From 40b191f12d2354fa00d39b22fb56ace967b2241a Mon Sep 17 00:00:00 2001 From: lteo Date: Sat, 3 Jan 2015 03:03:39 +0000 Subject: [PATCH] Check the return values of several reallocarray() calls. While here, also check the return value of an adjacent malloc() call. ok jsing@ --- usr.bin/openssl/apps.c | 4 +++- usr.bin/openssl/rsautl.c | 10 +++++++++- usr.bin/openssl/speed.c | 6 +++++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/usr.bin/openssl/apps.c b/usr.bin/openssl/apps.c index 5a6bb7a2ee5..d652abc549b 100644 --- a/usr.bin/openssl/apps.c +++ b/usr.bin/openssl/apps.c @@ -1,4 +1,4 @@ -/* $OpenBSD: apps.c,v 1.23 2015/01/01 14:28:00 jsing Exp $ */ +/* $OpenBSD: apps.c,v 1.24 2015/01/03 03:03:39 lteo Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -229,6 +229,8 @@ chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) if (arg->count == 0) { arg->count = 20; arg->data = reallocarray(NULL, arg->count, sizeof(char *)); + if (arg->data == NULL) + return 0; } for (i = 0; i < arg->count; i++) arg->data[i] = NULL; diff --git a/usr.bin/openssl/rsautl.c b/usr.bin/openssl/rsautl.c index 95776d250be..8ce3c0e27c7 100644 --- a/usr.bin/openssl/rsautl.c +++ b/usr.bin/openssl/rsautl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsautl.c,v 1.3 2014/08/28 14:25:48 jsing Exp $ */ +/* $OpenBSD: rsautl.c,v 1.4 2015/01/03 03:03:39 lteo Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -248,7 +248,15 @@ rsautl_main(int argc, char **argv) keysize = RSA_size(rsa); rsa_in = reallocarray(NULL, keysize, 2); + if (rsa_in == NULL) { + BIO_printf(bio_err, "Error allocating memory for input data\n"); + exit(1); + } rsa_out = malloc(keysize); + if (rsa_out == NULL) { + BIO_printf(bio_err, "Error allocating memory for output data\n"); + exit(1); + } /* Read the input data */ rsa_inlen = BIO_read(in, rsa_in, keysize * 2); diff --git a/usr.bin/openssl/speed.c b/usr.bin/openssl/speed.c index b9eca831ffe..e40607f940c 100644 --- a/usr.bin/openssl/speed.c +++ b/usr.bin/openssl/speed.c @@ -1,4 +1,4 @@ -/* $OpenBSD: speed.c,v 1.3 2015/01/02 04:00:21 lteo Exp $ */ +/* $OpenBSD: speed.c,v 1.4 2015/01/03 03:03:39 lteo Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1998,6 +1998,10 @@ do_multi(int multi) const char *errstr = NULL; fds = reallocarray(NULL, multi, sizeof *fds); + if (fds == NULL) { + fprintf(stderr, "reallocarray failure\n"); + exit(1); + } for (n = 0; n < multi; ++n) { if (pipe(fd) == -1) { fprintf(stderr, "pipe failure\n"); -- 2.20.1