Skip to content

Commit

Permalink
gost_ec_keyx: Check CTX data before it's really used
Browse files Browse the repository at this point in the history 
This should fix Coverity warning:

  *** CID 345243:  Null pointer dereferences  (REVERSE_INULL)
  /gost_ec_keyx.c: 681 in pkey_gost2018_decrypt()
  675        o  Q_eph is on the same curve as server public key;
  676
  677        o  Q_eph is not equal to zero point;
  678
  679        o  q * Q_eph is not equal to zero point.
  680     */
  >>>     CID 345243:  Null pointer dereferences  (REVERSE_INULL)
  >>>     Null-checking "data" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
  681         if (eph_key == NULL || priv == NULL || data == NULL) {
  682            GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT,
  683                    GOST_R_ERROR_COMPUTING_EXPORT_KEYS);
  684            ret = 0;
  685            goto err;
  686         }

Signed-off-by: Vitaly Chikunov <[email protected]>
Issue: #380
  • Loading branch information
@vt-alt @beldmit
vt-alt authored and beldmit committed Jan 9, 2022
1 parent d47bcf3 commit 5dc8f91
Showing 1 changed file with 12 additions and 4 deletions.
16 changes: 12 additions & 4 deletions gost_ec_keyx.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -630,16 +630,24 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
size_t in_len)
{
const unsigned char *p = in;
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
struct gost_pmeth_data *data;
EVP_PKEY *priv;
PSKeyTransport_gost *pst = NULL;
int ret = 0;
unsigned char expkeys[64];
EVP_PKEY *eph_key = NULL;
int pkey_nid = EVP_PKEY_base_id(priv);
int pkey_nid;
int mac_nid = NID_undef;
int iv_len = 0;

if (!(data = EVP_PKEY_CTX_get_data(pctx)) ||
!(priv = EVP_PKEY_CTX_get0_pkey(pctx))) {
GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT, GOST_R_ERROR_COMPUTING_EXPORT_KEYS);
ret = 0;
goto err;
}
pkey_nid = EVP_PKEY_base_id(priv);

switch (data->cipher_nid) {
case NID_magma_ctr:
mac_nid = NID_magma_mac;
Expand Down Expand Up @@ -678,7 +686,7 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
o q * Q_eph is not equal to zero point.
*/
if (eph_key == NULL || priv == NULL || data == NULL) {
if (eph_key == NULL) {
GOSTerr(GOST_F_PKEY_GOST2018_DECRYPT,
GOST_R_ERROR_COMPUTING_EXPORT_KEYS);
ret = 0;
Expand Down

0 comments on commit 5dc8f91

Please sign in to comment.