Subject:    [openssl-dev] [openssl.org #4107] [PATCH] null pointer dereference: bn_wexpand return code not check
From:       Pascal Cuoq via RT <rt@openssl.org>
Date:       2015-10-26 10:29:43
Message-ID: rt-4.0.19-1258-1445855383-1511.4107-21-0@openssl.org

The function bn_wexpand() can fail. Most of the invocations in bn_g2fm.c are
guarded, but three of them aren't, causing a null pointer dereference when
bn_wexpand() fails:

https://github.com/openssl/openssl/blob/3f6c7691870d1cd2ad0e0c83638cef3f35a0b548/crypto/bn/bn_gf2m.c#L700

If the calls to bn_wexpand() are guarded as in the attached patch, the
null pointer dereferences no longer occur.

diff -ur openssl-orig/crypto/bn/bn_gf2m.c openssl-work/crypto/bn/bn_gf2m.c
--- openssl-orig/crypto/bn/bn_gf2m.c	2015-10-12 10:52:04.214530631 +0200
+++ openssl-work/crypto/bn/bn_gf2m.c	2015-10-12 12:19:19.702494006 +0200
@@ -697,18 +697,21 @@
         int top = p->top;
         BN_ULONG *udp, *bdp, *vdp, *cdp;
 
-        bn_wexpand(u, top);
+        if (!bn_wexpand(u, top))
+            goto err;
         udp = u->d;
         for (i = u->top; i < top; i++)
             udp[i] = 0;
         u->top = top;
-        bn_wexpand(b, top);
+        if (!bn_wexpand(b, top))
+            goto err;
         bdp = b->d;
         bdp[0] = 1;
         for (i = 1; i < top; i++)
             bdp[i] = 0;
         b->top = top;
-        bn_wexpand(c, top);
+        if (!bn_wexpand(c, top))
+            goto err;
         cdp = c->d;
         for (i = 0; i < top; i++)
             cdp[i] = 0;