diff options
author | Vitaly Chikunov <vt@altlinux.org> | 2022-01-09 02:25:31 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@users.noreply.github.com> | 2022-01-09 13:57:41 +0300 |
commit | 5dc8f91c186d88a74493c229c7afbf3eb40599a8 (patch) | |
tree | 380c7524e3262a25d3c7888c976b42486ab63d11 /gost_ec_keyx.c | |
parent | d47bcf34df615475181a4a11f3fe5560477f3895 (diff) | |
download | gost-engine-5dc8f91c186d88a74493c229c7afbf3eb40599a8.zip gost-engine-5dc8f91c186d88a74493c229c7afbf3eb40599a8.tar.gz gost-engine-5dc8f91c186d88a74493c229c7afbf3eb40599a8.tar.bz2 |
gost_ec_keyx: Check CTX data before it's really used
This should fix Coverity warning:
*** CID 345243: Null pointer dereferences (REVERSE_INULL)
/gost_ec_keyx.c: 681 in pkey_gost2018_decrypt()
675 o Q_eph is on the same curve as server public key;
676
677 o Q_eph is not equal to zero point;
678
679 o q * Q_eph is not equal to zero point.
680 */
>>> CID 345243: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "data" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
681 if (eph_key == NULL || priv == NULL || data == NULL) {
682 GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT,
683 GOST_R_ERROR_COMPUTING_EXPORT_KEYS);
684 ret = 0;
685 goto err;
686 }
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Issue: #380
Diffstat (limited to 'gost_ec_keyx.c')
-rw-r--r-- | gost_ec_keyx.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index 06835d3..944db40 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -630,16 +630,24 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t in_len) { const unsigned char *p = in; - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); - EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx); + struct gost_pmeth_data *data; + EVP_PKEY *priv; PSKeyTransport_gost *pst = NULL; int ret = 0; unsigned char expkeys[64]; EVP_PKEY *eph_key = NULL; - int pkey_nid = EVP_PKEY_base_id(priv); + int pkey_nid; int mac_nid = NID_undef; int iv_len = 0; + if (!(data = EVP_PKEY_CTX_get_data(pctx)) || + !(priv = EVP_PKEY_CTX_get0_pkey(pctx))) { + GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT, GOST_R_ERROR_COMPUTING_EXPORT_KEYS); + ret = 0; + goto err; + } + pkey_nid = EVP_PKEY_base_id(priv); + switch (data->cipher_nid) { case NID_magma_ctr: mac_nid = NID_magma_mac; @@ -678,7 +686,7 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, o q * Q_eph is not equal to zero point. */ - if (eph_key == NULL || priv == NULL || data == NULL) { + if (eph_key == NULL) { GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT, GOST_R_ERROR_COMPUTING_EXPORT_KEYS); ret = 0; |