- markus@cvs.openbsd.org 2006/11/06 21:25:28

[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c] add missing checks for openssl return codes; with & ok djm@
2025-01-03 00:02:05 +00:00 · 2006-11-07 23:14:41 +11:00 · 2006-11-07 23:14:41 +11:00 · 0bc85579a9
commit 0bc85579a9
parent df0e438a2e
16 changed files with 120 additions and 73 deletions
--- a/7
+++ b/7
@ -1,6 +1,11 @@
 20061107
 - (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
   if we absolutely need it.  Pointed out by Corinna, ok djm@
 - (dtucker) OpenBSD CVS Sync
   - markus@cvs.openbsd.org 2006/11/06 21:25:28
     [auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
     ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
     add missing checks for openssl return codes; with & ok djm@
 20061105
 - (djm) OpenBSD CVS Sync
@ -2592,4 +2597,4 @@
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.4584 2006/11/07 00:28:40 dtucker Exp $
+$Id: ChangeLog,v 1.4585 2006/11/07 12:14:41 dtucker Exp $
--- a/auth-rsa.c
+++ b/auth-rsa.c
@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.71 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.72 2006/11/06 21:25:27 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -76,10 +76,12 @@ auth_rsa_generate_challenge(Key *key)
 	if ((challenge = BN_new()) == NULL)
 		fatal("auth_rsa_generate_challenge: BN_new() failed");
 	/* Generate a random challenge. */
-	BN_rand(challenge, 256, 0, 0);
+	if (BN_rand(challenge, 256, 0, 0) == 0)
 		fatal("auth_rsa_generate_challenge: BN_rand failed");
 	if ((ctx = BN_CTX_new()) == NULL)
-		fatal("auth_rsa_generate_challenge: BN_CTX_new() failed");
+		fatal("auth_rsa_generate_challenge: BN_CTX_new failed");
-	BN_mod(challenge, challenge, key->rsa->n, ctx);
+	if (BN_mod(challenge, challenge, key->rsa->n, ctx) == 0)
 		fatal("auth_rsa_generate_challenge: BN_mod failed");
 	BN_CTX_free(ctx);
 	return challenge;
--- a/bufbn.c
+++ b/bufbn.c
@ -1,4 +1,4 @@
-/* $OpenBSD: bufbn.c,v 1.3 2006/08/03 03:34:41 deraadt Exp $*/
+/* $OpenBSD: bufbn.c,v 1.4 2006/11/06 21:25:28 markus Exp $*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -118,7 +118,10 @@ buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value)
 		return (-1);
 	}
 	bin = buffer_ptr(buffer);
-	BN_bin2bn(bin, bytes, value);
+	if (BN_bin2bn(bin, bytes, value) == NULL) {
 		error("buffer_get_bignum_ret: BN_bin2bn failed");
 		return (-1);
 	}
 	if (buffer_consume_ret(buffer, bytes) == -1) {
 		error("buffer_get_bignum_ret: buffer_consume failed");
 		return (-1);
@ -202,7 +205,10 @@ buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
 		xfree(bin);
 		return (-1);
 	}
-	BN_bin2bn(bin, len, value);
+	if (BN_bin2bn(bin, len, value) == NULL) {
 		error("buffer_get_bignum2_ret: BN_bin2bn failed");
 		return (-1);
 	}
 	xfree(bin);
 	return (0);
 }
--- a/dh.c
+++ b/dh.c
@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.42 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: dh.c,v 1.43 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright (c) 2000 Niels Provos.  All rights reserved.
