diff options
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/aes/asm/aesni-x86.pl | 6 | ||||
-rw-r--r-- | crypto/bn/bn_gcd.c | 8 | ||||
-rw-r--r-- | crypto/ec/ec_asn1.c | 4 | ||||
-rw-r--r-- | crypto/x509v3/v3_addr.c | 16 | ||||
-rw-r--r-- | crypto/x509v3/v3_sxnet.c | 2 |
5 files changed, 25 insertions, 11 deletions
diff --git a/crypto/aes/asm/aesni-x86.pl b/crypto/aes/asm/aesni-x86.pl index fe2b26542ab6..3502940d5233 100644 --- a/crypto/aes/asm/aesni-x86.pl +++ b/crypto/aes/asm/aesni-x86.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2009-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -2027,7 +2027,7 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out); &movdqu (&QWP(-16*2,$out,$inp),$inout4); &movdqu (&QWP(-16*1,$out,$inp),$inout5); &cmp ($inp,$len); # done yet? - &jb (&label("grandloop")); + &jbe (&label("grandloop")); &set_label("short"); &add ($len,16*6); @@ -2453,7 +2453,7 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out); &pxor ($rndkey1,$inout5); &movdqu (&QWP(-16*1,$out,$inp),$inout5); &cmp ($inp,$len); # done yet? - &jb (&label("grandloop")); + &jbe (&label("grandloop")); &set_label("short"); &add ($len,16*6); diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c index 0941f7b97f3f..6190bf1eddb0 100644 --- a/crypto/bn/bn_gcd.c +++ b/crypto/bn/bn_gcd.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -47,7 +47,8 @@ BIGNUM *bn_mod_inverse_no_branch(BIGNUM *in, if (R == NULL) goto err; - BN_one(X); + if (!BN_one(X)) + goto err; BN_zero(Y); if (BN_copy(B, a) == NULL) goto err; @@ -235,7 +236,8 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in, if (R == NULL) goto err; - BN_one(X); + if (!BN_one(X)) + goto err; BN_zero(Y); if (BN_copy(B, a) == NULL) goto err; diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 34de7b2aabf7..1acbbde3d37b 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -794,7 +794,7 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) } /* extract the order */ - if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) { + if (ASN1_INTEGER_to_BN(params->order, a) == NULL) { ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_ASN1_LIB); goto err; } @@ -811,7 +811,7 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) if (params->cofactor == NULL) { BN_free(b); b = NULL; - } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) { + } else if (ASN1_INTEGER_to_BN(params->cofactor, b) == NULL) { ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_ASN1_LIB); goto err; } diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c index 4258dbc40c0f..ccce34ef2e48 100644 --- a/crypto/x509v3/v3_addr.c +++ b/crypto/x509v3/v3_addr.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -13,6 +13,8 @@ #include <stdio.h> #include <stdlib.h> +#include <assert.h> +#include <string.h> #include "internal/cryptlib.h" #include <openssl/conf.h> @@ -342,8 +344,13 @@ static int range_should_be_prefix(const unsigned char *min, unsigned char mask; int i, j; - if (memcmp(min, max, length) <= 0) - return -1; + /* + * It is the responsibility of the caller to confirm min <= max. We don't + * use ossl_assert() here since we have no way of signalling an error from + * this function - so we just use a plain assert instead. + */ + assert(memcmp(min, max, length) <= 0); + for (i = 0; i < length && min[i] == max[i]; i++) ; for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xFF; j--) ; if (i < j) @@ -426,6 +433,9 @@ static int make_addressRange(IPAddressOrRange **result, IPAddressOrRange *aor; int i, prefixlen; + if (memcmp(min, max, length) > 0) + return 0; + if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0) return make_addressPrefix(result, min, prefixlen); diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c index 144e8bee84ad..3c5508f9416c 100644 --- a/crypto/x509v3/v3_sxnet.c +++ b/crypto/x509v3/v3_sxnet.c @@ -78,6 +78,8 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, for (i = 0; i < sk_SXNETID_num(sx->ids); i++) { id = sk_SXNETID_value(sx->ids, i); tmp = i2s_ASN1_INTEGER(NULL, id->zone); + if (tmp == NULL) + return 0; BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp); OPENSSL_free(tmp); ASN1_STRING_print(out, id->user); |