Set error code if alloc returns NULL

Reviewed-by: Richard Levitte <[email protected]>
(Merged from openssl#5886)

crypto/cmac/cmac.c

@@ -12,6 +12,7 @@
 #include <string.h>
 #include "internal/cryptlib.h"
 #include <openssl/cmac.h>
+#include <openssl/err.h>
 
 struct CMAC_CTX_st {
     /* Cipher context to use */
@@ -46,9 +47,10 @@ CMAC_CTX *CMAC_CTX_new(void)
 {
     CMAC_CTX *ctx;
 
-    ctx = OPENSSL_malloc(sizeof(*ctx));
-    if (ctx == NULL)
+    if ((ctx = OPENSSL_malloc(sizeof(*ctx))) == NULL) {
+        CRYPTOerr(CRYPTO_F_CMAC_CTX_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
+    }
     ctx->cctx = EVP_CIPHER_CTX_new();
     if (ctx->cctx == NULL) {
         OPENSSL_free(ctx);

crypto/cpt_err.c

@@ -14,6 +14,7 @@
 #ifndef OPENSSL_NO_ERR
 
 static const ERR_STRING_DATA CRYPTO_str_functs[] = {
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CMAC_CTX_NEW, 0), "CMAC_CTX_new"},
     {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_DUP_EX_DATA, 0),
      "CRYPTO_dup_ex_data"},
     {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_FREE_EX_DATA, 0),
@@ -23,6 +24,10 @@ static const ERR_STRING_DATA CRYPTO_str_functs[] = {
     {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_MEMDUP, 0), "CRYPTO_memdup"},
     {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_NEW_EX_DATA, 0),
      "CRYPTO_new_ex_data"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_OCB128_COPY_CTX, 0),
+     "CRYPTO_ocb128_copy_ctx"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_OCB128_INIT, 0),
+     "CRYPTO_ocb128_init"},
     {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_SET_EX_DATA, 0),
      "CRYPTO_set_ex_data"},
     {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_FIPS_MODE_SET, 0), "FIPS_mode_set"},
@@ -35,6 +40,11 @@ static const ERR_STRING_DATA CRYPTO_str_functs[] = {
      "OPENSSL_hexstr2buf"},
     {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_INIT_CRYPTO, 0),
      "OPENSSL_init_crypto"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_HMAC_INIT, 0), "pkey_hmac_init"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_POLY1305_INIT, 0),
+     "pkey_poly1305_init"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_SIPHASH_INIT, 0),
+     "pkey_siphash_init"},
     {0, NULL}
 };
 

crypto/err/openssl.txt

@@ -335,13 +335,16 @@ CONF_F_NCONF_LOAD_BIO:110:NCONF_load_bio
 CONF_F_NCONF_LOAD_FP:114:NCONF_load_fp
 CONF_F_NCONF_NEW:111:NCONF_new
 CONF_F_PROCESS_INCLUDE:116:process_include
-CONF_F_SSL_MODULE_INIT:122:ssl_module_init
+CONF_F_SSL_MODULE_INIT:123:ssl_module_init
 CONF_F_STR_COPY:101:str_copy
+CRYPTO_F_CMAC_CTX_NEW:120:CMAC_CTX_new
 CRYPTO_F_CRYPTO_DUP_EX_DATA:110:CRYPTO_dup_ex_data
 CRYPTO_F_CRYPTO_FREE_EX_DATA:111:CRYPTO_free_ex_data
 CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX:100:CRYPTO_get_ex_new_index
 CRYPTO_F_CRYPTO_MEMDUP:115:CRYPTO_memdup
 CRYPTO_F_CRYPTO_NEW_EX_DATA:112:CRYPTO_new_ex_data
+CRYPTO_F_CRYPTO_OCB128_COPY_CTX:121:CRYPTO_ocb128_copy_ctx
+CRYPTO_F_CRYPTO_OCB128_INIT:122:CRYPTO_ocb128_init
 CRYPTO_F_CRYPTO_SET_EX_DATA:102:CRYPTO_set_ex_data
 CRYPTO_F_FIPS_MODE_SET:109:FIPS_mode_set
 CRYPTO_F_GET_AND_LOCK:113:get_and_lock
@@ -350,6 +353,9 @@ CRYPTO_F_OPENSSL_BUF2HEXSTR:117:OPENSSL_buf2hexstr
 CRYPTO_F_OPENSSL_FOPEN:119:openssl_fopen
 CRYPTO_F_OPENSSL_HEXSTR2BUF:118:OPENSSL_hexstr2buf
 CRYPTO_F_OPENSSL_INIT_CRYPTO:116:OPENSSL_init_crypto
+CRYPTO_F_PKEY_HMAC_INIT:123:pkey_hmac_init
+CRYPTO_F_PKEY_POLY1305_INIT:124:pkey_poly1305_init
+CRYPTO_F_PKEY_SIPHASH_INIT:125:pkey_siphash_init
 CT_F_CTLOG_NEW:117:CTLOG_new
 CT_F_CTLOG_NEW_FROM_BASE64:118:CTLOG_new_from_base64
 CT_F_CTLOG_NEW_FROM_CONF:119:ctlog_new_from_conf

