diff --git a/crypto/openssl/crypto/cms/cms_smime.c b/crypto/openssl/crypto/cms/cms_smime.c index 3f3d93fa0095..e081c252e9cb 100644 --- a/crypto/openssl/crypto/cms/cms_smime.c +++ b/crypto/openssl/crypto/cms/cms_smime.c @@ -25,6 +25,8 @@ static BIO *cms_get_text_bio(BIO *out, unsigned int flags) rbio = BIO_new(BIO_s_null()); else if (flags & CMS_TEXT) { rbio = BIO_new(BIO_s_mem()); + if (rbio == NULL) + return NULL; BIO_set_mem_eof_return(rbio, 0); } else rbio = out; diff --git a/crypto/openssl/demos/bio/sconnect.c b/crypto/openssl/demos/bio/sconnect.c index 69954f5cde56..4ad4d364e396 100644 --- a/crypto/openssl/demos/bio/sconnect.c +++ b/crypto/openssl/demos/bio/sconnect.c @@ -61,15 +61,27 @@ int main(int argc, char *argv[]) /* Let's make an SSL structure */ ssl = SSL_new(ssl_ctx); + if (ssl == NULL) + goto err; + SSL_set_connect_state(ssl); /* Use it inside an SSL BIO */ ssl_bio = BIO_new(BIO_f_ssl()); + if (ssl_bio == NULL) + goto err; + BIO_set_ssl(ssl_bio, ssl, BIO_CLOSE); /* Lets use a connect BIO under the SSL BIO */ out = BIO_new(BIO_s_connect()); + if (out == NULL) + { + BIO_free(ssl_bio); + goto err; + } + BIO_set_conn_hostname(out, hostport); /* The BIO has parsed the host:port and even IPv6 literals in [] */ diff --git a/crypto/openssl/fuzz/cmp.c b/crypto/openssl/fuzz/cmp.c index 16d2fade225d..98dd3e6ff229 100644 --- a/crypto/openssl/fuzz/cmp.c +++ b/crypto/openssl/fuzz/cmp.c @@ -176,10 +176,20 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) return 0; in = BIO_new(BIO_s_mem()); + if (in == NULL) + return 0; + OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); msg = d2i_OSSL_CMP_MSG_bio(in, NULL); if (msg != NULL) { BIO *out = BIO_new(BIO_s_null()); + + if (out == NULL) { + OSSL_CMP_MSG_free(msg); + BIO_free(in); + return 0; + } + OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(NULL, NULL); OSSL_CMP_CTX *client_ctx = OSSL_CMP_CTX_new(NULL, NULL); diff --git a/crypto/openssl/fuzz/cms.c b/crypto/openssl/fuzz/cms.c index d464429a5407..76c06a419fe9 100644 --- a/crypto/openssl/fuzz/cms.c +++ b/crypto/openssl/fuzz/cms.c @@ -34,11 +34,20 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) return 0; in = BIO_new(BIO_s_mem()); + if (in == NULL) + return 0; + OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); cms = d2i_CMS_bio(in, NULL); if (cms != NULL) { BIO *out = BIO_new(BIO_s_null()); + if (out == NULL) { + CMS_ContentInfo_free(cms); + BIO_free(in); + return 0; + } + i2d_CMS_bio(out, cms); BIO_free(out); CMS_ContentInfo_free(cms); diff --git a/crypto/openssl/fuzz/conf.c b/crypto/openssl/fuzz/conf.c index 72e4b358fd86..f04597d183dc 100644 --- a/crypto/openssl/fuzz/conf.c +++ b/crypto/openssl/fuzz/conf.c @@ -34,6 +34,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) conf = NCONF_new(NULL); in = BIO_new(BIO_s_mem()); + if (in == NULL) + return 0; + OPENSSL_assert((size_t)BIO_write(in, buf, len) == len); NCONF_load_bio(conf, in, &eline); NCONF_free(conf); diff --git a/crypto/openssl/fuzz/crl.c b/crypto/openssl/fuzz/crl.c index 9e18dcb94b36..eea20d2e372c 100644 --- a/crypto/openssl/fuzz/crl.c +++ b/crypto/openssl/fuzz/crl.c @@ -29,8 +29,11 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) X509_CRL *crl = d2i_X509_CRL(NULL, &p, len); if (crl != NULL) { BIO *bio = BIO_new(BIO_s_null()); - X509_CRL_print(bio, crl); - BIO_free(bio); + + if (bio != NULL) { + X509_CRL_print(bio, crl); + BIO_free(bio); + } i2d_X509_CRL(crl, &der); OPENSSL_free(der); diff --git a/crypto/openssl/fuzz/server.c b/crypto/openssl/fuzz/server.c index d058f1c2d8b3..2ed9639917e2 100644 --- a/crypto/openssl/fuzz/server.c +++ b/crypto/openssl/fuzz/server.c @@ -569,6 +569,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) # ifndef OPENSSL_NO_DEPRECATED_3_0 /* ECDSA */ bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert(bio_buf != NULL); OPENSSL_assert((size_t)BIO_write(bio_buf, ECDSAPrivateKeyPEM, sizeof(ECDSAPrivateKeyPEM)) == sizeof(ECDSAPrivateKeyPEM)); ecdsakey = PEM_read_bio_ECPrivateKey(bio_buf, NULL, NULL, NULL); ERR_print_errors_fp(stderr); @@ -581,6 +582,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) EVP_PKEY_free(pkey); # endif bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert(bio_buf != NULL); OPENSSL_assert((size_t)BIO_write(bio_buf, ECDSACertPEM, sizeof(ECDSACertPEM)) == sizeof(ECDSACertPEM)); cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL); OPENSSL_assert(cert != NULL); @@ -593,6 +595,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_DEPRECATED_3_0) /* DSA */ bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert(bio_buf != NULL); OPENSSL_assert((size_t)BIO_write(bio_buf, DSAPrivateKeyPEM, sizeof(DSAPrivateKeyPEM)) == sizeof(DSAPrivateKeyPEM)); dsakey = PEM_read_bio_DSAPrivateKey(bio_buf, NULL, NULL, NULL); ERR_print_errors_fp(stderr); @@ -605,6 +608,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) EVP_PKEY_free(pkey); bio_buf = BIO_new(BIO_s_mem()); + OPENSSL_assert(bio_buf != NULL); OPENSSL_assert((size_t)BIO_write(bio_buf, DSACertPEM, sizeof(DSACertPEM)) == sizeof(DSACertPEM)); cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL); OPENSSL_assert(cert != NULL); @@ -616,7 +620,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len) server = SSL_new(ctx); in = BIO_new(BIO_s_mem()); + OPENSSL_assert(in != NULL); out = BIO_new(BIO_s_mem()); + OPENSSL_assert(out != NULL); SSL_set_bio(server, in, out); SSL_set_accept_state(server); diff --git a/crypto/openssl/test/sslapitest.c b/crypto/openssl/test/sslapitest.c index b83dd6c552de..e9d053403008 100644 --- a/crypto/openssl/test/sslapitest.c +++ b/crypto/openssl/test/sslapitest.c @@ -1391,6 +1391,9 @@ static int execute_test_ktls_sendfile(int tls_version, const char *cipher, BIO_free(out); out = NULL; in = BIO_new_file(tmpfilename, "rb"); + if (!TEST_ptr(in)) + goto end; + BIO_get_fp(in, &ffdp); ffd = fileno(ffdp);