[8.3-stable] Fix coverity issues, remove useless code in NTLS

.github/workflows/main.yml

@@ -14,7 +14,7 @@ jobs:
         fuzz-seconds: 600
         dry-run: false
     - name: Upload Crash
-      uses: actions/upload-artifact@v1
+      uses: actions/upload-artifact@v4
       if: failure()
       with:
         name: artifacts

apps/ocsp.c

@@ -268,7 +268,7 @@ int ocsp_main(int argc, char **argv)
     if (ids == NULL)
         goto end;
     if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
-        return 1;
+        goto end;
 
     prog = opt_init(argc, argv, ocsp_options);
     while ((o = opt_next()) != OPT_EOF) {

crypto/asn1/x_delegated_credential.c

@@ -91,7 +91,7 @@ DELEGATED_CREDENTIAL *DC_new_from_raw_byte(const unsigned char *byte,
 
     if(!DC_set1_raw_byte(dc, byte, len)) {
         ASN1err(ASN1_F_DC_NEW_FROM_RAW_BYTE, ERR_R_MALLOC_FAILURE);
-        return NULL;
+        goto err;
     }
 
     if (!PACKET_buf_init(&pkt, dc->raw_byte, dc->raw_byte_len))

crypto/bn/bn_exp.c

@@ -188,13 +188,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         return ret;
     }
 
+    BN_RECP_CTX_init(&recp);
+
     BN_CTX_start(ctx);
     aa = BN_CTX_get(ctx);
     val[0] = BN_CTX_get(ctx);
     if (val[0] == NULL)
         goto err;
 
-    BN_RECP_CTX_init(&recp);
     if (m->neg) {
         /* ignore sign of 'm' */
         if (!BN_copy(aa, m))

crypto/cms/cms_sd.c

@@ -897,8 +897,10 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
     ASN1_INTEGER *key = NULL;
     if (keysize > 0) {
         key = ASN1_INTEGER_new();
-        if (key == NULL || !ASN1_INTEGER_set(key, keysize))
+        if (key == NULL || !ASN1_INTEGER_set(key, keysize)) {
+            ASN1_INTEGER_free(key);
             return 0;
+        }
     }
     alg = X509_ALGOR_new();
     if (alg == NULL) {

crypto/dsa/dsa_gen.c

@@ -342,6 +342,9 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
     }
 
     mdsize = EVP_MD_size(evpmd);
+    if (mdsize < 0)
+        goto err;
+
     /* If unverifiable g generation only don't need seed */
     if (!ret->p || !ret->q || idx >= 0) {
         if (seed_len == 0)

