req.c b/crypto/x509/x_req.c index 293d4be713..a8faac1706 100644 --- a/crypto/x509/x_req.c +++ b/crypto/x509/x_req.c @@ -74,7 +74,7 @@ static int req_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, if (pkey != NULL) { pkey = EVP_PKEY_dup(pkey); if (pkey == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_X509, ERR_R_EVP_LIB); return 0; } if (!X509_PUBKEY_set(&ret->req_info.pubkey, pkey)) { diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index 010578b19a..8d831dbe21 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -272,10 +272,8 @@ int i2d_X509_AUX(const X509 *a, unsigned char **pp) /* Allocate requisite combined storage */ *pp = tmp = OPENSSL_malloc(length); - if (tmp == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); + if (tmp == NULL) return -1; - } /* Encode, but keep *pp at the originally malloced pointer */ length = i2d_x509_aux_internal(a, &tmp); diff --git a/engines/e_capi.c b/engines/e_capi.c index 3c747cbecd..ffc5bf7a2a 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -323,7 +323,6 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) ctx->storename = tmpstr; CAPI_trace(ctx, "Setting store name to %s\n", p); } else { - CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE); ret = 0; } break; @@ -350,7 +349,6 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) ctx->debug_file = tmpstr; CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file); } else { - CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE); ret = 0; } break; @@ -417,8 +415,10 @@ static int capi_init(ENGINE *e) if (capi_idx < 0) { capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); - if (capi_idx < 0) - goto memerr; + if (capi_idx < 0) { + CAPIerr(CAPI_F_CAPI_INIT, ERR_R_ENGINE_LIB); + goto err; + } cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0); @@ -437,7 +437,8 @@ static int capi_init(ENGINE *e) RSA_meth_get_bn_mod_exp(ossl_rsa_meth)) || !RSA_meth_set_finish(capi_rsa_method, capi_rsa_free) || !RSA_meth_set_sign(capi_rsa_method, capi_rsa_sign)) { - goto memerr; + CAPIerr(CAPI_F_CAPI_INIT, ERR_R_RSA_LIB); + goto err; } # ifndef OPENSSL_NO_DSA @@ -452,14 +453,17 @@ static int capi_init(ENGINE *e) DSA_meth_get_mod_exp(ossl_dsa_meth)) || !DSA_meth_set_bn_mod_exp(capi_dsa_method, DSA_meth_get_bn_mod_exp(ossl_dsa_meth))) { - goto memerr; + CAPIerr(CAPI_F_CAPI_INIT, ERR_R_DSA_LIB); + goto err; } # endif } ctx = capi_ctx_new(); - if (ctx == NULL) - goto memerr; + if (ctx == NULL) { + CAPIerr(CAPI_F_CAPI_INIT, ERR_R_CAPI_LIB); + goto err; + } ENGINE_set_ex_data(e, capi_idx, ctx); @@ -488,11 +492,8 @@ static int capi_init(ENGINE *e) return 1; - memerr: - CAPIerr(CAPI_F_CAPI_INIT, ERR_R_MALLOC_FAILURE); + err: return 0; - - return 1; } static int capi_destroy(ENGINE *e) @@ -655,7 +656,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) pubkey = OPENSSL_malloc(len); if (pubkey == NULL) - goto memerr; + goto err; if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, pubkey, &len)) { CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_PUBKEY_EXPORT_ERROR); @@ -684,8 +685,10 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) } rsa_modulus = (unsigned char *)(rp + 1); rkey = RSA_new_method(eng); - if (!rkey) - goto memerr; + if (!rkey) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_RSA_LIB); + goto err; + } e = BN_new(); n = BN_new(); @@ -693,22 +696,29 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) if (e == NULL || n == NULL) { BN_free(e); BN_free(n); - goto memerr; + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_BN_LIB); + goto err; } RSA_set0_key(rkey, n, e, NULL); - if (!BN_set_word(e, rp->pubexp)) - goto memerr; + if (!BN_set_word(e, rp->pubexp)) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_BN_LIB); + goto err; + } rsa_modlen = rp->bitlen / 8; - if (!lend_tobn(n, rsa_modulus, rsa_modlen)) - goto memerr; + if (!lend_tobn(n, rsa_modulus, rsa_modlen)) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_BN_LIB); + goto err; + } RSA_set_ex_data(rkey, rsa_capi_idx, key); - if ((ret = EVP_PKEY_new()) == NULL) - goto memerr; + if ((ret = EVP_PKEY_new()) == NULL) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_EVP_LIB); + goto err; + } EVP_PKEY_assign_RSA(ret, rkey); rkey = NULL; @@ -731,8 +741,10 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) dsa_plen = dp->bitlen / 8; btmp = (unsigned char *)(dp + 1); dkey = DSA_new_method(eng); - if (!dkey) - goto memerr; + if (!dkey) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_DSA_LIB); + goto err; + } p = BN_new(); q = BN_new(); g = BN_new(); @@ -742,27 +754,38 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) BN_free(q); BN_free(g); BN_free(pub_key); - goto memerr; + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_BN_LIB); + goto err; } DSA_set0_pqg(dkey, p, q, g); DSA_set0_key(dkey, pub_key, NULL); - if (!lend_tobn(p, btmp, dsa_plen)) - goto memerr; + if (!lend_tobn(p, btmp, dsa_plen)) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_CAPI_LIB); + goto err; + } btmp += dsa_plen; - if (!lend_tobn(q, btmp, 20)) - goto memerr; + if (!lend_tobn(q, btmp, 20)) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_CAPI_LIB); + goto err; + } btmp += 20; - if (!lend_tobn(g, btmp, dsa_plen)) - goto memerr; + if (!lend_tobn(g, btmp, dsa_plen)) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_CAPI_LIB); + goto err; + } btmp += dsa_plen; - if (!lend_tobn(pub_key, btmp, dsa_plen)) - goto memerr; + if (!lend_tobn(pub_key, btmp, dsa_plen)) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_CAPI_LIB); + goto err; + } btmp += dsa_plen; DSA_set_ex_data(dkey, dsa_capi_idx, key); - if ((ret = EVP_PKEY_new()) == NULL) - goto memerr; + if ((ret = EVP_PKEY_new()) == NULL) { + CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_EVP_LIB); + goto err; + } EVP_PKEY_assign_DSA(ret, dkey); dkey = NULL; @@ -786,11 +809,6 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) } return ret; - - memerr: - CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE); - goto err; - } static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id, @@ -966,10 +984,8 @@ int capi_rsa_priv_dec(int flen, const unsigned char *from, } /* Create temp reverse order version of input */ - if ((tmpbuf = OPENSSL_malloc(flen)) == NULL) { - CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, ERR_R_MALLOC_FAILURE); + if ((tmpbuf = OPENSSL_malloc(flen)) == NULL) return -1; - } for (i = 0; i < flen; i++) tmpbuf[flen - i - 1] = from[i]; @@ -1139,10 +1155,8 @@ static char *wide_to_asc(LPCWSTR wstr) return NULL; } str = OPENSSL_malloc(sz); - if (str == NULL) { - CAPIerr(CAPI_F_WIDE_TO_ASC, ERR_R_MALLOC_FAILURE); + if (str == NULL) return NULL; - } if (!WideCharToMultiByte(CP_ACP, 0, wstr, len_0, str, sz, NULL, NULL)) { OPENSSL_free(str); CAPIerr(CAPI_F_WIDE_TO_ASC, CAPI_R_WIN32_ERROR); @@ -1166,10 +1180,8 @@ static int capi_get_provname(CAPI_CTX *ctx, LPSTR *pname, DWORD *ptype, return 0; } name = OPENSSL_malloc(len); - if (name == NULL) { - CAPIerr(CAPI_F_CAPI_GET_PROVNAME, ERR_R_MALLOC_FAILURE); + if (name == NULL) return 0; - } if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len)) { err = GetLastError(); OPENSSL_free(name); @@ -1253,10 +1265,8 @@ static int capi_list_containers(CAPI_CTX *ctx, BIO *out) if (buflen == 0) buflen = 1024; cname = OPENSSL_malloc(buflen); - if (cname == NULL) { - CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE); + if (cname == NULL) goto err; - } for (idx = 0;; idx++) { clen = buflen; @@ -1304,10 +1314,8 @@ static CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX *ctx, NULL, &len)) return NULL; pinfo = OPENSSL_malloc(len); - if (pinfo == NULL) { - CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, ERR_R_MALLOC_FAILURE); + if (pinfo == NULL) return NULL; - } if (!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID, pinfo, &len)) { CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, @@ -1623,10 +1631,8 @@ static CAPI_CTX *capi_ctx_new(void) { CAPI_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - CAPIerr(CAPI_F_CAPI_CTX_NEW, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->csptype = PROV_RSA_FULL; ctx->dump_flags = CAPI_DMP_SUMMARY | CAPI_DMP_FNAME; ctx->keytype = AT_KEYEXCHANGE; @@ -1674,10 +1680,8 @@ static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type, CryptReleaseContext(hprov, 0); } tmpcspname = OPENSSL_strdup(pname); - if (tmpcspname == NULL) { - CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, ERR_R_MALLOC_FAILURE); + if (tmpcspname == NULL) return 0; - } OPENSSL_free(ctx->cspname); ctx->cspname = tmpcspname; ctx->csptype = type; diff --git a/engines/e_dasync.c b/engines/e_dasync.c index 4b7a53661d..b0a08654cc 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -679,11 +679,8 @@ static int dasync_cipher_init_key_helper(EVP_CIPHER_CTX *ctx, && EVP_CIPHER_impl_ctx_size(cipher) != 0) { pipe_ctx->inner_cipher_data = OPENSSL_zalloc( EVP_CIPHER_impl_ctx_size(cipher)); - if (pipe_ctx->inner_cipher_data == NULL) { - DASYNCerr(DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, - ERR_R_MALLOC_FAILURE); + if (pipe_ctx->inner_cipher_data == NULL) return 0; - } } pipe_ctx->numpipes = 0; diff --git a/engines/e_loader_attic.c b/engines/e_loader_attic.c index 7b9dcd9fee..a7285e871c 100644 --- a/engines/e_loader_attic.c +++ b/engines/e_loader_attic.c @@ -59,7 +59,7 @@ static char *file_get_pass(const UI_METHOD *ui_method, char *pass, char *prompt = NULL; if (ui == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + ATTICerr(0, ERR_R_UI_LIB); return NULL; } @@ -68,7 +68,7 @@ static char *file_get_pass(const UI_METHOD *ui_method, char *pass, UI_add_user_data(ui, data); if ((prompt = UI_construct_prompt(ui, desc, info)) == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + ATTICerr(0, ERR_R_UI_LIB); pass = NULL; } else if (UI_add_input_string(ui, prompt, UI_INPUT_FLAG_DEFAULT_PWD, pass, 0, maxsize - 1) <= 0) { @@ -190,9 +190,10 @@ static OSSL_STORE_INFO *new_EMBEDDED(const char *new_pem_name, OSSL_STORE_INFO *info = NULL; struct embedded_st *data = NULL; - if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL - || (info = OSSL_STORE_INFO_new(STORE_INFO_EMBEDDED, data)) == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL) + return NULL; + if ((info = OSSL_STORE_INFO_new(STORE_INFO_EMBEDDED, data)) == NULL) { + ATTICerr(0, ERR_R_OSSL_STORE_LIB); OPENSSL_free(data); return NULL; } @@ -202,7 +203,6 @@ static OSSL_STORE_INFO *new_EMBEDDED(const char *new_pem_name, new_pem_name == NULL ? NULL : OPENSSL_strdup(new_pem_name); if (new_pem_name != NULL && data->pem_name == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); store_info_free(info); info = NULL; } @@ -458,7 +458,7 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name, *matchcount = 1; if ((mem = BUF_MEM_new()) == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + ATTICerr(0, ERR_R_BUF_LIB); goto nop8; } @@ -481,7 +481,7 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name, store_info = new_EMBEDDED(PEM_STRING_PKCS8INF, mem); if (store_info == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + ATTICerr(0, ERR_R_OSSL_STORE_LIB); goto nop8; } @@ -1022,15 +1022,11 @@ static OSSL_STORE_LOADER_CTX *file_open_ex /* Successfully found a working path */ ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->uri = OPENSSL_strdup(uri); - if (ctx->uri == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + if (ctx->uri == NULL) goto err; - } if (S_ISDIR(st.st_mode)) { ctx->type = is_dir; @@ -1050,10 +1046,8 @@ static OSSL_STORE_LOADER_CTX *file_open_ex } if (propq != NULL) { ctx->propq = OPENSSL_strdup(propq); - if (ctx->propq == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + if (ctx->propq == NULL) goto err; - } } ctx->libctx = libctx; @@ -1079,7 +1073,6 @@ static OSSL_STORE_LOADER_CTX *file_attach if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL || (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL)) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); OSSL_STORE_LOADER_CTX_free(ctx); return NULL; } @@ -1184,10 +1177,8 @@ static OSSL_STORE_INFO *file_load_try_decode(OSSL_STORE_LOADER_CTX *ctx, OPENSSL_zalloc(sizeof(*matching_handlers) * OSSL_NELEM(file_handlers)); - if (matching_handlers == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + if (matching_handlers == NULL) goto err; - } *matchcount = 0; for (i = 0; i < OSSL_NELEM(file_handlers); i++) { @@ -1429,10 +1420,8 @@ static int file_name_to_uri(OSSL_STORE_LOADER_CTX *ctx, const char *name, + strlen(name) + 1 /* \0 */; *data = OPENSSL_zalloc(calculated_length); - if (*data == NULL) { - ATTICerr(0, ERR_R_MALLOC_FAILURE); + if (*data == NULL) return 0; - } OPENSSL_strlcat(*data, ctx->uri, calculated_length); OPENSSL_strlcat(*data, pathsep, calculated_length); diff --git a/include/crypto/dherr.h b/include/crypto/dherr.h index bb24d131eb..af2c158144 100644 --- a/include/crypto/dherr.h +++ b/include/crypto/dherr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h index 5d2a762a96..eda3b1c9a5 100644 --- a/include/openssl/dherr.h +++ b/include/openssl/dherr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -40,6 +40,7 @@ # define DH_R_INVALID_PARAMETER_NID 114 # define DH_R_INVALID_PUBKEY 102 # define DH_R_INVALID_SECRET 128 +# define DH_R_INVALID_SIZE 129 # define DH_R_KDF_PARAMETER_ERROR 112 # define DH_R_KEYS_NOT_SET 108 # define DH_R_MISSING_PUBKEY 125 diff --git a/include/openssl/err.h.in b/include/openssl/err.h.in index 7ca0b970a1..26b98800f9 100644 --- a/include/openssl/err.h.in +++ b/include/openssl/err.h.in @@ -325,15 +325,27 @@ static ossl_unused ossl_inline int ERR_COMMON_ERROR(unsigned long errcode) # define ERR_R_DSA_LIB (ERR_LIB_DSA/* 10 */ | ERR_RFLAG_COMMON) # define ERR_R_X509_LIB (ERR_LIB_X509/* 11 */ | ERR_RFLAG_COMMON) # define ERR_R_ASN1_LIB (ERR_LIB_ASN1/* 13 */ | ERR_RFLAG_COMMON) +# define ERR_R_CONF_LIB (ERR_LIB_CONF/* 14 */ | ERR_RFLAG_COMMON) # define ERR_R_CRYPTO_LIB (ERR_LIB_CRYPTO/* 15 */ | ERR_RFLAG_COMMON) # define ERR_R_EC_LIB (ERR_LIB_EC/* 16 */ | ERR_RFLAG_COMMON) +# define ERR_R_SSL_LIB (ERR_LIB_SSL/* 20 */ | ERR_RFLAG_COMMON) # define ERR_R_BIO_LIB (ERR_LIB_BIO/* 32 */ | ERR_RFLAG_COMMON) # define ERR_R_PKCS7_LIB (ERR_LIB_PKCS7/* 33 */ | ERR_RFLAG_COMMON) # define ERR_R_X509V3_LIB (ERR_LIB_X509V3/* 34 */ | ERR_RFLAG_COMMON) +# define ERR_R_PKCS12_LIB (ERR_LIB_PKCS12/* 35 */ | ERR_RFLAG_COMMON) +# define ERR_R_RAND_LIB (ERR_LIB_RAND/* 36 */ | ERR_RFLAG_COMMON) +# define ERR_R_DSO_LIB (ERR_LIB_DSO/* 37 */ | ERR_RFLAG_COMMON) # define ERR_R_ENGINE_LIB (ERR_LIB_ENGINE/* 38 */ | ERR_RFLAG_COMMON) # define ERR_R_UI_LIB (ERR_LIB_UI/* 40 */ | ERR_RFLAG_COMMON) # define ERR_R_ECDSA_LIB (ERR_LIB_ECDSA/* 42 */ | ERR_RFLAG_COMMON) # define ERR_R_OSSL_STORE_LIB (ERR_LIB_OSSL_STORE/* 44 */ | ERR_RFLAG_COMMON) +# define ERR_R_CMS_LIB (ERR_LIB_CMS/* 46 */ | ERR_RFLAG_COMMON) +# define ERR_R_TS_LIB (ERR_LIB_TS/* 47 */ | ERR_RFLAG_COMMON) +# define ERR_R_CT_LIB (ERR_LIB_CT/* 50 */ | ERR_RFLAG_COMMON) +# define ERR_R_PROV_LIB (ERR_LIB_PROV/* 57 */ | ERR_RFLAG_COMMON) +# define ERR_R_ESS_LIB (ERR_LIB_ESS/* 54 */ | ERR_RFLAG_COMMON) +# define ERR_R_CMP_LIB (ERR_LIB_CMP/* 58 */ | ERR_RFLAG_COMMON) +# define ERR_R_OSSL_ENCODER_LIB (ERR_LIB_OSSL_ENCODER/* 59 */ | ERR_RFLAG_COMMON) # define ERR_R_OSSL_DECODER_LIB (ERR_LIB_OSSL_DECODER/* 60 */ | ERR_RFLAG_COMMON) /* Other common error codes, range 256..2^ERR_RFLAGS_OFFSET-1 */ diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index f9a9dbef3c..2d8cba2ac9 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -357,10 +357,8 @@ int ossl_prov_memdup(const void *src, size_t src_len, unsigned char **dest, size_t *dest_len) { if (src != NULL) { - if ((*dest = OPENSSL_memdup(src, src_len)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*dest = OPENSSL_memdup(src, src_len)) == NULL) return 0; - } *dest_len = src_len; } else { *dest = NULL; diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index ce5ddff651..36c03403fb 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -156,10 +156,8 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, int rsasize = RSA_size(prsactx->rsa); unsigned char *tbuf; - if ((tbuf = OPENSSL_malloc(rsasize)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((tbuf = OPENSSL_malloc(rsasize)) == NULL) return 0; - } if (prsactx->oaep_md == NULL) { OPENSSL_free(tbuf); prsactx->oaep_md = EVP_MD_fetch(prsactx->libctx, "SHA-1", NULL); @@ -231,10 +229,8 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, || prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) { unsigned char *tbuf; - if ((tbuf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((tbuf = OPENSSL_malloc(len)) == NULL) return 0; - } ret = RSA_private_decrypt(inlen, in, tbuf, prsactx->rsa, RSA_NO_PADDING); /* diff --git a/providers/implementations/ciphers/cipher_aes.c b/providers/implementations/ciphers/cipher_aes.c index 2f469c131a..280be2dddc 100644 --- a/providers/implementations/ciphers/cipher_aes.c +++ b/providers/implementations/ciphers/cipher_aes.c @@ -40,10 +40,8 @@ static void *aes_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_aes_gcm_siv.c b/providers/implementations/ciphers/cipher_aes_gcm_siv.c index 93e65d530e..7bca9b3bd1 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_siv.c +++ b/providers/implementations/ciphers/cipher_aes_gcm_siv.c @@ -65,19 +65,15 @@ static void *ossl_aes_gcm_siv_dupctx(void *vctx) return NULL; ret = OPENSSL_memdup(in, sizeof(*in)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } /* NULL-out these things we create later */ ret->aad = NULL; ret->ecb_ctx = NULL; if (in->aad == NULL) { - if ((ret->aad = OPENSSL_memdup(in->aad, UP16(ret->aad_len))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ret->aad = OPENSSL_memdup(in->aad, UP16(ret->aad_len))) == NULL) goto err; - } } if (!in->hw->dup_ctx(ret, in)) diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index ce377ad574..4f2f6fb430 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -340,10 +340,8 @@ static void *aes_ocb_dupctx(void *vctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; if (!aes_generic_ocb_copy_ctx(ret, in)) { OPENSSL_free(ret); diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c index 45010b90db..9ce91f70ce 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.c +++ b/providers/implementations/ciphers/cipher_aes_siv.c @@ -65,10 +65,8 @@ static void *siv_dupctx(void *vctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } if (!in->hw->dupctx(in, ret)) { OPENSSL_free(ret); ret = NULL; diff --git a/providers/implementations/ciphers/cipher_aes_xts.c b/providers/implementations/ciphers/cipher_aes_xts.c index dce2032986..ecd9f02ac2 100644 --- a/providers/implementations/ciphers/cipher_aes_xts.c +++ b/providers/implementations/ciphers/cipher_aes_xts.c @@ -146,10 +146,8 @@ static void *aes_xts_dupctx(void *vctx) return NULL; } ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; } diff --git a/providers/implementations/ciphers/cipher_aria.c b/providers/implementations/ciphers/cipher_aria.c index be69c39bab..ce4938d44a 100644 --- a/providers/implementations/ciphers/cipher_aria.c +++ b/providers/implementations/ciphers/cipher_aria.c @@ -33,10 +33,8 @@ static void *aria_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_blowfish.c b/providers/implementations/ciphers/cipher_blowfish.c index e3b08ddbe4..9f17f1200d 100644 --- a/providers/implementations/ciphers/cipher_blowfish.c +++ b/providers/implementations/ciphers/cipher_blowfish.c @@ -41,10 +41,8 @@ static void *blowfish_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_camellia.c b/providers/implementations/ciphers/cipher_camellia.c index b119666aa8..c550af3f83 100644 --- a/providers/implementations/ciphers/cipher_camellia.c +++ b/providers/implementations/ciphers/cipher_camellia.c @@ -39,10 +39,8 @@ static void *camellia_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_cast5.c b/providers/implementations/ciphers/cipher_cast5.c index 55081ccbe9..84c88793b0 100644 --- a/providers/implementations/ciphers/cipher_cast5.c +++ b/providers/implementations/ciphers/cipher_cast5.c @@ -42,10 +42,8 @@ static void *cast5_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index c6d13466f7..6acfa05119 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -53,10 +53,8 @@ static void *des_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_idea.c b/providers/implementations/ciphers/cipher_idea.c index bc716290a4..c69c6ac092 100644 --- a/providers/implementations/ciphers/cipher_idea.c +++ b/providers/implementations/ciphers/cipher_idea.c @@ -40,10 +40,8 @@ static void *idea_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_rc2.c b/providers/implementations/ciphers/cipher_rc2.c index 106f47e866..388613c548 100644 --- a/providers/implementations/ciphers/cipher_rc2.c +++ b/providers/implementations/ciphers/cipher_rc2.c @@ -50,10 +50,8 @@ static void *rc2_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; @@ -130,7 +128,7 @@ static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if ((type = ASN1_TYPE_new()) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } @@ -139,7 +137,7 @@ static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[]) if (!ASN1_TYPE_set_int_octetstring(type, num, ctx->base.iv, ctx->base.ivlen)) { ASN1_TYPE_free(type); - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } /* diff --git a/providers/implementations/ciphers/cipher_rc4.c b/providers/implementations/ciphers/cipher_rc4.c index a548beafaf..95f075076c 100644 --- a/providers/implementations/ciphers/cipher_rc4.c +++ b/providers/implementations/ciphers/cipher_rc4.c @@ -43,10 +43,8 @@ static void *rc4_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_rc5.c b/providers/implementations/ciphers/cipher_rc5.c index 5c7d2b1721..54fd4fba03 100644 --- a/providers/implementations/ciphers/cipher_rc5.c +++ b/providers/implementations/ciphers/cipher_rc5.c @@ -47,10 +47,8 @@ static void *rc5_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_seed.c b/providers/implementations/ciphers/cipher_seed.c index bae6a8e530..3644cb5e22 100644 --- a/providers/implementations/ciphers/cipher_seed.c +++ b/providers/implementations/ciphers/cipher_seed.c @@ -39,10 +39,8 @@ static void *seed_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_sm4.c b/providers/implementations/ciphers/cipher_sm4.c index 6cf2731c6d..863c9997f5 100644 --- a/providers/implementations/ciphers/cipher_sm4.c +++ b/providers/implementations/ciphers/cipher_sm4.c @@ -33,10 +33,8 @@ static void *sm4_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index 346aec05a1..2e611df901 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -44,10 +44,8 @@ void *ossl_tdes_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/encode_decode/decode_msblob2key.c b/providers/implementations/encode_decode/decode_msblob2key.c index 501957faba..fe4ea77b3a 100644 --- a/providers/implementations/encode_decode/decode_msblob2key.c +++ b/providers/implementations/encode_decode/decode_msblob2key.c @@ -120,10 +120,8 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, goto next; } buf = OPENSSL_malloc(length); - if (buf == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (buf == NULL) goto end; - } p = buf; if (BIO_read(in, buf, length) != (int)length) { ERR_raise(ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT); diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index 246826749f..bd79228a4c 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -91,7 +91,7 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, || (derlen = k2d(key, &der)) <= 0 || !PKCS8_pkey_set0(p8info, OBJ_nid2obj(key_nid), 0, params_type, params, der, derlen)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); PKCS8_PRIV_KEY_INFO_free(p8info); OPENSSL_free(der); p8info = NULL; @@ -154,7 +154,7 @@ static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, || (derlen = k2d(key, &der)) <= 0 || !