 *
@ -254,9 +254,9 @@ dh_new_group_asc(const char *gen, const char *modulus)
 	if ((dh = DH_new()) == NULL)
 		fatal("dh_new_group_asc: DH_new");
-	if (BN_hex2bn(&dh->p, modulus) == 0)
+	if (BN_hex2bn(&dh->p, modulus) == NULL)
 		fatal("BN_hex2bn p");
-	if (BN_hex2bn(&dh->g, gen) == 0)
+	if (BN_hex2bn(&dh->g, gen) == NULL)
 		fatal("BN_hex2bn g");
 	return (dh);
--- a/kexdhc.c
+++ b/kexdhc.c
@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhc.c,v 1.10 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.11 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
 *
@ -120,7 +120,8 @@ kexdh_client(Kex *kex)
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexdh_client: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexdh_client: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
--- a/kexdhs.c
+++ b/kexdhs.c
@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhs.c,v 1.8 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.9 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
 *
@ -108,7 +108,8 @@ kexdh_server(Kex *kex)
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexdh_server: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexdh_server: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
--- a/kexgexc.c
+++ b/kexgexc.c
@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexc.c,v 1.10 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.11 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright (c) 2000 Niels Provos.  All rights reserved.
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@ -158,7 +158,8 @@ kexgex_client(Kex *kex)
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexgex_client: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexgex_client: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
--- a/kexgexs.c
+++ b/kexgexs.c
@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.9 2006/10/31 16:33:12 markus Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.10 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright (c) 2000 Niels Provos.  All rights reserved.
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@ -141,7 +141,8 @@ kexgex_server(Kex *kex)
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexgex_server: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexgex_server: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
--- a/key.c
+++ b/key.c
@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.67 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: key.c,v 1.68 2006/11/06 21:25:28 markus Exp $ */
 /*
 * read_bignum():
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -617,16 +617,18 @@ key_from_private(const Key *k)
 	switch (k->type) {
 	case KEY_DSA:
 		n = key_new(k->type);
-		BN_copy(n->dsa->p, k->dsa->p);
+		if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
-		BN_copy(n->dsa->q, k->dsa->q);
+		    (BN_copy(n->dsa->q, k->dsa->q) == NULL) ||
-		BN_copy(n->dsa->g, k->dsa->g);
+		    (BN_copy(n->dsa->g, k->dsa->g) == NULL) ||
-		BN_copy(n->dsa->pub_key, k->dsa->pub_key);
+		    (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL))
 			fatal("key_from_private: BN_copy failed");
 		break;
 	case KEY_RSA:
 	case KEY_RSA1:
 		n = key_new(k->type);
-		BN_copy(n->rsa->n, k->rsa->n);
+		if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
-		BN_copy(n->rsa->e, k->rsa->e);
+		    (BN_copy(n->rsa->e, k->rsa->e) == NULL))
 			fatal("key_from_private: BN_copy failed");
 		break;
 	default:
 		fatal("key_from_private: unknown type %d", k->type);
--- a/moduli.c
+++ b/moduli.c
@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.18 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: moduli.c,v 1.19 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright 1994 Phil Karn <karn@qualcomm.com>
 * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@ -327,20 +327,26 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 	/* validation check: count the number of primes tried */
 	largetries = 0;
-	q = BN_new();
+	if ((q = BN_new()) == NULL)
 		fatal("BN_new failed");