crypto/err/openssl.txt

@@ -1,4 +1,4 @@
-# Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -1602,7 +1602,6 @@ SSL_F_TLS_CONSTRUCT_CTOS_ALPN:466:tls_construct_ctos_alpn
 SSL_F_TLS_CONSTRUCT_CTOS_ALPN_NTLS:721:tls_construct_ctos_alpn_ntls
 SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE:355:*
 SSL_F_TLS_CONSTRUCT_CTOS_COOKIE:535:tls_construct_ctos_cookie
-SSL_F_TLS_CONSTRUCT_CTOS_COOKIE_NTLS:722:tls_construct_ctos_cookie_ntls
 SSL_F_TLS_CONSTRUCT_CTOS_DELEGATED_CREDENTIAL:853:\
 	tls_construct_ctos_delegated_credential
 SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA:530:tls_construct_ctos_early_data
@@ -1633,7 +1632,6 @@ SSL_F_TLS_CONSTRUCT_CTOS_PSK:501:tls_construct_ctos_psk
 SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES:509:tls_construct_ctos_psk_kex_modes
 SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES_NTLS:733:\
 	tls_construct_ctos_psk_kex_modes_ntls
-SSL_F_TLS_CONSTRUCT_CTOS_PSK_NTLS:732:tls_construct_ctos_psk_ntls
 SSL_F_TLS_CONSTRUCT_CTOS_QUIC_TRANSPORT_PARAMS:3008:\
 	tls_construct_ctos_quic_transport_params
 SSL_F_TLS_CONSTRUCT_CTOS_QUIC_TRANSPORT_PARAMS_DRAFT:3013:\
@@ -1698,7 +1696,6 @@ SSL_F_TLS_CONSTRUCT_STOC_ALPN:451:tls_construct_stoc_alpn
 SSL_F_TLS_CONSTRUCT_STOC_ALPN_NTLS:753:tls_construct_stoc_alpn_ntls
 SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE:374:*
 SSL_F_TLS_CONSTRUCT_STOC_COOKIE:613:tls_construct_stoc_cookie
-SSL_F_TLS_CONSTRUCT_STOC_COOKIE_NTLS:754:tls_construct_stoc_cookie_ntls
 SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG:452:tls_construct_stoc_cryptopro_bug
 SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG_NTLS:755:\
 	tls_construct_stoc_cryptopro_bug_ntls
@@ -1726,7 +1723,6 @@ SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG:457:tls_construct_stoc_next_proto_neg
 SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG_NTLS:762:\
 	tls_construct_stoc_next_proto_neg_ntls
 SSL_F_TLS_CONSTRUCT_STOC_PSK:504:tls_construct_stoc_psk
-SSL_F_TLS_CONSTRUCT_STOC_PSK_NTLS:763:tls_construct_stoc_psk_ntls
 SSL_F_TLS_CONSTRUCT_STOC_QUIC_TRANSPORT_PARAMS:3009:\
 	tls_construct_stoc_quic_transport_params
 SSL_F_TLS_CONSTRUCT_STOC_QUIC_TRANSPORT_PARAMS_DRAFT:3014:\
@@ -1769,7 +1765,6 @@ SSL_F_TLS_PARSE_COMPRESS_CERT:875:tls_parse_compress_cert
 SSL_F_TLS_PARSE_CTOS_ALPN:567:tls_parse_ctos_alpn
 SSL_F_TLS_PARSE_CTOS_ALPN_NTLS:774:tls_parse_ctos_alpn_ntls
 SSL_F_TLS_PARSE_CTOS_COOKIE:614:tls_parse_ctos_cookie
-SSL_F_TLS_PARSE_CTOS_COOKIE_NTLS:775:tls_parse_ctos_cookie_ntls
 SSL_F_TLS_PARSE_CTOS_DELEGATED_CREDENTIAL:862:\
 	tls_parse_ctos_delegated_credential
 SSL_F_TLS_PARSE_CTOS_EARLY_DATA:568:tls_parse_ctos_early_data
@@ -1788,7 +1783,6 @@ SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH_NTLS:781:\
 SSL_F_TLS_PARSE_CTOS_PSK:505:tls_parse_ctos_psk
 SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES:572:tls_parse_ctos_psk_kex_modes
 SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES_NTLS:783:tls_parse_ctos_psk_kex_modes_ntls
-SSL_F_TLS_PARSE_CTOS_PSK_NTLS:782:tls_parse_ctos_psk_ntls
 SSL_F_TLS_PARSE_CTOS_QUIC_TRANSPORT_PARAMS:3010:\
 	tls_parse_ctos_quic_transport_params
 SSL_F_TLS_PARSE_CTOS_QUIC_TRANSPORT_PARAMS_DRAFT:3015:\
@@ -1815,7 +1809,6 @@ SSL_F_TLS_PARSE_DC_FROM_EXTENSION:864:tls_parse_dc_from_extension
 SSL_F_TLS_PARSE_STOC_ALPN:579:tls_parse_stoc_alpn
 SSL_F_TLS_PARSE_STOC_ALPN_NTLS:793:tls_parse_stoc_alpn_ntls
 SSL_F_TLS_PARSE_STOC_COOKIE:534:tls_parse_stoc_cookie
-SSL_F_TLS_PARSE_STOC_COOKIE_NTLS:794:tls_parse_stoc_cookie_ntls
 SSL_F_TLS_PARSE_STOC_DELEGATED_CREDENTIAL:854:\
 	tls_parse_stoc_delegated_credential
 SSL_F_TLS_PARSE_STOC_EARLY_DATA:538:tls_parse_stoc_early_data
@@ -1830,7 +1823,6 @@ SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN_NTLS:798:tls_parse_stoc_maxfragmentlen_ntls
 SSL_F_TLS_PARSE_STOC_NPN:582:tls_parse_stoc_npn
 SSL_F_TLS_PARSE_STOC_NPN_NTLS:799:tls_parse_stoc_npn_ntls
 SSL_F_TLS_PARSE_STOC_PSK:502:tls_parse_stoc_psk
-SSL_F_TLS_PARSE_STOC_PSK_NTLS:800:tls_parse_stoc_psk_ntls
 SSL_F_TLS_PARSE_STOC_QUIC_TRANSPORT_PARAMS:3011:\
 	tls_parse_stoc_quic_transport_params
 SSL_F_TLS_PARSE_STOC_QUIC_TRANSPORT_PARAMS_DRAFT:3016:\

crypto/evp/bio_ok.c

@@ -496,9 +496,11 @@ static int sig_in(BIO *b)
     void *md_data;
 
     ctx = BIO_get_data(b);
-    md = ctx->md;
+    if ((md = ctx->md) == NULL)
+        goto berr;
     digest = EVP_MD_CTX_md(md);
-    md_size = EVP_MD_size(digest);
+    if ((md_size = EVP_MD_size(digest)) <= 0)
+        goto berr;
     md_data = EVP_MD_CTX_md_data(md);
 
