root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

cms_kemri.c: Fix Coverity issues 

Add return value check of ASN1_OCTET_STRING_set().
Do not call OPENSSL_cleanse() if keklen is greater than the cleaned buffer.

Fixes Coverity 1660824, 1660825

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28132)
This commit is contained in:
Tomas Mraz 2025-07-31 10:40:40 +02:00
parent ef63a77758
commit e729d7c732
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
crypto/cms/cms_kemri.c
View File

@ -151,6 +151,7 @@ int CMS_RecipientInfo_kemri_set_ukm(CMS_RecipientInfo *ri,
int ukmLength)
{
CMS_KEMRecipientInfo *kemri;
ASN1_OCTET_STRING *ukm_str;
if (ri->type != CMS_RECIPINFO_KEM) {
ERR_raise(ERR_LIB_CMS, CMS_R_NOT_KEM);
@ -164,11 +165,16 @@ int CMS_RecipientInfo_kemri_set_ukm(CMS_RecipientInfo *ri,
kemri = ri->d.ori->d.kemri;
ASN1_OCTET_STRING_free(kemri->ukm);
kemri->ukm = ASN1_OCTET_STRING_new();
if (kemri->ukm == NULL)
ukm_str = ASN1_OCTET_STRING_new();
if (ukm_str == NULL)
return 0;
return ASN1_OCTET_STRING_set(kemri->ukm, ukm, ukmLength);
if (!ASN1_OCTET_STRING_set(ukm_str, ukm, ukmLength)) {
ASN1_OCTET_STRING_free(ukm_str);
return 0;
}
ASN1_OCTET_STRING_free(kemri->ukm);
kemri->ukm = ukm_str;
return 1;
}
static EVP_KDF_CTX *create_kdf_ctx(CMS_KEMRecipientInfo *kemri)
@ -259,7 +265,7 @@ static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
if (keklen > sizeof(kek)) {
ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_KEY_LENGTH);
goto err;
return 0;
}
if (!kdf_derive(kek, keklen, ss, sslen, kemri))