 	/*
 	 * Generate random starting point for subprime search, or use
 	 * specified parameter.
 	 */
-	largebase = BN_new();
+	if ((largebase = BN_new()) == NULL)
-	if (start == NULL)
+		fatal("BN_new failed");
-		BN_rand(largebase, power, 1, 1);
+	if (start == NULL) {
-	else
+		if (BN_rand(largebase, power, 1, 1) == 0)
-		BN_copy(largebase, start);
+			fatal("BN_rand failed");
 	} else {
 		if (BN_copy(largebase, start) == NULL)
 			fatal("BN_copy: failed");
 	}
 	/* ensure odd */
-	BN_set_bit(largebase, 0);
+	if (BN_set_bit(largebase, 0) == 0)
 		fatal("BN_set_bit: failed");
 	time(&time_start);
@ -424,8 +430,10 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 			continue; /* Definitely composite, skip */
 		debug2("test q = largebase+%u", 2 * j);
-		BN_set_word(q, 2 * j);
+		if (BN_set_word(q, 2 * j) == 0)
-		BN_add(q, q, largebase);
+			fatal("BN_set_word failed");
 		if (BN_add(q, q, largebase) == 0)
 			fatal("BN_add failed");
 		if (qfileout(out, QTYPE_SOPHIE_GERMAIN, QTEST_SIEVE,
 		    largetries, (power - 1) /* MSB */, (0), q) == -1) {
 			ret = -1;
@ -470,9 +478,12 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
 	time(&time_start);
-	p = BN_new();
+	if ((p = BN_new()) == NULL)
-	q = BN_new();
+		fatal("BN_new failed");
-	ctx = BN_CTX_new();
+	if ((q = BN_new()) == NULL)
 		fatal("BN_new failed");
 	if ((ctx = BN_CTX_new()) == NULL)
 		fatal("BN_CTX_new failed");
 	debug2("%.24s Final %u Miller-Rabin trials (%x generator)",
 	    ctime(&time_start), trials, generator_wanted);
@ -520,10 +531,13 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
 		case QTYPE_SOPHIE_GERMAIN:
 			debug2("%10u: (%u) Sophie-Germain", count_in, in_type);
 			a = q;
-			BN_hex2bn(&a, cp);
+			if (BN_hex2bn(&a, cp) == 0)
 				fatal("BN_hex2bn failed");
 			/* p = 2*q + 1 */
-			BN_lshift(p, q, 1);
+			if (BN_lshift(p, q, 1) == 0)
-			BN_add_word(p, 1);
+				fatal("BN_lshift failed");
 			if (BN_add_word(p, 1) == 0)
 				fatal("BN_add_word failed");
 			in_size += 1;
 			generator_known = 0;
 			break;
@ -534,9 +548,11 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
 		case QTYPE_UNKNOWN:
 			debug2("%10u: (%u)", count_in, in_type);
 			a = p;
-			BN_hex2bn(&a, cp);
+			if (BN_hex2bn(&a, cp) == 0)
 				fatal("BN_hex2bn failed");
 			/* q = (p-1) / 2 */
-			BN_rshift(q, p, 1);
+			if (BN_rshift(q, p, 1) == 0)
 				fatal("BN_rshift failed");
 			break;
 		default:
 			debug2("Unknown prime type");
--- a/rsa.c
+++ b/rsa.c
@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.c,v 1.28 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: rsa.c,v 1.29 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -91,7 +91,8 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 	    RSA_PKCS1_PADDING)) <= 0)
 		fatal("rsa_public_encrypt() failed");
-	BN_bin2bn(outbuf, len, out);
+	if (BN_bin2bn(outbuf, len, out) == NULL)
 		fatal("rsa_public_encrypt: BN_bin2bn failed");
 	memset(outbuf, 0, olen);
 	memset(inbuf, 0, ilen);
@ -116,7 +117,8 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 	    RSA_PKCS1_PADDING)) <= 0) {
 		error("rsa_private_decrypt() failed");
 	} else {
-		BN_bin2bn(outbuf, len, out);
+		if (BN_bin2bn(outbuf, len, out) == NULL)
 			fatal("rsa_private_decrypt: BN_bin2bn failed");
 	}
 	memset(outbuf, 0, olen);
 	memset(inbuf, 0, ilen);
@ -137,11 +139,11 @@ rsa_generate_additional_parameters(RSA *rsa)
 	if ((ctx = BN_CTX_new()) == NULL)
 		fatal("rsa_generate_additional_parameters: BN_CTX_new failed");
-	BN_sub(aux, rsa->q, BN_value_one());
+	if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) ||
-	BN_mod(rsa->dmq1, rsa->d, aux, ctx);
+	    (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) ||
-
+	    (BN_sub(aux, rsa->p, BN_value_one()) == 0) ||
-	BN_sub(aux, rsa->p, BN_value_one());
+	    (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0))
-	BN_mod(rsa->dmp1, rsa->d, aux, ctx);
+		fatal("rsa_generate_additional_parameters: BN_sub/mod failed");
 	BN_clear_free(aux);
 	BN_CTX_free(ctx);
--- a/scard.c