     if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md_size)

crypto/evp/e_aes.c

@@ -3887,6 +3887,7 @@ typedef struct {
 static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv, int enc)
 {
+    int len;
     EVP_AES_WRAP_CTX *wctx = EVP_C_DATA(EVP_AES_WRAP_CTX,ctx);
     if (!iv && !key)
         return 1;
@@ -3901,8 +3902,10 @@ static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
             wctx->iv = NULL;
     }
     if (iv) {
-        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, EVP_CIPHER_CTX_iv_length(ctx));
-        wctx->iv = EVP_CIPHER_CTX_iv_noconst(ctx);
+        if ((len = EVP_CIPHER_CTX_iv_length(ctx)) < 0)
+            return 0;
+        memcpy(ctx->iv, iv, len);
+        wctx->iv = ctx->iv;
     }
     return 1;
 }

crypto/evp/evp_enc.c

@@ -88,6 +88,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
                       ENGINE *impl, const unsigned char *key,
                       const unsigned char *iv, int enc)
 {
+    int n;
+
     if (enc == -1)
         enc = ctx->encrypt;
     else {
@@ -204,19 +206,27 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
             /* fall-through */
 
         case EVP_CIPH_CBC_MODE:
-
-            OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
-                           (int)sizeof(ctx->iv));
+            n = EVP_CIPHER_CTX_iv_length(ctx);
+            if (n < 0 || n > (int)sizeof(ctx->iv)) {
+                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INVALID_IV_LENGTH);
+                return 0;
+            }
             if (iv)
-                memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-            memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+                memcpy(ctx->oiv, iv, n);
+            memcpy(ctx->iv, ctx->oiv, n);
             break;
 
         case EVP_CIPH_CTR_MODE:
             ctx->num = 0;
             /* Don't reuse IV for CTR mode */
-            if (iv)
-                memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+            if (iv) {
+                n = EVP_CIPHER_CTX_iv_length(ctx);
+                if (n <= 0 || n > (int)sizeof(ctx->iv)) {
+                    EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INVALID_IV_LENGTH);
+                    return 0;
+                }
+                memcpy(ctx->iv, iv, n);
+            }
             break;
 
         default:

crypto/rsa/rsa_ossl.c

@@ -578,6 +578,8 @@ static int rsa_ossl_public_decrypt(int flen, const unsigned char *from,
             goto err;
 
     i = BN_bn2binpad(ret, buf, num);
+    if (i < 0)
+        goto err;
 
     switch (padding) {
     case RSA_PKCS1_PADDING:

crypto/ts/ts_rsp_sign.c

@@ -63,6 +63,7 @@ static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
     TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
     TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
                                 "Error during serial number generation.");
+    ASN1_INTEGER_free(serial);
     return NULL;
 }
 

crypto/x509/x509spki.c

@@ -58,7 +58,10 @@ char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
     unsigned char *der_spki, *p;
     char *b64_str;
     int der_len;
+
     der_len = i2d_NETSCAPE_SPKI(spki, NULL);
+    if (der_len <= 0)
+        return NULL;
     der_spki = OPENSSL_malloc(der_len);
     b64_str = OPENSSL_malloc(der_len * 2);
     if (der_spki == NULL || b64_str == NULL) {

crypto/x509v3/pcy_data.c

@@ -51,6 +51,7 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
         id = NULL;
     ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
+        ASN1_OBJECT_free(id);
         X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
     }

crypto/x509v3/v3_tlsf.c

@@ -89,7 +89,7 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
 {
     TLS_FEATURE *tlsf;
     char *extval, *endptr;
-    ASN1_INTEGER *ai;
+    ASN1_INTEGER *ai = NULL;
     CONF_VALUE *val;
     int i;
     size_t j;
@@ -128,10 +128,13 @@ static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
             X509V3err(X509V3_F_V2I_TLS_FEATURE, ERR_R_MALLOC_FAILURE);
             goto err;
         }
+
+        ai = NULL;
     }
     return tlsf;
 
  err:
     sk_ASN1_INTEGER_pop_free(tlsf, ASN1_INTEGER_free);
+    ASN1_INTEGER_free(ai);
     return NULL;
 }

