Add judgment to prevent null dereference in abnormal conditions.
Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_ec.c | 13 +++++++++++++ src/uadk_rsa.c | 18 ++++++++++++++++++ src/uadk_sm2.c | 15 +++++++++++++++ 3 files changed, 46 insertions(+)
diff --git a/src/uadk_ec.c b/src/uadk_ec.c index e341f5b..0a8bae0 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -453,6 +453,11 @@ static ECDSA_SIG *create_ecdsa_sig(struct wd_ecc_req *req) }
wd_ecdsa_get_sign_out_params(req->dst, &r, &s); + if (!r || !s) { + fprintf(stderr, "failed to get r or s\n"); + goto err; + } + if (!BN_bin2bn((void *)r->data, r->dsize, br) || !BN_bin2bn((void *)s->data, s->dsize, bs)) { fprintf(stderr, "failed to BN_bin2bn r or s\n"); @@ -1069,6 +1074,10 @@ static int ecdh_set_key_to_ec_key(EC_KEY *ecdh, struct wd_ecc_req *req) int ret = 0;
wd_ecxdh_get_out_params(req->dst, &pubkey); + if (!pubkey) { + fprintf(stderr, "failed to get pubkey\n"); + return ret; + }
group = EC_KEY_get0_group(ecdh); point = EC_POINT_new(group); @@ -1134,6 +1143,10 @@ static int ecdh_get_shared_key(const EC_KEY *ecdh, struct wd_ecc_point *shared_key = NULL;
wd_ecxdh_get_out_params(req->dst, &shared_key); + if (!shared_key) { + fprintf(stderr, "failed to get shared key\n"); + return 0; + }
*outlen = shared_key->x.dsize;
diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c index 229306e..857fd79 100644 --- a/src/uadk_rsa.c +++ b/src/uadk_rsa.c @@ -912,7 +912,13 @@ static int rsa_fill_pubkey(struct rsa_pubkey_param *pubkey_param,
if (!rsa_sess->is_pubkey_ready) { wd_rsa_get_pubkey(rsa_sess->sess, &pubkey); + if (!pubkey) + return UADK_E_FAIL; + wd_rsa_get_pubkey_params(pubkey, &wd_e, &wd_n); + if (!wd_e || !wd_n) + return UADK_E_FAIL; + wd_e->dsize = BN_bn2bin(pubkey_param->e, (unsigned char *)wd_e->data); wd_n->dsize = BN_bn2bin(pubkey_param->n, @@ -945,8 +951,14 @@ static int rsa_fill_prikey(RSA *rsa, struct uadk_rsa_sess *rsa_sess,
if (!(rsa_sess->is_prikey_ready) && (pri->is_crt)) { wd_rsa_get_prikey(rsa_sess->sess, &prikey); + if (!prikey) + return UADK_E_FAIL; + wd_rsa_get_crt_prikey_params(prikey, &wd_dq, &wd_dp, &wd_qinv, &wd_q, &wd_p); + if (!wd_dq || !wd_dp || !wd_qinv || !wd_q || !wd_p) + return UADK_E_FAIL; + wd_dq->dsize = BN_bn2bin(pri->dmq1, (unsigned char *)wd_dq->data); wd_dp->dsize = BN_bn2bin(pri->dmp1, @@ -959,7 +971,13 @@ static int rsa_fill_prikey(RSA *rsa, struct uadk_rsa_sess *rsa_sess, (unsigned char *)wd_qinv->data); } else if (!(rsa_sess->is_prikey_ready) && !(pri->is_crt)) { wd_rsa_get_prikey(rsa_sess->sess, &prikey); + if (!prikey) + return UADK_E_FAIL; + wd_rsa_get_prikey_params(prikey, &wd_d, &wd_n); + if (!wd_d || !wd_n) + return UADK_E_FAIL; + wd_d->dsize = BN_bn2bin(pri->d, (unsigned char *)wd_d->data); wd_n->dsize = BN_bn2bin(pri->n, diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c index af26690..0173a43 100644 --- a/src/uadk_sm2.c +++ b/src/uadk_sm2.c @@ -710,6 +710,11 @@ static int sm2_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, }
wd_sm2_get_sign_out_params(req.dst, &r, &s); + if (!r || !s) { + ret = UADK_DO_SOFT; + goto uninit_iot; + } + ret = sign_bin_to_ber(NULL, r, s, sig, siglen); if (ret) goto uninit_iot; @@ -939,6 +944,11 @@ static int sm2_encrypt(EVP_PKEY_CTX *ctx,
md = (smctx->ctx.md == NULL) ? EVP_sm3() : smctx->ctx.md; wd_sm2_get_enc_out_params(req.dst, &c1, &c2, &c3); + if (!c1 || !c2 || !c3) { + ret = UADK_DO_SOFT; + goto uninit_iot; + } + ret = cipher_bin_to_ber(md, c1, c2, c3, out, outlen); if (ret) goto uninit_iot; @@ -1029,6 +1039,11 @@ static int sm2_get_plaintext(struct wd_ecc_req *req, struct wd_dtb *ptext = NULL;
wd_sm2_get_dec_out_params(req->dst, &ptext); + if (!ptext) { + fprintf(stderr, "failed to get ptext\n"); + return -EINVAL; + } + if (*outlen < ptext->dsize) { fprintf(stderr, "outlen(%lu) < (%u)\n", *outlen, ptext->dsize); return -EINVAL;