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(key_nid), params_type, params, der, derlen)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_X509_LIB); X509_PUBKEY_free(xpk); OPENSSL_free(der); xpk = NULL; @@ -380,7 +380,7 @@ static int key_to_type_specific_der_bio(BIO *out, const void *key, int ret; if ((derlen = k2d(key, &der)) <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return 0; } @@ -446,7 +446,7 @@ static int prepare_dh_params(const void *dh, int nid, int save, ASN1_STRING *params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } @@ -456,7 +456,7 @@ static int prepare_dh_params(const void *dh, int nid, int save, params->length = i2d_DHparams(dh, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); ASN1_STRING_free(params); return 0; } @@ -550,14 +550,14 @@ static int encode_dsa_params(const void *dsa, int nid, ASN1_STRING *params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } params->length = i2d_DSAparams(dsa, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); ASN1_STRING_free(params); return 0; } @@ -645,13 +645,13 @@ static int prepare_ec_explicit_params(const void *eckey, ASN1_STRING *params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } params->length = i2d_ECParameters(eckey, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); ASN1_STRING_free(params); return 0; } @@ -762,10 +762,8 @@ static int ecx_spki_pub_to_der(const void *vecxkey, unsigned char **pder) } keyblob = OPENSSL_memdup(ecxkey->pubkey, ecxkey->keylen); - if (keyblob == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (keyblob == NULL) return 0; - } *pder = keyblob; return ecxkey->keylen; @@ -788,7 +786,7 @@ static int ecx_pki_priv_to_der(const void *vecxkey, unsigned char **pder) keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); if (keybloblen < 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index a92e04a89d..11e45c7fb0 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -664,7 +664,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection) coeffs = sk_BIGNUM_const_new_null(); if (factors == NULL || exps == NULL || coeffs == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_CRYPTO_LIB); goto err; } diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c index ebed25a08f..5d459e1c69 100644 --- a/providers/implementations/exchange/dh_exch.c +++ b/providers/implementations/exchange/dh_exch.c @@ -194,10 +194,8 @@ static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret, } if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0, 1)) return 0; - if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) return 0; - } if (!dh_plain_derive(pdhctx, stmp, &stmplen, stmplen, 1)) goto err; diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c index af24616eef..53b4249778 100644 --- a/providers/implementations/exchange/ecdh_exch.c +++ b/providers/implementations/exchange/ecdh_exch.c @@ -126,7 +126,7 @@ int ecdh_match_params(const EC_KEY *priv, const EC_KEY *peer) ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(priv)); if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_BN_LIB); return 0; } ret = group_priv != NULL @@ -524,10 +524,8 @@ int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret, } if (!ecdh_plain_derive(vpecdhctx, NULL, &stmplen, 0)) return 0; - if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) return 0; - } if (!ecdh_plain_derive(vpecdhctx, stmp, &stmplen, stmplen)) goto err; diff --git a/providers/implementations/exchange/ecx_exch.c b/providers/implementations/exchange/ecx_exch.c index 7e223f28c8..374f436c89 100644 --- a/providers/implementations/exchange/ecx_exch.c +++ b/providers/implementations/exchange/ecx_exch.c @@ -46,10 +46,8 @@ static void *ecx_newctx(void *provctx, size_t keylen) return NULL; ctx = OPENSSL_zalloc(sizeof(PROV_ECX_CTX)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->keylen = keylen; @@ -140,10 +138,8 @@ static void *ecx_dupctx(void *vecxctx) return NULL; dstctx = OPENSSL_zalloc(sizeof(*srcctx)); - if (dstctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (dstctx == NULL) return NULL; - } *dstctx = *srcctx; if (dstctx->key != NULL && !ossl_ecx_key_up_ref(dstctx->key)) { diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c index 7e5dd36eae..1293d6fc8a 100644 --- a/providers/implementations/kdfs/hkdf.c +++ b/providers/implementations/kdfs/hkdf.c @@ -94,9 +94,7 @@ static void *kdf_hkdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - else + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) ctx->provctx = provctx; return ctx; } diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c index f29d132e1a..53ddf5890a 100644 --- a/providers/implementations/kdfs/kbkdf.c +++ b/providers/implementations/kdfs/kbkdf.c @@ -115,10 +115,8 @@ static void *kbkdf_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; init(ctx); diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c index 0ad59734f8..b0fabd8ff2 100644 --- a/providers/implementations/kdfs/krb5kdf.c +++ b/providers/implementations/kdfs/krb5kdf.c @@ -64,10 +64,8 @@ static void *krb5kdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } diff --git a/providers/implementations/kdfs/pbkdf1.c b/providers/implementations/kdfs/pbkdf1.c index c43baa8e53..e76ed4b7e1 100644 --- a/providers/implementations/kdfs/pbkdf1.c +++ b/providers/implementations/kdfs/pbkdf1.c @@ -60,7 +60,7 @@ static int kdf_pbkdf1_do_derive(const unsigned char *pass, size_t passlen, ctx = EVP_MD_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto err; } @@ -96,10 +96,8 @@ static void *kdf_pbkdf1_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } @@ -161,10 +159,8 @@ static int kdf_pbkdf1_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index ff6a6d4a21..2506a96f7c 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -72,10 +72,8 @@ static void *kdf_pbkdf2_new_no_init(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } @@ -163,10 +161,8 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c index f3ade0f8b5..3495556302 100644 --- a/providers/implementations/kdfs/pkcs12kdf.c +++ b/providers/implementations/kdfs/pkcs12kdf.c @@ -60,7 +60,7 @@ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen, ctx = EVP_MD_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto end; } vi = EVP_MD_get_block_size(md_type); @@ -81,10 +81,8 @@ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen, Plen = 0; Ilen = Slen + Plen; I = OPENSSL_malloc(Ilen); - if (D == NULL || Ai == NULL || B == NULL || I == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (D == NULL || Ai == NULL || B == NULL || I == NULL) goto end; - } for (i = 0; i < v; i++) D[i] = id; p = I; @@ -144,10 +142,8 @@ static void *kdf_pkcs12_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } @@ -210,10 +206,8 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/pvkkdf.c b/providers/implementations/kdfs/pvkkdf.c index e5c964f84a..fde36ca19e 100644 --- a/providers/implementations/kdfs/pvkkdf.c +++ b/providers/implementations/kdfs/pvkkdf.c @@ -45,10 +45,8 @@ static void *kdf_pvk_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; kdf_pvk_init(ctx); return ctx; @@ -122,10 +120,8 @@ static int pvk_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c index e914eef992..253efeb16d 100644 --- a/providers/implementations/kdfs/scrypt.c +++ b/providers/implementations/kdfs/scrypt.c @@ -63,10 +63,8 @@ static void *kdf_scrypt_new_inner(OSSL_LIB_CTX *libctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->libctx = libctx; kdf_scrypt_init(ctx); return ctx; @@ -150,10 +148,8 @@ static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; @@ -179,10 +175,8 @@ static int set_property_query(KDF_SCRYPT *ctx, const char *propq) ctx->propq = NULL; if (propq != NULL) { ctx->propq = OPENSSL_strdup(propq); - if (ctx->propq == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx->propq == NULL) return 0; - } } return 1; } @@ -527,10 +521,8 @@ static int scrypt_alg(const char *pass, size_t passlen, return 1; B = OPENSSL_malloc((size_t)(Blen + Vlen)); - if (B == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (B == NULL) return 0; - } X = (uint32_t *)(B + Blen); T = X + 32 * r; V = T + 32 * r; diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index 1afac4e477..67170264fe 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -58,9 +58,7 @@ static void *kdf_sshkdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - else + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) ctx->provctx = provctx; return ctx; } diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index 1038c66dde..378aeb5d30 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -290,9 +290,8 @@ static void *sskdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - ctx->provctx = provctx; + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) + ctx->provctx = provctx; return ctx; } @@ -419,10 +418,8 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen, /* If no salt is set then use a default_salt of zeros */ if (ctx->salt == NULL || ctx->salt_len <= 0) { ctx->salt = OPENSSL_zalloc(default_salt_len); - if (ctx->salt == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx->salt == NULL) return 0; - } ctx->salt_len = default_salt_len; } ret = SSKDF_mac_kdm(ctx->macctx, diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index fd46283d3a..8a38073084 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -103,11 +103,8 @@ static void *kdf_tls1_prf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - return NULL; - } - ctx->provctx = provctx; + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) + ctx->provctx = provctx; return ctx; } @@ -414,10 +411,8 @@ static int tls1_prf_alg(EVP_MAC_CTX *mdctx, EVP_MAC_CTX *sha1ctx, seed, seed_len, out, olen)) return 0; - if ((tmp = OPENSSL_malloc(olen)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((tmp = OPENSSL_malloc(olen)) == NULL) return 0; - } if (!tls1_prf_P_hash(sha1ctx, sec + slen - L_S2, L_S2, seed, seed_len, tmp, olen)) { diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c index 51b2ebf26b..5e5bf68d60 100644 --- a/providers/implementations/kdfs/x942kdf.c +++ b/providers/implementations/kdfs/x942kdf.c @@ -335,10 +335,8 @@ static void *x942kdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return NULL; - } ctx->provctx = provctx; ctx->use_keybits = 1; return ctx; diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 3f2653f8ae..ec5c954856 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -1018,7 +1018,6 @@ static void *sm2_gen_init(void *provctx, int selection, return gctx; if ((gctx->group_name = OPENSSL_strdup("sm2")) != NULL) return gctx; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); ec_gen_cleanup(gctx); } return NULL; diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index 32dcc53c0b..351de5a40b 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -384,10 +384,8 @@ static int set_property_query(ECX_KEY *ecxkey, const char *propq) ecxkey->propq = NULL; if (propq != NULL) { ecxkey->propq = OPENSSL_strdup(propq); - if (ecxkey->propq == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ecxkey->propq == NULL) return 0; - } } return 1; } @@ -596,7 +594,7 @@ static void *ecx_gen(struct ecx_gen_ctx *gctx) return NULL; if ((key = ossl_ecx_key_new(gctx->libctx, gctx->type, 0, gctx->propq)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); return NULL; } @@ -605,7 +603,7 @@ static void *ecx_gen(struct ecx_gen_ctx *gctx) return key; if ((privkey = ossl_ecx_key_allocate_privkey(key)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } #ifndef FIPS_MODULE @@ -865,7 +863,7 @@ static void *s390x_ecx_keygen25519(struct ecx_gen_ctx *gctx) unsigned char *privkey = NULL, *pubkey; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -877,7 +875,7 @@ static void *s390x_ecx_keygen25519(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -922,7 +920,7 @@ static void *s390x_ecx_keygen448(struct ecx_gen_ctx *gctx) unsigned char *privkey = NULL, *pubkey; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -934,7 +932,7 @@ static void *s390x_ecx_keygen448(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -985,7 +983,7 @@ static void *s390x_ecd_keygen25519(struct ecx_gen_ctx *gctx) int j; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -997,7 +995,7 @@ static void *s390x_ecd_keygen25519(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -1052,7 +1050,7 @@ static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx) EVP_MD *shake = NULL; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -1064,7 +1062,7 @@ static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index fd19289300..4c5b7cc3c4 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -194,10 +194,8 @@ static int mac_key_fromdata(MAC_KEY *key, const OSSL_PARAM params[]) OPENSSL_secure_clear_free(key->priv_key, key->priv_key_len); /* allocate at least one byte to distinguish empty key from no key set */ key->priv_key = OPENSSL_secure_malloc(p->data_size > 0 ? p->data_size : 1); - if (key->priv_key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (key->priv_key == NULL) return 0; - } memcpy(key->priv_key, p->data, p->data_size); key->priv_key_len = p->data_size; } @@ -210,10 +208,8 @@ static int mac_key_fromdata(MAC_KEY *key, const OSSL_PARAM params[]) } OPENSSL_free(key->properties); key->properties = OPENSSL_strdup(p->data); - if (key->properties == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (key->properties == NULL) return 0; - } } if (key->cmac && !ossl_prov_cipher_load_from_params(&key->cipher, params, @@ -429,10 +425,8 @@ static int mac_gen_set_params(void *genctx, const OSSL_PARAM params[]) return 0; } gctx->priv_key = OPENSSL_secure_malloc(p->data_size); - if (gctx->priv_key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (gctx->priv_key == NULL) return 