From 4600b3a1e352f770575ee1aafe139f8dde806800 Mon Sep 17 00:00:00 2001 From: tb Date: Thu, 28 Dec 2023 22:00:56 +0000 Subject: [PATCH] Rework and fix pkey_hmac_keygen() The usual: single exit, error check all functions even if they can't actually fail. This one was flagged again. ok jsing CID 471706 (false positive) --- lib/libcrypto/hmac/hm_pmeth.c | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/lib/libcrypto/hmac/hm_pmeth.c b/lib/libcrypto/hmac/hm_pmeth.c index 5ec86aa0956..05eb1bf85dc 100644 --- a/lib/libcrypto/hmac/hm_pmeth.c +++ b/lib/libcrypto/hmac/hm_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hm_pmeth.c,v 1.16 2023/11/29 21:35:57 tb Exp $ */ +/* $OpenBSD: hm_pmeth.c,v 1.17 2023/12/28 22:00:56 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2007. */ @@ -131,15 +131,22 @@ pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { ASN1_OCTET_STRING *hkey = NULL; HMAC_PKEY_CTX *hctx = ctx->data; + int ret = 0; - if (!hctx->ktmp.data) - return 0; - hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); - if (!hkey) - return 0; - EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); + if (hctx->ktmp.data == NULL) + goto err; + if ((hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp)) == NULL) + goto err; + if (!EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey)) + goto err; + hkey = NULL; - return 1; + ret = 1; + + err: + ASN1_OCTET_STRING_free(hkey); + + return ret; } static int -- 2.20.1