+++ b/scard.c
@ -1,4 +1,4 @@
-/* $OpenBSD: scard.c,v 1.35 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: scard.c,v 1.36 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
 *
@ -391,15 +391,17 @@ sc_get_keys(const char *id, const char *pin)
 	keys = xcalloc((nkeys+1), sizeof(Key *));
 	n = key_new(KEY_RSA1);
-	BN_copy(n->rsa->n, k->rsa->n);
+	if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
-	BN_copy(n->rsa->e, k->rsa->e);
+	    (BN_copy(n->rsa->e, k->rsa->e) == NULL))
 		fatal("sc_get_keys: BN_copy failed");
 	RSA_set_method(n->rsa, sc_get_rsa());
 	n->flags |= KEY_FLAG_EXT;
 	keys[0] = n;
 	n = key_new(KEY_RSA);
-	BN_copy(n->rsa->n, k->rsa->n);
+	if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
-	BN_copy(n->rsa->e, k->rsa->e);
+	    (BN_copy(n->rsa->e, k->rsa->e) == NULL))
 		fatal("sc_get_keys: BN_copy failed");
 	RSA_set_method(n->rsa, sc_get_rsa());
 	n->flags |= KEY_FLAG_EXT;
 	keys[1] = n;
--- a/ssh-dss.c
+++ b/ssh-dss.c
@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-dss.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.24 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@ -161,8 +161,9 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
 		fatal("ssh_dss_verify: BN_new failed");
 	if ((sig->s = BN_new()) == NULL)
 		fatal("ssh_dss_verify: BN_new failed");
-	BN_bin2bn(sigblob, INTBLOB_LEN, sig->r);
+	if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) ||
-	BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s);
+	    (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL))
 		fatal("ssh_dss_verify: BN_bin2bn failed");
 	/* clean up */
 	memset(sigblob, 0, len);
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.154 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.155 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -222,7 +222,8 @@ buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
 	if (buffer_len(b) < bytes)
 		fatal("buffer_get_bignum_bits: input buffer too small: "
 		    "need %d have %d", bytes, buffer_len(b));
-	BN_bin2bn(buffer_ptr(b), bytes, value);
+	if (BN_bin2bn(buffer_ptr(b), bytes, value) == NULL)
 		fatal("buffer_get_bignum_bits: BN_bin2bn failed");
 	buffer_consume(b, bytes);
 }
--- a/sshconnect1.c
+++ b/sshconnect1.c
@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect1.c,v 1.69 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -563,14 +563,20 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	 * the first 16 bytes of the session id.
 	 */
 	if ((key = BN_new()) == NULL)
-		fatal("respond_to_rsa_challenge: BN_new failed");
+		fatal("ssh_kex: BN_new failed");
-	BN_set_word(key, 0);
+	if (BN_set_word(key, 0) == 0)
 		fatal("ssh_kex: BN_set_word failed");
 	for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
-		BN_lshift(key, key, 8);
+		if (BN_lshift(key, key, 8) == 0)
-		if (i < 16)
+			fatal("ssh_kex: BN_lshift failed");
-			BN_add_word(key, session_key[i] ^ session_id[i]);
+		if (i < 16) {
-		else
+			if (BN_add_word(key, session_key[i] ^ session_id[i])
-			BN_add_word(key, session_key[i]);
+			    == 0)
 				fatal("ssh_kex: BN_add_word failed");
 		} else {
 			if (BN_add_word(key, session_key[i]) == 0)
 				fatal("ssh_kex: BN_add_word failed");
 		}
 	}
 	/*
--- a/sshd.c
+++ b/sshd.c
@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.347 2006/08/18 09:15:20 markus Exp $ */
+/* $OpenBSD: sshd.c,v 1.348 2006/11/06 21:25:28 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -2013,10 +2013,10 @@ do_ssh1_kex(void)
 	 * key is in the highest bits.
 	 */
 	if (!rsafail) {
-		BN_mask_bits(session_key_int, sizeof(session_key) * 8);
+		(void) BN_mask_bits(session_key_int, sizeof(session_key) * 8);
 		len = BN_num_bytes(session_key_int);
 		if (len < 0 || (u_int)len > sizeof(session_key)) {
-			error("do_connection: bad session key len from %s: "
+			error("do_ssh1_kex: bad session key len from %s: "
 			    "session_key_int %d > sizeof(session_key) %lu",
 			    get_remote_ipaddr(), len, (u_long)sizeof(session_key));
 			rsafail++;