0; - } memcpy(gctx->priv_key, p->data, p->data_size); gctx->priv_key_len = p->data_size; } @@ -486,7 +480,7 @@ static void *mac_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg) return NULL; if ((key = ossl_mac_key_new(gctx->libctx, 0)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return NULL; } diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 123c40f54f..7c1ce18ac7 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -310,10 +310,8 @@ static int kmac_init(void *vmacctx, const unsigned char *key, return 0; } out = OPENSSL_malloc(out_len); - if (out == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (out == NULL) return 0; - } res = bytepad(out, NULL, kmac_string, sizeof(kmac_string), kctx->custom, kctx->custom_len, block_len) && EVP_DigestUpdate(ctx, out, out_len) diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c index 007a181c89..11ba455233 100644 --- a/providers/implementations/rands/drbg.c +++ b/providers/implementations/rands/drbg.c @@ -160,10 +160,8 @@ size_t ossl_drbg_get_seed(void *vdrbg, unsigned char **pout, /* Allocate storage */ buffer = OPENSSL_secure_malloc(bytes_needed); - if (buffer == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (buffer == NULL) return 0; - } /* * Get random data. Include our DRBG address as @@ -777,10 +775,8 @@ PROV_DRBG *ossl_rand_drbg_new return NULL; drbg = OPENSSL_zalloc(sizeof(*drbg)); - if (drbg == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (drbg == NULL) return NULL; - } drbg->provctx = provctx; drbg->instantiate = instantiate; diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index 451113c4d1..89e0ca5573 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -538,7 +538,7 @@ static int drbg_ctr_init(PROV_DRBG *drbg) if (ctr->ctx_ctr == NULL) ctr->ctx_ctr = EVP_CIPHER_CTX_new(); if (ctr->ctx_ecb == NULL || ctr->ctx_ctr == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto err; } @@ -565,7 +565,7 @@ static int drbg_ctr_init(PROV_DRBG *drbg) if (ctr->ctx_df == NULL) ctr->ctx_df = EVP_CIPHER_CTX_new(); if (ctr->ctx_df == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto err; } /* Set key schedule for df_key */ @@ -589,10 +589,8 @@ static int drbg_ctr_new(PROV_DRBG *drbg) PROV_DRBG_CTR *ctr; ctr = OPENSSL_secure_zalloc(sizeof(*ctr)); - if (ctr == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctr == NULL) return 0; - } ctr->use_df = 1; drbg->data = ctr; @@ -693,10 +691,8 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_REQUIRE_CTR_MODE_CIPHER); return 0; } - if ((ecb = OPENSSL_strndup(base, p->data_size)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ecb = OPENSSL_strndup(base, p->data_size)) == NULL) return 0; - } strcpy(ecb + p->data_size - ecb_str_len, "ECB"); EVP_CIPHER_free(ctr->cipher_ecb); EVP_CIPHER_free(ctr->cipher_ctr); diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c index 99853a7979..12faa993d0 100644 --- a/providers/implementations/rands/drbg_hash.c +++ b/providers/implementations/rands/drbg_hash.c @@ -390,10 +390,8 @@ static int drbg_hash_new(PROV_DRBG *ctx) PROV_DRBG_HASH *hash; hash = OPENSSL_secure_zalloc(sizeof(*hash)); - if (hash == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (hash == NULL) return 0; - } ctx->data = hash; ctx->seedlen = HASH_PRNG_MAX_SEEDLEN; diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c index e68465a78c..ffeb70f8c3 100644 --- a/providers/implementations/rands/drbg_hmac.c +++ b/providers/implementations/rands/drbg_hmac.c @@ -276,10 +276,8 @@ static int drbg_hmac_new(PROV_DRBG *drbg) PROV_DRBG_HMAC *hmac; hmac = OPENSSL_secure_zalloc(sizeof(*hmac)); - if (hmac == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (hmac == NULL) return 0; - } drbg->data = hmac; /* See SP800-57 Part1 Rev4 5.6.1 Table 3 */ diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c index 7a4b780bb4..5e599775eb 100644 --- a/providers/implementations/rands/seed_src.c +++ b/providers/implementations/rands/seed_src.c @@ -53,10 +53,8 @@ static void *seed_src_new(void *provctx, void *parent, } s = OPENSSL_zalloc(sizeof(*s)); - if (s == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (s == NULL) return NULL; - } s->provctx = provctx; s->state = EVP_RAND_STATE_UNINITIALISED; @@ -106,7 +104,7 @@ static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen, pool = ossl_rand_pool_new(strength, 1, outlen, outlen); if (pool == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB); return 0; } @@ -197,10 +195,8 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout, } p = OPENSSL_secure_malloc(bytes_needed); - if (p == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (p == NULL) return 0; - } if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, adin, adin_len) != 0) { *pout = p; diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c index abcee00284..413559a747 100644 --- a/providers/implementations/signature/dsa_sig.c +++ b/providers/implementations/signature/dsa_sig.c @@ -111,7 +111,6 @@ static void *dsa_newctx(void *provctx, const char *propq) if (propq != NULL && (pdsactx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(pdsactx); pdsactx = NULL; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); } return pdsactx; } diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c index 865d49d100..c013140fec 100644 --- a/providers/implementations/signature/ecdsa_sig.c +++ b/providers/implementations/signature/ecdsa_sig.c @@ -120,7 +120,6 @@ static void *ecdsa_newctx(void *provctx, const char *propq) if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(ctx); ctx = NULL; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); } return ctx; } diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c index 2dc6c5e9d1..0229dd74d6 100644 --- a/providers/implementations/signature/eddsa_sig.c +++ b/providers/implementations/signature/eddsa_sig.c @@ -72,10 +72,8 @@ static void *eddsa_newctx(void *provctx, const char *propq_unused) return NULL; peddsactx = OPENSSL_zalloc(sizeof(PROV_EDDSA_CTX)); - if (peddsactx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (peddsactx == NULL) return NULL; - } peddsactx->libctx = PROV_LIBCTX_OF(provctx); diff --git a/providers/implementations/signature/mac_legacy_sig.c b/providers/implementations/signature/mac_legacy_sig.c index 6be605c8c6..d4bcc020da 100644 --- a/providers/implementations/signature/mac_legacy_sig.c +++ b/providers/implementations/signature/mac_legacy_sig.c @@ -60,10 +60,8 @@ static void *mac_newctx(void *provctx, const char *propq, const char *macname) return NULL; pmacctx->libctx = PROV_LIBCTX_OF(provctx); - if (propq != NULL && (pmacctx->propq = OPENSSL_strdup(propq)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (propq != NULL && (pmacctx->propq = OPENSSL_strdup(propq)) == NULL) goto err; - } mac = EVP_MAC_fetch(pmacctx->libctx, macname, propq); if (mac == NULL) diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c index 3670f84732..1c6b515d35 100644 --- a/providers/implementations/signature/rsa_sig.c +++ b/providers/implementations/signature/rsa_sig.c @@ -182,7 +182,6 @@ static void *rsa_newctx(void *provctx, const char *propq) || (propq != NULL && (propq_copy = OPENSSL_strdup(propq)) == NULL)) { OPENSSL_free(prsactx); - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return NULL; } @@ -230,7 +229,7 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, int ret; if (!WPACKET_init_der(&pkt, aid_buf, buf_len)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_CRYPTO_LIB); return NULL; } @@ -484,10 +483,8 @@ static int setup_tbuf(PROV_RSA_CTX *ctx) { if (ctx->tbuf != NULL) return 1; - if ((ctx->tbuf = OPENSSL_malloc(RSA_size(ctx->rsa))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ctx->tbuf = OPENSSL_malloc(RSA_size(ctx->rsa))) == NULL) return 0; - } return 1; } @@ -568,7 +565,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, return 0; } if (!setup_tbuf(prsactx)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return 0; } memcpy(prsactx->tbuf, tbs, tbslen); @@ -986,10 +983,8 @@ static void *rsa_dupctx(void *vprsactx) return NULL; dstctx = OPENSSL_zalloc(sizeof(*srcctx)); - if (dstctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (dstctx == NULL) return NULL; - } *dstctx = *srcctx; dstctx->rsa = NULL; diff --git a/providers/implementations/signature/sm2_sig.c b/providers/implementations/signature/sm2_sig.c index b3647a9a73..15826d5fd2 100644 --- a/providers/implementations/signature/sm2_sig.c +++ b/providers/implementations/signature/sm2_sig.c @@ -122,7 +122,6 @@ static void *sm2sig_newctx(void *provctx, const char *propq) ctx->libctx = PROV_LIBCTX_OF(provctx); if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(ctx); - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return NULL; } ctx->mdsize = SM3_DIGEST_LENGTH; diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index 7548a01fe7..3f1d1ff2de 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -155,7 +155,7 @@ static struct file_ctx_st *file_open_stream(BIO *source, const char *uri, struct file_ctx_st *ctx; if ((ctx = new_file_ctx(IS_FILE, uri, provctx)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); goto err; } @@ -172,7 +172,7 @@ static void *file_open_dir(const char *path, const char *uri, void *provctx) struct file_ctx_st *ctx; if ((ctx = new_file_ctx(IS_DIR, uri, provctx)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return NULL; } @@ -422,7 +422,7 @@ static int file_setup_decoders(struct file_ctx_st *ctx) /* Setup for this session, so only if not already done */ if (ctx->_.file.decoderctx == NULL) { if ((ctx->_.file.decoderctx = OSSL_DECODER_CTX_new()) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; } @@ -558,10 +558,8 @@ static char *file_name_to_uri(struct file_ctx_st *ctx, const char *name) + strlen(name) + 1 /* \0 */; data = OPENSSL_zalloc(calculated_length); - if (data == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (data == NULL) return NULL; - } OPENSSL_strlcat(data, ctx->uri, calculated_length); OPENSSL_strlcat(data, pathsep, calculated_length); diff --git a/providers/implementations/storemgmt/file_store_any2obj.c b/providers/implementations/storemgmt/file_store_any2obj.c index 28601683bf..b0be1c4d22 100644 --- a/providers/implementations/storemgmt/file_store_any2obj.c +++ b/providers/implementations/storemgmt/file_store_any2obj.c @@ -125,7 +125,7 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, mem_want = 16; /* The size of the MSBLOB header */ if ((mem = BUF_MEM_new()) == NULL || !BUF_MEM_grow(mem, mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } @@ -147,7 +147,7 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, ok = 0; mem_want = ossl_blob_length(bitlen, isdss, ispub); if (!BUF_MEM_grow(mem, mem_len + mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } @@ -192,7 +192,7 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, mem_want = 24; /* The size of the PVK header */ if ((mem = BUF_MEM_new()) == NULL || !BUF_MEM_grow(mem, mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } @@ -214,7 +214,7 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, ok = 0; mem_want = saltlen + keylen; if (!BUF_MEM_grow(mem, mem_len + mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } diff --git a/providers/implementations/storemgmt/winstore_store.c b/providers/implementations/storemgmt/winstore_store.c index f686517f74..a7d041b697 100644 --- a/providers/implementations/storemgmt/winstore_store.c +++ b/providers/implementations/storemgmt/winstore_store.c @@ -186,7 +186,7 @@ static int setup_decoder(struct winstore_ctx_st *ctx) ctx->dctx = OSSL_DECODER_CTX_new(); if (ctx->dctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); return 0; } diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index 4086101282..c9bb20b2da 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -57,10 +57,8 @@ static int ssl_new(BIO *bi) { BIO_SSL *bs = OPENSSL_zalloc(sizeof(*bs)); - if (bs == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_MALLOC_FAILURE); + if (bs == NULL) return 0; - } BIO_set_init(bi, 0); BIO_set_data(bi, bs); /* Clear all flags */ diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 81de55af97..b82ddec517 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -459,10 +459,8 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client) return -1; } buf = OPENSSL_malloc(DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_PLAIN_LENGTH); - if (buf == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (buf == NULL) return -1; - } wbuf = RECORD_LAYER_get_wbuf(&s->rlayer)[0].buf; do { @@ -745,7 +743,7 