crypto/hmac/hm_pmeth.c

@@ -13,6 +13,7 @@
 #include <openssl/x509v3.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
+#include <openssl/err.h>
 #include "internal/evp_int.h"
 
 /* HMAC pkey context structure */
@@ -27,9 +28,10 @@ static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
 {
     HMAC_PKEY_CTX *hctx;
 
-    hctx = OPENSSL_zalloc(sizeof(*hctx));
-    if (hctx == NULL)
+    if ((hctx = OPENSSL_zalloc(sizeof(*hctx))) == NULL) {
+        CRYPTOerr(CRYPTO_F_PKEY_HMAC_INIT, ERR_R_MALLOC_FAILURE);
         return 0;
+    }
     hctx->ktmp.type = V_ASN1_OCTET_STRING;
     hctx->ctx = HMAC_CTX_new();
     if (hctx->ctx == NULL) {

crypto/modes/ocb128.c

@@ -9,6 +9,7 @@
 
 #include <string.h>
 #include <openssl/crypto.h>
+#include <openssl/err.h>
 #include "modes_lcl.h"
 
 #ifndef OPENSSL_NO_OCB
@@ -164,9 +165,10 @@ int CRYPTO_ocb128_init(OCB128_CONTEXT *ctx, void *keyenc, void *keydec,
     memset(ctx, 0, sizeof(*ctx));
     ctx->l_index = 0;
     ctx->max_l_index = 5;
-    ctx->l = OPENSSL_malloc(ctx->max_l_index * 16);
-    if (ctx->l == NULL)
+    if ((ctx->l = OPENSSL_malloc(ctx->max_l_index * 16)) == NULL) {
+        CRYPTOerr(CRYPTO_F_CRYPTO_OCB128_INIT, ERR_R_MALLOC_FAILURE);
         return 0;
+    }
 
     /*
      * We set both the encryption and decryption key schedules - decryption
@@ -210,9 +212,10 @@ int CRYPTO_ocb128_copy_ctx(OCB128_CONTEXT *dest, OCB128_CONTEXT *src,
     if (keydec)
         dest->keydec = keydec;
     if (src->l) {
-        dest->l = OPENSSL_malloc(src->max_l_index * 16);
-        if (dest->l == NULL)
+        if ((dest->l = OPENSSL_malloc(src->max_l_index * 16)) == NULL) {
+            CRYPTOerr(CRYPTO_F_CRYPTO_OCB128_COPY_CTX, ERR_R_MALLOC_FAILURE);
             return 0;
+        }
         memcpy(dest->l, src->l, (src->l_index + 1) * 16);
     }
     return 1;

crypto/poly1305/poly1305_pmeth.c

@@ -12,6 +12,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/evp.h>
+#include <openssl/err.h>
 #include "internal/poly1305.h"
 #include "poly1305_local.h"
 #include "internal/evp_int.h"
@@ -27,9 +28,10 @@ static int pkey_poly1305_init(EVP_PKEY_CTX *ctx)
 {
     POLY1305_PKEY_CTX *pctx;
 
-    pctx = OPENSSL_zalloc(sizeof(*pctx));
-    if (pctx == NULL)
+    if ((pctx = OPENSSL_zalloc(sizeof(*pctx))) == NULL) {
+        CRYPTOerr(CRYPTO_F_PKEY_POLY1305_INIT, ERR_R_MALLOC_FAILURE);
         return 0;
+    }
     pctx->ktmp.type = V_ASN1_OCTET_STRING;
 
     EVP_PKEY_CTX_set_data(ctx, pctx);

crypto/siphash/siphash_pmeth.c

@@ -12,6 +12,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/evp.h>
+#include <openssl/err.h>
 #include "internal/siphash.h"
 #include "siphash_local.h"
 #include "internal/evp_int.h"
@@ -27,9 +28,10 @@ static int pkey_siphash_init(EVP_PKEY_CTX *ctx)
 {
     SIPHASH_PKEY_CTX *pctx;
 