include/openssl/sslerr.h

@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -425,7 +425,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_CONSTRUCT_CTOS_ALPN_NTLS               721
 # define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE             355
 # define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE                  535
-# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE_NTLS             722
 # define SSL_F_TLS_CONSTRUCT_CTOS_DELEGATED_CREDENTIAL    853
 # define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA              530
 # define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA_NTLS         723
@@ -450,7 +449,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_CONSTRUCT_CTOS_PSK                     501
 # define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES           509
 # define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES_NTLS      733
-# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_NTLS                732
 # define SSL_F_TLS_CONSTRUCT_CTOS_QUIC_TRANSPORT_PARAMS   3008
 # define SSL_F_TLS_CONSTRUCT_CTOS_QUIC_TRANSPORT_PARAMS_DRAFT 3013
 # define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE             473
@@ -500,7 +498,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_CONSTRUCT_STOC_ALPN_NTLS               753
 # define SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE             374
 # define SSL_F_TLS_CONSTRUCT_STOC_COOKIE                  613
-# define SSL_F_TLS_CONSTRUCT_STOC_COOKIE_NTLS             754
 # define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG           452
 # define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG_NTLS      755
 # define SSL_F_TLS_CONSTRUCT_STOC_DELEGATED_CREDENTIAL    863
@@ -523,7 +520,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG          457
 # define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG_NTLS     762
 # define SSL_F_TLS_CONSTRUCT_STOC_PSK                     504
-# define SSL_F_TLS_CONSTRUCT_STOC_PSK_NTLS                763
 # define SSL_F_TLS_CONSTRUCT_STOC_QUIC_TRANSPORT_PARAMS   3009
 # define SSL_F_TLS_CONSTRUCT_STOC_QUIC_TRANSPORT_PARAMS_DRAFT 3014
 # define SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE             458
@@ -555,7 +551,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_PARSE_CTOS_ALPN                        567
 # define SSL_F_TLS_PARSE_CTOS_ALPN_NTLS                   774
 # define SSL_F_TLS_PARSE_CTOS_COOKIE                      614
-# define SSL_F_TLS_PARSE_CTOS_COOKIE_NTLS                 775
 # define SSL_F_TLS_PARSE_CTOS_DELEGATED_CREDENTIAL        862
 # define SSL_F_TLS_PARSE_CTOS_EARLY_DATA                  568
 # define SSL_F_TLS_PARSE_CTOS_EARLY_DATA_NTLS             776
@@ -572,7 +567,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_PARSE_CTOS_PSK                         505
 # define SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES               572
 # define SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES_NTLS          783
-# define SSL_F_TLS_PARSE_CTOS_PSK_NTLS                    782
 # define SSL_F_TLS_PARSE_CTOS_QUIC_TRANSPORT_PARAMS       3010
 # define SSL_F_TLS_PARSE_CTOS_QUIC_TRANSPORT_PARAMS_DRAFT 3015
 # define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE                 464
@@ -596,7 +590,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_PARSE_STOC_ALPN                        579
 # define SSL_F_TLS_PARSE_STOC_ALPN_NTLS                   793
 # define SSL_F_TLS_PARSE_STOC_COOKIE                      534
-# define SSL_F_TLS_PARSE_STOC_COOKIE_NTLS                 794
 # define SSL_F_TLS_PARSE_STOC_DELEGATED_CREDENTIAL        854
 # define SSL_F_TLS_PARSE_STOC_EARLY_DATA                  538
 # define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO             528
@@ -610,7 +603,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_TLS_PARSE_STOC_NPN                         582
 # define SSL_F_TLS_PARSE_STOC_NPN_NTLS                    799
 # define SSL_F_TLS_PARSE_STOC_PSK                         502
-# define SSL_F_TLS_PARSE_STOC_PSK_NTLS                    800
 # define SSL_F_TLS_PARSE_STOC_QUIC_TRANSPORT_PARAMS       3011
 # define SSL_F_TLS_PARSE_STOC_QUIC_TRANSPORT_PARAMS_DRAFT 3016
 # define SSL_F_TLS_PARSE_STOC_RENEGOTIATE                 448

ssl/packet.c

@@ -161,7 +161,7 @@ int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
 }
 
 /* Store the |value| of length |len| at location |data| */
-static int put_value(unsigned char *data, size_t value, size_t len)
+static int put_value(unsigned char *data, uint64_t value, size_t len)
 {
     for (data += len - 1; len > 0; len--) {
         *data = (unsigned char)(value & 0xff);
@@ -306,12 +306,12 @@ int WPACKET_start_sub_packet(WPACKET *pkt)
     return WPACKET_start_sub_packet_len__(pkt, 0);
 }
 
-int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t size)
+int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
 {
     unsigned char *data;
 
     /* Internal API, so should not fail */
-    if (!ossl_assert(size <= sizeof(unsigned int))
+    if (!ossl_assert(size <= sizeof(uint64_t))
             || !WPACKET_allocate_bytes(pkt, size, &data)
             || !put_value(data, val, size))
         return 0;