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client) s->msg_callback_arg); if ((tmpclient = BIO_ADDR_new()) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_BIO_LIB); goto end; } diff --git a/ssl/pqueue.c b/ssl/pqueue.c index 0852aceacf..db161e25da 100644 --- a/ssl/pqueue.c +++ b/ssl/pqueue.c @@ -19,10 +19,8 @@ pitem *pitem_new(unsigned char *prio64be, void *data) { pitem *item = OPENSSL_malloc(sizeof(*item)); - if (item == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (item == NULL) return NULL; - } memcpy(item->priority, prio64be, sizeof(item->priority)); item->data = data; @@ -39,9 +37,6 @@ pqueue *pqueue_new(void) { pqueue *pq = OPENSSL_zalloc(sizeof(*pq)); - if (pq == NULL) - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); - return pq; } diff --git a/ssl/priority_queue.c b/ssl/priority_queue.c index 0f864a0ffa..67e85df73f 100644 --- a/ssl/priority_queue.c +++ b/ssl/priority_queue.c @@ -305,17 +305,13 @@ int ossl_pqueue_reserve(OSSL_PQUEUE *pq, size_t n) } h = OPENSSL_realloc(pq->heap, new_max * sizeof(*pq->heap)); - if (h == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (h == NULL) return 0; - } pq->heap = h; e = OPENSSL_realloc(pq->elements, new_max * sizeof(*pq->elements)); - if (e == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (e == NULL) return 0; - } pq->elements = e; pq->hmax = new_max; @@ -331,10 +327,8 @@ OSSL_PQUEUE *ossl_pqueue_new(int (*compare)(const void *, const void *)) return NULL; pq = OPENSSL_malloc(sizeof(*pq)); - if (pq == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (pq == NULL) return NULL; - } pq->compare = compare; pq->hmax = min_nodes; pq->htop = 0; @@ -343,7 +337,6 @@ OSSL_PQUEUE *ossl_pqueue_new(int (*compare)(const void *, const void *)) pq->elements = OPENSSL_malloc(sizeof(*pq->elements) * min_nodes); if (pq->heap == NULL || pq->elements == NULL) { ossl_pqueue_free(pq); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } pqueue_add_freelist(pq, 0); diff --git a/ssl/quic/quic_record_rx_wrap.c b/ssl/quic/quic_record_rx_wrap.c index 7a38236103..0864159639 100644 --- a/ssl/quic/quic_record_rx_wrap.c +++ b/ssl/quic/quic_record_rx_wrap.c @@ -22,13 +22,12 @@ OSSL_QRX_PKT_WRAP *ossl_qrx_pkt_wrap_new(OSSL_QRX_PKT *pkt) #ifdef HAVE_ATOMICS refcount_lock = CRYPTO_THREAD_lock_new(); if (refcount_lock == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return NULL; } #endif if ((res = OPENSSL_zalloc(sizeof(*res))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); CRYPTO_THREAD_lock_free(refcount_lock); return NULL; } diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index c462dd13b7..703b488c30 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -651,7 +651,7 @@ dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, || (*retrl)->processed_rcds.q == NULL) { dtls_free(*retrl); *retrl = NULL; - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_SSL_LIB); return OSSL_RECORD_RETURN_FATAL; } diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c index a12a0cf843..d7ee93bace 100644 --- a/ssl/record/methods/tls1_meth.c +++ b/ssl/record/methods/tls1_meth.c @@ -31,7 +31,7 @@ static int tls1_set_crypto_state(OSSL_RECORD_LAYER *rl, int level, return OSSL_RECORD_RETURN_FATAL; if ((rl->enc_ctx = EVP_CIPHER_CTX_new()) == NULL) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return OSSL_RECORD_RETURN_FATAL; } diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 7774044c6b..2369791660 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -190,7 +190,7 @@ int tls_setup_write_buffer(OSSL_RECORD_LAYER *rl, size_t numwpipes, * buffers. We assume we're so doomed that we won't even be able * to send an alert. */ - RLAYERfatal(rl, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE); + RLAYERfatal(rl, SSL_AD_NO_ALERT, ERR_R_CRYPTO_LIB); return 0; } } else { @@ -249,7 +249,7 @@ int tls_setup_read_buffer(OSSL_RECORD_LAYER *rl) * We assume we're so doomed that we won't even be able to send an * alert. */ - RLAYERfatal(rl, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE); + RLAYERfatal(rl, SSL_AD_NO_ALERT, ERR_R_CRYPTO_LIB); return 0; } b->buf = p; @@ -801,7 +801,7 @@ int tls_get_more_records(OSSL_RECORD_LAYER *rl) if (mac_size > 0) { macbufs = OPENSSL_zalloc(sizeof(*macbufs) * num_recs); if (macbufs == NULL) { - RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return OSSL_RECORD_RETURN_FATAL; } } @@ -1190,10 +1190,8 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, *retrl = NULL; - if (rl == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (rl == NULL) return OSSL_RECORD_RETURN_FATAL; - } /* Loop through all the settings since they must all be understood */ if (settings != NULL) { diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 7baeb42849..40a8ed4bc8 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -20,10 +20,8 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl) { DTLS_RECORD_LAYER *d; - if ((d = OPENSSL_malloc(sizeof(*d))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((d = OPENSSL_malloc(sizeof(*d))) == NULL) return 0; - } rl->d = d; @@ -126,7 +124,7 @@ int dtls_buffer_record(SSL_CONNECTION *s, TLS_RECORD *rec) if (rdata->data == NULL) { OPENSSL_free(rdata); pitem_free(item); - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return -1; } /* diff --git a/ssl/record/ssl3_buffer.c b/ssl/record/ssl3_buffer.c index 98ef8e65ec..1bb4840f88 100644 --- a/ssl/record/ssl3_buffer.c +++ b/ssl/record/ssl3_buffer.c @@ -89,7 +89,7 @@ int ssl3_setup_write_buffer(SSL_CONNECTION *s, size_t numwpipes, size_t len) * buffers. We assume we're so doomed that we won't even be able * to send an alert. */ - SSLfatal(s, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_NO_ALERT, ERR_R_CRYPTO_LIB); return 0; } } else { diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index e778a2a860..d575d28dcd 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -35,7 +35,7 @@ static int ssl3_generate_key_block(SSL_CONNECTION *s, unsigned char *km, int num m5 = EVP_MD_CTX_new(); s1 = EVP_MD_CTX_new(); if (md5 == NULL || sha1 == NULL || m5 == NULL || s1 == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) { @@ -163,7 +163,7 @@ int ssl3_change_cipher_state(SSL_CONNECTION *s, int which) if (s->enc_write_ctx != NULL) { reuse_dd = 1; } else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } else { /* make sure it's initialised in case we exit later with an error */ @@ -171,7 +171,7 @@ int ssl3_change_cipher_state(SSL_CONNECTION *s, int which) } dd = s->enc_write_ctx; if (ssl_replace_hash(&s->write_hash, md) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); goto err; } #ifndef OPENSSL_NO_COMP @@ -249,7 +249,7 @@ int ssl3_setup_key_block(SSL_CONNECTION *s) ssl3_cleanup_key_block(s); if ((p = OPENSSL_malloc(num)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } @@ -274,7 +274,7 @@ int ssl3_init_finished_mac(SSL_CONNECTION *s) BIO *buf = BIO_new(BIO_s_mem()); if (buf == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_BIO_LIB); return 0; } ssl3_free_digest_list(s); @@ -336,7 +336,7 @@ int ssl3_digest_cached_records(SSL_CONNECTION *s, int keep) s->s3.handshake_dgst = EVP_MD_CTX_new(); if (s->s3.handshake_dgst == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return 0; } @@ -388,7 +388,7 @@ size_t ssl3_final_finish_mac(SSL_CONNECTION *s, const char *sender, size_t len, ctx = EVP_MD_CTX_new(); if (ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return 0; } if (!EVP_MD_CTX_copy_ex(ctx, s->s3.handshake_dgst)) { @@ -445,7 +445,7 @@ int ssl3_generate_master_secret(SSL_CONNECTION *s, unsigned char *out, size_t ret_secret_size = 0; if (ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return 0; } for (i = 0; i < 3; i++) { diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 126ac4c2bf..190f42cd0e 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3466,7 +3466,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) } pkdh = ssl_dh_to_pkey(parg); if (pkdh == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB); return 0; } if (!SSL_set0_tmp_dh_pkey(s, pkdh)) { @@ -3814,7 +3814,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) } pkdh = ssl_dh_to_pkey(parg); if (pkdh == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB); return 0; } if (!SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh)) { @@ -3983,12 +3983,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_EXTRA_CHAIN_CERT: if (ctx->extra_certs == NULL) { if ((ctx->extra_certs = sk_X509_new_null()) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return 0; } } if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return 0; } break; @@ -4768,7 +4768,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL_CONNECTION *s, uint16_t id) sctx->propq); if (pctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } if (EVP_PKEY_keygen_init(pctx) <= 0) { @@ -4878,7 +4878,7 @@ int ssl_derive(SSL_CONNECTION *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gense pms = OPENSSL_malloc(pmslen); if (pms == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -4930,7 +4930,7 @@ int ssl_decapsulate(SSL_CONNECTION *s, EVP_PKEY *privkey, pms = OPENSSL_malloc(pmslen); if (pms == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -4983,7 +4983,7 @@ int ssl_encapsulate(SSL_CONNECTION *s, EVP_PKEY *pubkey, pms = OPENSSL_malloc(pmslen); ct = OPENSSL_malloc(ctlen); if (pms == NULL || ct == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 73338e5c6e..8ec36b9c19 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -52,10 +52,8 @@ CERT *ssl_cert_new(void) { CERT *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->key = &(ret->pkeys[SSL_PKEY_RSA]); ret->references = 1; @@ -64,7 +62,7 @@ CERT *ssl_cert_new(void) ret->sec_ex = NULL; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -77,16 +75,14 @@ CERT *ssl_cert_dup(CERT *cert) CERT *ret = OPENSSL_zalloc(sizeof(*ret)); int i; - if (ret == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->references = 1; ret->key = &ret->pkeys[cert->key - cert->pkeys]; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -115,7 +111,7 @@ CERT *ssl_cert_dup(CERT *cert) if (cpk->chain) { rpk->chain = X509_chain_up_ref(cpk->chain); if (!rpk->chain) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; } } @@ -123,10 +119,8 @@ CERT *ssl_cert_dup(CERT *cert) /* Just copy everything. */ ret->pkeys[i].serverinfo = OPENSSL_malloc(cert->pkeys[i].serverinfo_length); - if (ret->pkeys[i].serverinfo == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ret->pkeys[i].serverinfo == NULL) goto err; - } ret->pkeys[i].serverinfo_length = cert->pkeys[i].serverinfo_length; memcpy(ret->pkeys[i].serverinfo, cert->pkeys[i].serverinfo, cert->pkeys[i].serverinfo_length); @@ -389,7 +383,7 @@ int ssl_verify_cert_chain(SSL_CONNECTION *s, STACK_OF(X509) *sk) ctx = X509_STORE_CTX_new_ex(sctx->libctx, sctx->propq); if (ctx == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); return 0; } @@ -448,7 +442,7 @@ int ssl_verify_cert_chain(SSL_CONNECTION *s, STACK_OF(X509) *sk) if (X509_STORE_CTX_get0_chain(ctx) != NULL) { s->verified_chain = X509_STORE_CTX_get1_chain(ctx); if (s->verified_chain == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); i = 0; } } @@ -477,13 +471,13 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk) ret = sk_X509_NAME_new_reserve(NULL, num); if (ret == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return NULL; } for (i = 0; i < num; i++) { name = X509_NAME_dup(sk_X509_NAME_value(sk, i)); if (name == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); sk_X509_NAME_pop_free(ret, X509_NAME_free); return NULL; } @@ -664,14 +658,18 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp); OSSL_LIB_CTX *prev_libctx = NULL; - if ((name_hash == NULL) || (in == NULL)) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (name_hash == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); + goto err; + } + if (in == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_BIO_LIB); goto err; } x = X509_new_ex(libctx, propq); if (x == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; } if (BIO_read_filename(in, file) <= 0) @@ -685,7 +683,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, if (ret == NULL) { ret = sk_X509_NAME_new_null(); if (ret == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; } } @@ -741,7 +739,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, in = BIO_new(BIO_s_file()); if (in == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_BIO_LIB); goto err; } @@ -927,7 +925,7 @@ int ssl_build_cert_chain(SSL_CONNECTION *s, SSL_CTX *ctx, int flags) xs_ctx = X509_STORE_CTX_new_ex(real_ctx->libctx, real_ctx->propq); if (xs_ctx == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; } if (!X509_STORE_CTX_init(xs_ctx, chain_store, cpk->x509, untrusted)) { diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 31d8acc102..2ffad7008c 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -965,10 +965,8 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, } number_uses = OPENSSL_zalloc(sizeof(int) * (max_strength_bits + 1)); - if (number_uses == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (number_uses == NULL) return 0; - } /* * Now find the strength_bits values actually used @@ -1495,10 +1493,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, num_of_ciphers = ssl_method->num_ciphers(); co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers); - if (co_list == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (co_list == NULL) return NULL; /* Failure */ - } ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mkey, disabled_auth, disabled_enc, @@ -1609,7 +1605,6 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max); if (ca_list == NULL) { OPENSSL_free(co_list); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; /* Failure */ } ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, @@ -1711,10 +1706,8 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) if (buf == NULL) { len = 128; - if ((buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(len)) == NULL) return NULL; - } } else if (len < 128) { return NULL; } @@ -2056,10 +2049,8 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) } comp = OPENSSL_malloc(sizeof(*comp)); - if (comp == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (comp == NULL) return 1; - } comp->id = id; comp->method = cm; @@ -2071,7 +2062,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) } if (ssl_comp_methods == NULL || !sk_SSL_COMP_push(ssl_comp_methods, comp)) { OPENSSL_free(comp); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return 1; } return 0; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 440d156975..18a6a4865d 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -132,7 +132,6 @@ static int dane_ctx_enable(struct dane_ctx_st *dctx) if (mdord == NULL || mdevp == NULL) { OPENSSL_free(mdord); OPENSSL_free(mdevp); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } @@ -206,7 +205,7 @@ static int ssl_dane_dup(SSL_CONNECTION *to, SSL_CONNECTION *from) to->dane.trecs = sk_danetls_record_new_reserve(NULL, num); if (to->dane.trecs == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return 0; } @@ -236,17 +235,13 @@ static int dane_mtype_set(struct dane_ctx_st *dctx, int n = ((int)mtype) + 1; mdevp = OPENSSL_realloc(dctx->mdevp, n * sizeof(*mdevp)); - if (mdevp == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (mdevp == NULL) return -1; - } dctx->mdevp = mdevp; mdord = OPENSSL_realloc(dctx->mdord, n * sizeof(*mdord)); - if (mdord == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (mdord == NULL) return -1; - } dctx->mdord = mdord; /* Zero-fill any gaps */ @@ -320,10 +315,8 @@ static int dane_tlsa_add(SSL_DANE *dane, return 0; } - if ((t = OPENSSL_zalloc(sizeof(*t))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((t = OPENSSL_zalloc(sizeof(*t))) == NULL) return -1; - } t->usage = usage; t->selector = selector; @@ -331,7 +324,6 @@ static int dane_tlsa_add(SSL_DANE *dane, t->data = OPENSSL_malloc(dlen); if (t->data == NULL) { tlsa_free(t); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return -1; } memcpy(t->data, data, dlen); @@ -372,7 +364,7 @@ static int dane_tlsa_add(SSL_DANE *dane, if ((dane->certs == NULL && (dane->certs = sk_X509_new_null()) == NULL) || !sk_X509_push(dane->certs, cert)) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); X509_free(cert); tlsa_free(t); return -1; @@ -433,7 +425,7 @@ static int dane_tlsa_add(SSL_DANE *dane, if (!sk_danetls_record_insert(dane->trecs, t, i)) { tlsa_free(t); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return -1; } dane->umask |= DANETLS_USAGE_BIT(usage); @@ -753,7 +745,7 @@ SSL *ossl_ssl_connection_new(SSL_CTX *ctx) if (!ossl_ssl_init(ssl, ctx, SSL_TYPE_SSL_CONNECTION)) { OPENSSL_free(s); s = NULL; - goto err; + goto sslerr; } #ifndef OPENSSL_NO_QUIC @@ -777,7 +769,7 @@ SSL *ossl_ssl_connection_new(SSL_CTX *ctx) /* Shallow copy of the ciphersuites stack */ s->tls13_ciphersuites = sk_SSL_CIPHER_dup(ctx->tls13_ciphersuites); if (s->tls13_ciphersuites == NULL) - goto err; + goto cerr; /* * Earlier library versions used to copy the pointer to the CERT, not @@ -790,7 +782,7 @@ SSL *ossl_ssl_connection_new(SSL_CTX *ctx) */ s->cert = ssl_cert_dup(ctx->cert); if (s->cert == NULL) - goto err; + goto sslerr; RECORD_LAYER_set_read_ahead(&s->rlayer, ctx->read_ahead); s->msg_callback = ctx->msg_callback; @@ -809,7 +801,7 @@ SSL *ossl_ssl_connection_new(SSL_CTX *ctx) s->param = X509_VERIFY_PARAM_new(); if (s->param == NULL) - goto err; + goto asn1err; X509_VERIFY_PARAM_inherit(s->param, ctx->param); s->quiet_shutdown = ctx->quiet_shutdown; @@ -879,12 +871,12 @@ SSL *ossl_ssl_connection_new(SSL_CTX *ctx) s->allow_early_data_cb_data = ctx->allow_early_data_cb_data; if (!ssl->method->ssl_init(ssl)) - goto err; + goto sslerr; s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1; if (!SSL_clear(ssl)) - goto err; + goto sslerr; #ifndef OPENSSL_NO_PSK s->psk_client_callback = ctx->psk_client_callback; @@ -901,13 +893,20 @@ SSL *ossl_ssl_connection_new(SSL_CTX *ctx) #ifndef OPENSSL_NO_CT if (!SSL_set_ct_validation_callback(ssl, ctx->ct_validation_callback, ctx->ct_validation_callback_arg)) - goto err; + goto sslerr; #endif return ssl; + cerr: + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); + goto err; + asn1err: + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); + goto err; + sslerr: + ERR_raise(ERR_LIB_SSL, ERR_R_SSL_LIB); err: SSL_free(ssl); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return NULL; } @@ -1174,7 +1173,7 @@ int SSL_dane_enable(SSL *s, const char *basedomain) dane->trecs = sk_danetls_record_new_null(); if (dane->trecs == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); return -1; } return 1; @@ -3494,10 +3493,8 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, return 1; alpn = OPENSSL_memdup(protos, protos_len); - if (alpn == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (alpn == NULL) return 1; - } OPENSSL_free(ctx->ext.alpn); ctx->ext.alpn = alpn; ctx->ext.alpn_len = protos_len; @@ -3530,10 +3527,8 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, return 1; alpn = OPENSSL_memdup(protos, protos_len); - if (alpn == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (alpn == NULL) return 1; - } OPENSSL_free(sc->ext.alpn); sc->ext.alpn = alpn; sc->ext.alpn_len = protos_len; @@ -3683,15 +3678,14 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); - OPENSSL_free(ret); - return NULL; + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); + goto err; } #ifdef TSAN_REQUIRES_LOCKING ret->tsan_lock = CRYPTO_THREAD_lock_new(); if (ret->tsan_lock == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; } #endif @@ -3713,47 +3707,58 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, ret->session_timeout = meth->get_timeout(); ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT; ret->verify_mode = SSL_VERIFY_NONE; - if ((ret->cert = ssl_cert_new()) == NULL) + if ((ret->cert = ssl_cert_new()) == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_SSL_LIB); goto err; + } ret->sessions = lh_SSL_SESSION_new(ssl_session_hash, ssl_session_cmp); - if (ret->sessions == NULL) + if (ret->sessions == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; + } ret->cert_store = X509_STORE_new(); - if (ret->cert_store == NULL) + if (ret->cert_store == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; + } #ifndef OPENSSL_NO_CT ret->ctlog_store = CTLOG_STORE_new_ex(libctx, propq); - if (ret->ctlog_store == NULL) + if (ret->ctlog_store == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_CT_LIB); goto err; + } #endif /* initialize cipher/digest methods table */ if (!ssl_load_ciphers(ret)) - goto err2; + goto err; /* initialise sig algs */ if (!ssl_setup_sig_algs(ret)) - goto err2; - + goto err; if (!ssl_load_groups(ret)) - goto err2; - - if (!SSL_CTX_set_ciphersuites(ret, OSSL_default_ciphersuites())) goto err; + if (!SSL_CTX_set_ciphersuites(ret, OSSL_default_ciphersuites())) { + ERR_raise(ERR_LIB_SSL, ERR_R_SSL_LIB); + goto err; + } + if (!ssl_create_cipher_list(ret, ret->tls13_ciphersuites, &ret->cipher_list, &ret->cipher_list_by_id, OSSL_default_cipher_list(), ret->cert) || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS); - goto err2; + goto err; } ret->param = X509_VERIFY_PARAM_new(); - if (ret->param == NULL) + if (ret->param == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; + } /* * If these aren't available from the provider we'll get NULL returns. @@ -3762,14 +3767,20 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, ret->md5 = ssl_evp_md_fetch(libctx, NID_md5, propq); ret->sha1 = ssl_evp_md_fetch(libctx, NID_sha1, propq); - if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) + if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; + } - if ((ret->client_ca_names = sk_X509_NAME_new_null()) == NULL) + if ((ret->client_ca_names = sk_X509_NAME_new_null()) == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; + } - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data)) + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data)) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; + } if ((ret->ext.secure = OPENSSL_secure_zalloc(sizeof(*ret->ext.secure))) == NULL) goto err; @@ -3791,12 +3802,16 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, ret->options |= SSL_OP_NO_TICKET; if (RAND_priv_bytes_ex(libctx, ret->ext.cookie_hmac_key, - sizeof(ret->ext.cookie_hmac_key), 0) <= 0) + sizeof(ret->ext.cookie_hmac_key), 0) <= 0) { + ERR_raise(ERR_LIB_SSL, ERR_R_RAND_LIB); goto err; + } #ifndef OPENSSL_NO_SRP - if (!ssl_ctx_srp_ctx_init_intern(ret)) + if (!ssl_ctx_srp_ctx_init_intern(ret)) { + ERR_raise(ERR_LIB_SSL, ERR_R_SSL_LIB); goto err; + } #endif #ifndef OPENSSL_NO_ENGINE # ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO @@ -3863,8 +3878,6 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, return ret; err: - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); - err2: SSL_CTX_free(ret); return NULL; } @@ -5751,7 +5764,7 @@ static int ct_move_scts(STACK_OF(SCT) **dst, STACK_OF(SCT) *src, if (*dst == NULL) { *dst = sk_SCT_new_null(); if (*dst == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; } } @@ -6025,7 +6038,7 @@ int ssl_validate_ct(SSL_CONNECTION *s) ctx = CT_POLICY_EVAL_CTX_new_ex(SSL_CONNECTION_GET_CTX(s)->libctx, SSL_CONNECTION_GET_CTX(s)->propq); if (ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CT_LIB); goto end; } @@ -6244,10 +6257,8 @@ int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen) *outlen = 0; return 1; } - if ((present = OPENSSL_malloc(sizeof(*present) * num)) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((present = OPENSSL_malloc(sizeof(*present) * num)) == NULL) return 0; - } for (i = 0; i < sc->clienthello->pre_proc_exts_len; i++) { ext = sc->clienthello->pre_proc_exts + i; if (ext->present) { @@ -6391,10 +6402,8 @@ static int nss_keylog_int(const char *prefix, */ prefix_len = strlen(prefix); out_len = prefix_len + (2 * parameter_1_len) + (2 * parameter_2_len) + 3; - if ((out = cursor = OPENSSL_malloc(out_len)) == NULL) { - SSLfatal(sc, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + if ((out = cursor = OPENSSL_malloc(out_len)) == NULL) return 0; - } strcpy(cursor, prefix); cursor += prefix_len; @@ -6489,7 +6498,7 @@ int ssl_cache_cipherlist(SSL_CONNECTION *s, PACKET *cipher_suites, int sslv2form raw = OPENSSL_malloc(numciphers * TLS_CIPHER_LEN); s->s3.tmp.ciphers_raw = raw; if (raw == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } for (s->s3.tmp.ciphers_rawlen = 0; @@ -6568,9 +6577,9 @@ int ossl_bytes_to_cipher_list(SSL_CONNECTION *s, PACKET *cipher_suites, scsvs = sk_SSL_CIPHER_new_null(); if (sk == NULL || scsvs == NULL) { if (fatal) - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); else - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; } @@ -6589,9 +6598,9 @@ int ossl_bytes_to_cipher_list(SSL_CONNECTION *s, PACKET *cipher_suites, if ((c->valid && !sk_SSL_CIPHER_push(sk, c)) || (!c->valid && !sk_SSL_CIPHER_push(scsvs, c))) { if (fatal) - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); else - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; } } diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 1e698ce960..76466b55b9 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -74,7 +74,7 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) } x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); goto end; } if (type == SSL_FILETYPE_ASN1) { @@ -113,7 +113,7 @@ int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -320,7 +320,7 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) } x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); goto end; } if (type == SSL_FILETYPE_ASN1) { @@ -350,7 +350,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); return 0; } @@ -479,7 +479,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) x = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (x == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); goto end; } if (PEM_read_bio_X509_AUX(in, &x, passwd_callback, @@ -518,7 +518,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) while (1) { ca = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (ca == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_ASN1_LIB); goto end; } if (PEM_read_bio_X509(in, &ca, passwd_callback, @@ -786,10 +786,8 @@ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, int ret; sinfo = OPENSSL_malloc(sinfo_length); - if (sinfo == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (sinfo == NULL) return 0; - } extension_append(SSL_SERVERINFOV1, serverinfo, serverinfo_length, sinfo); @@ -810,10 +808,8 @@ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, } new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo, serverinfo_length); - if (new_serverinfo == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (new_serverinfo == NULL) return 0; - } ctx->cert->key->serverinfo = new_serverinfo; memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length); ctx->cert->key->serverinfo_length = serverinfo_length; @@ -923,10 +919,8 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) /* Append the decoded extension to the serverinfo buffer */ append_length = extension_append_length(version, extension_length); tmp = OPENSSL_realloc(serverinfo, serverinfo_length + append_length); - if (tmp == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (tmp == NULL) goto end; - } serverinfo = tmp; extension_append(version, extension, extension_length, serverinfo + serverinfo_length); @@ -1032,7 +1026,7 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr if (chain != NULL) { dup_chain = X509_chain_up_ref(chain); if (dup_chain == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto out; } } diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 720ea4bc18..fbc3224219 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -106,10 +106,8 @@ SSL_SESSION *SSL_SESSION_new(void) return NULL; ss = OPENSSL_zalloc(sizeof(*ss)); - if (ss == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ss == NULL) return NULL; - } ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ ss->references = 1; @@ -119,7 +117,7 @@ SSL_SESSION *SSL_SESSION_new(void) ssl_session_calculate_timeout(ss); ss->lock = CRYPTO_THREAD_lock_new(); if (ss->lock == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); OPENSSL_free(ss); return NULL; } @@ -177,48 +175,54 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) dest->references = 1; dest->lock = CRYPTO_THREAD_lock_new(); - if (dest->lock == NULL) + if (dest->lock == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; + } - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data)) + if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data)) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; + } if (src->peer != NULL) { - if (!X509_up_ref(src->peer)) + if (!X509_up_ref(src->peer)) { + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; + } dest->peer = src->peer; } if (src->peer_chain != NULL) { dest->peer_chain = X509_chain_up_ref(src->peer_chain); - if (dest->peer_chain == NULL) + if (dest->peer_chain == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); goto err; + } } #ifndef OPENSSL_NO_PSK if (src->psk_identity_hint) { dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint); - if (dest->psk_identity_hint == NULL) { + if (dest->psk_identity_hint == NULL) goto err; - } } if (src->psk_identity) { dest->psk_identity = OPENSSL_strdup(src->psk_identity); - if (dest->psk_identity == NULL) { + if (dest->psk_identity == NULL) goto err; - } } #endif if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, &dest->ex_data, &src->ex_data)) { + ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); goto err; } if (src->ext.hostname) { dest->ext.hostname = OPENSSL_strdup(src->ext.hostname); - if (dest->ext.hostname == NULL) { + if (dest->ext.hostname == NULL) goto err; - } } if (ticket != 0 && src->ext.tick != NULL) { @@ -241,9 +245,8 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) #ifndef OPENSSL_NO_SRP if (src->srp_username) { dest->srp_username = OPENSSL_strdup(src->srp_username); - if (dest->srp_username == NULL) { + if (dest->srp_username == NULL) goto err; - } } #endif @@ -256,7 +259,6 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) return dest; err: - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); SSL_SESSION_free(dest); return NULL; } @@ -409,7 +411,7 @@ int ssl_get_new_session(SSL_CONNECTION *s, int session) SSL_SESSION *ss = NULL; if ((ss = SSL_SESSION_new()) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); return 0; } @@ -1116,10 +1118,8 @@ int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) sc->ext.session_ticket = NULL; sc->ext.session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); - if (sc->ext.session_ticket == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (sc->ext.session_ticket == NULL) return 0; - } if (ext_data != NULL) { sc->ext.session_ticket->length = ext_len; diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index ebb766db05..6dc21ad42f 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -589,7 +589,7 @@ int tls_collect_extensions(SSL_CONNECTION *s, PACKET *packet, num_exts = OSSL_NELEM(ext_defs) + (exts != NULL ? exts->meths_count : 0); raw_extensions = OPENSSL_zalloc(num_exts * sizeof(*raw_extensions)); if (raw_extensions == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 0695664c97..19f6561b17 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1489,7 +1489,7 @@ int tls_parse_stoc_sct(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, s->ext.scts = OPENSSL_malloc(size); if (s->ext.scts == NULL) { s->ext.scts_len = 0; - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } if (!PACKET_copy_bytes(pkt, s->ext.scts, size)) { @@ -1859,7 +1859,7 @@ int tls_parse_stoc_key_share(SSL_CONNECTION *s, PACKET *pkt, SSL_SESSION *new_sess; if ((new_sess = ssl_session_dup(s->session, 0)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); return 0; } SSL_SESSION_free(s->session); diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 413ee5a1dc..4f7321fd20 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -342,7 +342,7 @@ int tls_parse_ctos_status_request(SSL_CONNECTION *s, PACKET *pkt, if (PACKET_remaining(&responder_id_list) > 0) { s->ext.ocsp.ids = sk_OCSP_RESPID_new_null(); if (s->ext.ocsp.ids == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } } else { @@ -732,7 +732,7 @@ int tls_parse_ctos_cookie(SSL_CONNECTION *s, PACKET *pkt, unsigned int context, if (hctx == NULL || pkey == NULL) { EVP_MD_CTX_free(hctx); EVP_PKEY_free(pkey); - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return 0; } @@ -1655,7 +1655,7 @@ EXT_RETURN tls_construct_stoc_key_share(SSL_CONNECTION *s, WPACKET *pkt, /* Regular KEX */ skey = ssl_generate_pkey(s, ckey); if (skey == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); return EXT_RETURN_FAIL; } @@ -1820,7 +1820,7 @@ EXT_RETURN tls_construct_stoc_cookie(SSL_CONNECTION *s, WPACKET *pkt, s->session_ctx->ext.cookie_hmac_key, sizeof(s->session_ctx->ext.cookie_hmac_key)); if (hctx == NULL || pkey == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 40bc5e88fa..d07c45879c 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1802,7 +1802,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL_CONNECTION *s, SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s); if ((s->session->peer_chain = sk_X509_new_null()) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -1824,8 +1824,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL_CONNECTION *s, certstart = certbytes; x = X509_new_ex(sctx->libctx, sctx->propq); if (x == NULL) { - SSLfatal(s, SSL_AD_DECODE_ERROR, ERR_R_MALLOC_FAILURE); - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_DECODE_ERROR, ERR_R_ASN1_LIB); goto err; } if (d2i_X509(&x, (const unsigned char **)&certbytes, @@ -1861,7 +1860,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL_CONNECTION *s, } if (!sk_X509_push(s->session->peer_chain, x)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } x = NULL; @@ -2298,7 +2297,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL_CONNECTION *s, PACKET *pkt) md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } @@ -2443,7 +2442,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL_CONNECTION *s, return MSG_PROCESS_ERROR; } if (!tls1_process_sigalgs(s)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); return MSG_PROCESS_ERROR; } } @@ -2527,7 +2526,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL_CONNECTION *s, * one */ if ((new_sess = ssl_session_dup(s->session, 0)) == 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); goto err; } @@ -2554,7 +2553,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL_CONNECTION *s, s->session->ext.tick = OPENSSL_malloc(ticklen); if (s->session->ext.tick == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } if (!PACKET_copy_bytes(pkt, s->session->ext.tick, ticklen)) { @@ -2678,7 +2677,7 @@ int tls_process_cert_status_body(SSL_CONNECTION *s, PACKET *pkt) s->ext.ocsp.resp = OPENSSL_malloc(resplen); if (s->ext.ocsp.resp == NULL) { s->ext.ocsp.resp_len = 0; - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } s->ext.ocsp.resp_len = resplen; @@ -2824,7 +2823,7 @@ static int tls_construct_cke_psk_preamble(SSL_CONNECTION *s, WPACKET *pkt) tmppsk = OPENSSL_memdup(psk, psklen); tmpidentity = OPENSSL_strdup(identity); if (tmppsk == NULL || tmpidentity == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -2883,14 +2882,14 @@ static int tls_construct_cke_rsa(SSL_CONNECTION *s, WPACKET *pkt) pmslen = SSL_MAX_MASTER_KEY_LENGTH; pms = OPENSSL_malloc(pmslen); if (pms == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } pms[0] = s->client_version >> 8; pms[1] = s->client_version & 0xff; if (RAND_bytes_ex(sctx->libctx, pms + 2, pmslen - 2, 0) <= 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_RAND_LIB); goto err; } @@ -3015,7 +3014,7 @@ static int tls_construct_cke_ecdhe(SSL_CONNECTION *s, WPACKET *pkt) ckey = ssl_generate_pkey(s, skey); if (ckey == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); goto err; } @@ -3076,7 +3075,7 @@ static int tls_construct_cke_gost(SSL_CONNECTION *s, WPACKET *pkt) X509_get0_pubkey(peer_cert), sctx->propq); if (pkey_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return 0; } /* @@ -3089,7 +3088,7 @@ static int tls_construct_cke_gost(SSL_CONNECTION *s, WPACKET *pkt) pmslen = 32; pms = OPENSSL_malloc(pmslen); if (pms == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -3221,7 +3220,7 @@ static int tls_construct_cke_gost18(SSL_CONNECTION *s, WPACKET *pkt) pmslen = 32; pms = OPENSSL_malloc(pmslen); if (pms == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -3242,7 +3241,7 @@ static int tls_construct_cke_gost18(SSL_CONNECTION *s, WPACKET *pkt) X509_get0_pubkey(peer_cert), sctx->propq); if (pkey_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } @@ -3307,7 +3306,7 @@ static int tls_construct_cke_srp(SSL_CONNECTION *s, WPACKET *pkt) OPENSSL_free(s->session->srp_username); s->session->srp_username = OPENSSL_strdup(s->srp_ctx.login); if (s->session->srp_username == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } @@ -3389,7 +3388,7 @@ int tls_client_key_exchange_post_work(SSL_CONNECTION *s) #endif if (pms == NULL && !