From: tb Date: Thu, 9 Nov 2023 08:29:53 +0000 (+0000) Subject: Fix X509_ALGOR_set0() usage in rsa_alg_set_oaep_padding() X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=adf90ca0f0e59cd2bbe98f5a8353dac76aa39e2b;p=openbsd Fix X509_ALGOR_set0() usage in rsa_alg_set_oaep_padding() Replace X509_ALGOR_set0() with X509_ALGOR_set0_by_nid(). This way there is no missing error checking for OBJ_nid2obj() and no nested functions. Slightly more importantly, this plugs two long standing potential leaks in this function (or previously rsa_cms_encrypt()) due to missing error checking: in the unlikely event that X509_ALGOR_set0() failed, astr/ostr would leak. ok jsing --- diff --git a/lib/libcrypto/rsa/rsa_ameth.c b/lib/libcrypto/rsa/rsa_ameth.c index 46681c63485..228793b05c9 100644 --- a/lib/libcrypto/rsa/rsa_ameth.c +++ b/lib/libcrypto/rsa/rsa_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_ameth.c,v 1.50 2023/11/09 08:20:10 tb Exp $ */ +/* $OpenBSD: rsa_ameth.c,v 1.51 2023/11/09 08:29:53 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -941,14 +941,16 @@ rsa_alg_set_oaep_padding(X509_ALGOR *alg, EVP_PKEY_CTX *pkey_ctx) goto err; if (!ASN1_OCTET_STRING_set(ostr, label, labellen)) goto err; - X509_ALGOR_set0(oaep->pSourceFunc, OBJ_nid2obj(NID_pSpecified), - V_ASN1_OCTET_STRING, ostr); + if (!X509_ALGOR_set0_by_nid(oaep->pSourceFunc, NID_pSpecified, + V_ASN1_OCTET_STRING, ostr)) + goto err; ostr = NULL; } if ((astr = ASN1_item_pack(oaep, &RSA_OAEP_PARAMS_it, NULL)) == NULL) goto err; - X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaesOaep), V_ASN1_SEQUENCE, astr); + if (!X509_ALGOR_set0_by_nid(alg, NID_rsaesOaep, V_ASN1_SEQUENCE, astr)) + goto err; astr = NULL; ret = 1;