-    pctx = OPENSSL_zalloc(sizeof(*pctx));
-    if (pctx == NULL)
+    if ((pctx = OPENSSL_zalloc(sizeof(*pctx))) == NULL) {
+        CRYPTOerr(CRYPTO_F_PKEY_SIPHASH_INIT, ERR_R_MALLOC_FAILURE);
         return 0;
+    }
     pctx->ktmp.type = V_ASN1_OCTET_STRING;
 
     EVP_PKEY_CTX_set_data(ctx, pctx);

crypto/threads_none.c

@@ -14,9 +14,12 @@
 
 CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
 {
-    CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(unsigned int));
-    if (lock == NULL)
+    CRYPTO_RWLOCK *lock;
+
+    if ((lock = OPENSSL_zalloc(sizeof(unsigned int))) == NULL) {
+        /* Don't set error, to avoid recursion blowup. */
         return NULL;
+    }
 
     *(unsigned int *)lock = 1;
 

crypto/threads_pthread.c

@@ -19,19 +19,25 @@
 CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
 {
 # ifdef USE_RWLOCK
-    CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(pthread_rwlock_t));
-    if (lock == NULL)
+    CRYPTO_RWLOCK *lock;
+
+    if ((lock = OPENSSL_zalloc(sizeof(pthread_rwlock_t))) == NULL) {
+        /* Don't set error, to avoid recursion blowup. */
         return NULL;
+    }
 
     if (pthread_rwlock_init(lock, NULL) != 0) {
         OPENSSL_free(lock);
         return NULL;
     }
 # else
     pthread_mutexattr_t attr;
-    CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(pthread_mutex_t));
-    if (lock == NULL)
+    CRYPTO_RWLOCK *lock;
+
+    if ((lock = OPENSSL_zalloc(sizeof(pthread_mutex_t))) == NULL) {
+        /* Don't set error, to avoid recursion blowup. */
         return NULL;
+    }
 
     pthread_mutexattr_init(&attr);
     pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE);

crypto/threads_win.c

@@ -17,9 +17,12 @@
 
 CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
 {
-    CRYPTO_RWLOCK *lock = OPENSSL_zalloc(sizeof(CRITICAL_SECTION));
-    if (lock == NULL)
+    CRYPTO_RWLOCK *lock;
+
+    if ((lock = OPENSSL_zalloc(sizeof(CRITICAL_SECTION))) == NULL) {
+        /* Don't set error, to avoid recursion blowup. */
         return NULL;
+    }
 
     /* 0x400 is the spin count value suggested in the documentation */
     if (!InitializeCriticalSectionAndSpinCount(lock, 0x400)) {

include/openssl/conferr.h

@@ -40,7 +40,7 @@ int ERR_load_CONF_strings(void);
 # define CONF_F_NCONF_LOAD_FP                             114
 # define CONF_F_NCONF_NEW                                 111
 # define CONF_F_PROCESS_INCLUDE                           116
-# define CONF_F_SSL_MODULE_INIT                           122
+# define CONF_F_SSL_MODULE_INIT                           123
 # define CONF_F_STR_COPY                                  101
 
 /*

include/openssl/cryptoerr.h

@@ -19,11 +19,14 @@ int ERR_load_CRYPTO_strings(void);
 /*
  * CRYPTO function codes.
  */
+# define CRYPTO_F_CMAC_CTX_NEW                            120
 # define CRYPTO_F_CRYPTO_DUP_EX_DATA                      110
 # define CRYPTO_F_CRYPTO_FREE_EX_DATA                     111
 # define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX                 100
 # define CRYPTO_F_CRYPTO_MEMDUP                           115
 # define CRYPTO_F_CRYPTO_NEW_EX_DATA                      112
+# define CRYPTO_F_CRYPTO_OCB128_COPY_CTX                  121
+# define CRYPTO_F_CRYPTO_OCB128_INIT                      122
 # define CRYPTO_F_CRYPTO_SET_EX_DATA                      102
 # define CRYPTO_F_FIPS_MODE_SET                           109
 # define CRYPTO_F_GET_AND_LOCK                            113
@@ -32,6 +35,9 @@ int ERR_load_CRYPTO_strings(void);
 # define CRYPTO_F_OPENSSL_FOPEN                           119
 # define CRYPTO_F_OPENSSL_HEXSTR2BUF                      118
 # define CRYPTO_F_OPENSSL_INIT_CRYPTO                     116
+# define CRYPTO_F_PKEY_HMAC_INIT                          123
+# define CRYPTO_F_PKEY_POLY1305_INIT                      124
+# define CRYPTO_F_PKEY_SIPHASH_INIT                       125
 
 /*
  * CRYPTO reason codes.