(s->s3.tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_PASSED_INVALID_ARGUMENT); goto err; } if (!ssl_generate_master_secret(s, pms, pmslen, 1)) { diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index d83e7404cb..93c49011a2 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -61,14 +61,11 @@ static hm_fragment *dtls1_hm_fragment_new(size_t frag_len, int reassembly) unsigned char *buf = NULL; unsigned char *bitmask = NULL; - if ((frag = OPENSSL_malloc(sizeof(*frag))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((frag = OPENSSL_malloc(sizeof(*frag))) == NULL) return NULL; - } if (frag_len) { if ((buf = OPENSSL_malloc(frag_len)) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(frag); return NULL; } @@ -81,7 +78,6 @@ static hm_fragment *dtls1_hm_fragment_new(size_t frag_len, int reassembly) if (reassembly) { bitmask = OPENSSL_zalloc(RSMBLY_BITMASK_SIZE(frag_len)); if (bitmask == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); OPENSSL_free(buf); OPENSSL_free(frag); return NULL; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 86b30b47da..07939ee960 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -294,7 +294,7 @@ CON_FUNC_RETURN tls_construct_cert_verify(SSL_CONNECTION *s, WPACKET *pkt) mctx = EVP_MD_CTX_new(); if (mctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } @@ -413,7 +413,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL_CONNECTION *s, PACKET *pkt) SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s); if (mctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } @@ -501,10 +501,8 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL_CONNECTION *s, PACKET *pkt) if (pktype == NID_id_GostR3410_2001 || pktype == NID_id_GostR3410_2012_256 || pktype == NID_id_GostR3410_2012_512) { - if ((gost_data = OPENSSL_malloc(len)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + if ((gost_data = OPENSSL_malloc(len)) == NULL) goto err; - } BUF_reverse(gost_data, data, len); data = gost_data; } @@ -969,7 +967,7 @@ static int ssl_add_cert_chain(SSL_CONNECTION *s, WPACKET *pkt, CERT_PKEY *cpk) sctx->propq); if (xs_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_X509_LIB); return 0; } if (!X509_STORE_CTX_init(xs_ctx, chain_store, x, NULL)) { @@ -2310,7 +2308,7 @@ int parse_ca_names(SSL_CONNECTION *s, PACKET *pkt) PACKET cadns; if (ca_sk == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } /* get the CA RDNs */ @@ -2340,7 +2338,7 @@ int parse_ca_names(SSL_CONNECTION *s, PACKET *pkt) } if (!sk_X509_NAME_push(ca_sk, xn)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } xn = NULL; @@ -2418,7 +2416,7 @@ size_t construct_key_exchange_tbs(SSL_CONNECTION *s, unsigned char **ptbs, unsigned char *tbs = OPENSSL_malloc(tbslen); if (tbs == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } memcpy(tbs, s->s3.client_random, SSL3_RANDOM_SIZE); diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index e56ccfd553..bc4a6a362f 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2466,7 +2466,7 @@ CON_FUNC_RETURN tls_construct_server_key_exchange(SSL_CONNECTION *s, } if (md_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } @@ -2871,7 +2871,7 @@ static int tls_process_cke_psk_preamble(SSL_CONNECTION *s, PACKET *pkt) if (s->s3.tmp.psk == NULL) { s->s3.tmp.psklen = 0; - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } @@ -2916,13 +2916,13 @@ static int tls_process_cke_rsa(SSL_CONNECTION *s, PACKET *pkt) outlen = SSL_MAX_MASTER_KEY_LENGTH; rsa_decrypt = OPENSSL_malloc(outlen); if (rsa_decrypt == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } ctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, rsa, sctx->propq); if (ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } @@ -3112,7 +3112,7 @@ static int tls_process_cke_srp(SSL_CONNECTION *s, PACKET *pkt) OPENSSL_free(s->session->srp_username); s->session->srp_username = OPENSSL_strdup(s->srp_ctx.login); if (s->session->srp_username == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); return 0; } @@ -3162,7 +3162,7 @@ static int tls_process_cke_gost(SSL_CONNECTION *s, PACKET *pkt) pkey_ctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, pk, sctx->propq); if (pkey_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return 0; } if (EVP_PKEY_decrypt_init(pkey_ctx) <= 0) { @@ -3267,7 +3267,7 @@ static int tls_process_cke_gost18(SSL_CONNECTION *s, PACKET *pkt) pkey_ctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, pk, sctx->propq); if (pkey_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } if (EVP_PKEY_decrypt_init(pkey_ctx) <= 0) { @@ -3467,7 +3467,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL_CONNECTION *s, s->rlayer.rrlmethod->set_plain_alerts(s->rlayer.rrl, 0); if ((sk = sk_X509_new_null()) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -3497,7 +3497,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL_CONNECTION *s, certstart = certbytes; x = X509_new_ex(sctx->libctx, sctx->propq); if (x == NULL) { - SSLfatal(s, SSL_AD_DECODE_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_DECODE_ERROR, ERR_R_X509_LIB); goto err; } if (d2i_X509(&x, (const unsigned char **)&certbytes, l) == NULL) { @@ -3531,7 +3531,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL_CONNECTION *s, } if (!sk_X509_push(sk, x)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } x = NULL; @@ -3582,7 +3582,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL_CONNECTION *s, if (s->post_handshake_auth == SSL_PHA_REQUESTED) { if ((new_sess = ssl_session_dup(s->session, 0)) == 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); goto err; } @@ -3735,14 +3735,18 @@ static CON_FUNC_RETURN construct_stateless_ticket(SSL_CONNECTION *s, } senc = OPENSSL_malloc(slen_full); if (senc == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); + goto err; + } hctx = ssl_hmac_new(tctx); - if (ctx == NULL || hctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + if (hctx == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); goto err; } @@ -4017,7 +4021,7 @@ CON_FUNC_RETURN tls_construct_new_session_ticket(SSL_CONNECTION *s, WPACKET *pkt OPENSSL_memdup(s->s3.alpn_selected, s->s3.alpn_selected_len); if (s->session->ext.alpn_selected == NULL) { s->session->ext.alpn_selected_len = 0; - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } s->session->ext.alpn_selected_len = s->s3.alpn_selected_len; diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 88249c7951..419ba60d0f 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -284,21 +284,21 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which) if (s->enc_write_ctx != NULL && !SSL_CONNECTION_IS_DTLS(s)) { reuse_dd = 1; } else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } dd = s->enc_write_ctx; if (SSL_CONNECTION_IS_DTLS(s)) { mac_ctx = EVP_MD_CTX_new(); if (mac_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } s->write_hash = mac_ctx; } else { mac_ctx = ssl_replace_hash(&s->write_hash, NULL); if (mac_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); goto err; } } @@ -494,7 +494,7 @@ int tls1_setup_key_block(SSL_CONNECTION *s) ssl3_cleanup_key_block(s); if ((p = OPENSSL_malloc(num)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } @@ -629,7 +629,7 @@ int tls1_export_keying_material(SSL_CONNECTION *s, unsigned char *out, { unsigned char *val = NULL; size_t vallen = 0, currentvalpos; - int rv; + int rv = 0; /* * construct PRF arguments we construct the PRF argument ourself rather @@ -643,7 +643,7 @@ int tls1_export_keying_material(SSL_CONNECTION *s, unsigned char *out, val = OPENSSL_malloc(vallen); if (val == NULL) - goto err2; + goto ret; currentvalpos = 0; memcpy(val + currentvalpos, (unsigned char *)label, llen); currentvalpos += llen; @@ -695,11 +695,6 @@ int tls1_export_keying_material(SSL_CONNECTION *s, unsigned char *out, goto ret; err1: ERR_raise(ERR_LIB_SSL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); - rv = 0; - goto ret; - err2: - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); - rv = 0; ret: OPENSSL_clear_free(val, vallen); return rv; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index b165a4c4f0..ab539513bf 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -257,10 +257,8 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) (ctx->group_list_max_len + TLS_GROUP_LIST_MALLOC_BLOCK_SIZE) * sizeof(TLS_GROUP_INFO)); - if (tmp == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (tmp == NULL) return 0; - } ctx->group_list = tmp; memset(tmp + ctx->group_list_max_len, 0, @@ -276,10 +274,8 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) goto err; } ginf->tlsname = OPENSSL_strdup(p->data); - if (ginf->tlsname == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ginf->tlsname == NULL) goto err; - } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL); if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) { @@ -287,10 +283,8 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) goto err; } ginf->realname = OPENSSL_strdup(p->data); - if (ginf->realname == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ginf->realname == NULL) goto err; - } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_ID); if (p == NULL || !OSSL_PARAM_get_uint(p, &gid) || gid > UINT16_MAX) { @@ -305,10 +299,8 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) goto err; } ginf->algorithm = OPENSSL_strdup(p->data); - if (ginf->algorithm == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ginf->algorithm == NULL) goto err; - } p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS); if (p == NULL || !OSSL_PARAM_get_uint(p, &ginf->secbits)) { @@ -419,10 +411,8 @@ int ssl_load_groups(SSL_CTX *ctx) ctx->ext.supported_groups_default = OPENSSL_malloc(sizeof(uint16_t) * num_deflt_grps); - if (ctx->ext.supported_groups_default == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if (ctx->ext.supported_groups_default == NULL) return 0; - } memcpy(ctx->ext.supported_groups_default, tmp_supp_groups, @@ -725,10 +715,8 @@ int tls1_set_groups(uint16_t **pext, size_t *pextlen, ERR_raise(ERR_LIB_SSL, SSL_R_BAD_LENGTH); return 0; } - if ((glist = OPENSSL_malloc(ngroups * sizeof(*glist))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((glist = OPENSSL_malloc(ngroups * sizeof(*glist))) == NULL) return 0; - } for (i = 0; i < ngroups; i++) { unsigned long idmask; uint16_t id; @@ -2335,10 +2323,8 @@ static int tls1_set_shared_sigalgs(SSL_CONNECTION *s) } nmatch = tls12_shared_sigalgs(s, NULL, pref, preflen, allow, allowlen); if (nmatch) { - if ((salgs = OPENSSL_malloc(nmatch * sizeof(*salgs))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((salgs = OPENSSL_malloc(nmatch * sizeof(*salgs))) == NULL) return 0; - } nmatch = tls12_shared_sigalgs(s, salgs, pref, preflen, allow, allowlen); } else { salgs = NULL; @@ -2362,10 +2348,8 @@ int tls1_save_u16(PACKET *pkt, uint16_t **pdest, size_t *pdestlen) size >>= 1; - if ((buf = OPENSSL_malloc(size * sizeof(*buf))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(size * sizeof(*buf))) == NULL) return 0; - } for (i = 0; i < size && PACKET_get_net_2(pkt, &stmp); i++) buf[i] = stmp; @@ -2606,10 +2590,8 @@ int tls1_set_raw_sigalgs(CERT *c, const uint16_t *psigs, size_t salglen, { uint16_t *sigalgs; - if ((sigalgs = OPENSSL_malloc(salglen * sizeof(*sigalgs))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((sigalgs = OPENSSL_malloc(salglen * sizeof(*sigalgs))) == NULL) return 0; - } memcpy(sigalgs, psigs, salglen * sizeof(*sigalgs)); if (client) { @@ -2632,10 +2614,8 @@ int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen, int client) if (salglen & 1) return 0; - if ((sigalgs = OPENSSL_malloc((salglen / 2) * sizeof(*sigalgs))) == NULL) { - ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); + if ((sigalgs = OPENSSL_malloc((salglen / 2) * sizeof(*sigalgs))) == NULL) return 0; - } for (i = 0, sptr = sigalgs; i < salglen; i += 2) { size_t j; const SIGALG_LOOKUP *curr; diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index a100728949..d19bd62646 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -476,7 +476,7 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which) } else { s->enc_write_ctx = EVP_CIPHER_CTX_new(); if (s->enc_write_ctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } } @@ -534,7 +534,7 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which) */ mdctx = EVP_MD_CTX_new(); if (mdctx == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); goto err; } diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 962e4d7074..80c70bbaa2 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -341,7 +341,7 @@ int srp_generate_server_master_secret(SSL_CONNECTION *s) tmp_len = BN_num_bytes(K); if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } BN_bn2bin(K, tmp); @@ -392,7 +392,7 @@ int srp_generate_client_master_secret(SSL_CONNECTION *s) tmp_len = BN_num_bytes(K); if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); goto err; } BN_bn2bin(K, tmp);