diff --git a/crypto/ec/ec_elgamal_crypt.c b/crypto/ec/ec_elgamal_crypt.c index 697e47c63..a6fe59749 100644 --- a/crypto/ec/ec_elgamal_crypt.c +++ b/crypto/ec/ec_elgamal_crypt.c @@ -50,7 +50,7 @@ EC_ELGAMAL_CTX *EC_ELGAMAL_CTX_new(EC_KEY *key, const EC_POINT *h, int32_t flag) if (h != NULL) { if (!(ctx->h = EC_POINT_dup(h, key->group))) - return 0; + goto err; } else { ctx->h = EC_POINT_new(key->group); if (ctx->h == NULL) { diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 31a97d793..178b6a5f4 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -2148,8 +2148,10 @@ int ossl_ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx) generator = EC_POINT_new(group); if (generator == NULL) goto err; - BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x); - BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y); + if (BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x) == NULL) + goto err; + if (BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y) == NULL) + goto err; if (!EC_POINT_set_affine_coordinates(group, generator, x, y, ctx)) goto err; if ((pre = nistp521_pre_comp_new()) == NULL) diff --git a/crypto/zkp/bulletproofs/bulletproofs_encode.c b/crypto/zkp/bulletproofs/bulletproofs_encode.c index ef03cedd6..94556c266 100644 --- a/crypto/zkp/bulletproofs/bulletproofs_encode.c +++ b/crypto/zkp/bulletproofs/bulletproofs_encode.c @@ -662,12 +662,17 @@ size_t BP_RANGE_PROOF_encode(const BP_RANGE_PROOF *proof, unsigned char *out, } sk_point = sk_EC_POINT_new_reserve(NULL, 4); - sk_bn = sk_BIGNUM_new_reserve(NULL, 3); - if (sk_point == NULL || sk_bn == NULL) { + if (sk_point == NULL) { ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE); return 0; } + sk_bn = sk_BIGNUM_new_reserve(NULL, 3); + if (sk_bn == NULL) { + ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE); + goto end; + } + ip_proof = proof->ip_proof; if ((curve_id = EC_POINT_get_curve_name(proof->A)) == NID_undef @@ -894,12 +899,17 @@ size_t BP_R1CS_PROOF_encode(const BP_R1CS_PROOF *proof, unsigned char *out, } sk_point = sk_EC_POINT_new_reserve(NULL, 11); - sk_bn = sk_BIGNUM_new_reserve(NULL, 3); - if (sk_point == NULL || sk_bn == NULL) { + if (sk_point == NULL) { ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE); return 0; } + sk_bn = sk_BIGNUM_new_reserve(NULL, 3); + if (sk_bn == NULL) { + ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE); + goto end; + } + ip_proof = proof->ip_proof; if ((curve_id = EC_POINT_get_curve_name(proof->AI1)) == NID_undef diff --git a/crypto/zkp/bulletproofs/r1cs.c b/crypto/zkp/bulletproofs/r1cs.c index c577e72ce..695e322ed 100644 --- a/crypto/zkp/bulletproofs/r1cs.c +++ b/crypto/zkp/bulletproofs/r1cs.c @@ -756,6 +756,11 @@ BP_R1CS_PROOF *BP_R1CS_PROOF_prove(BP_R1CS_CTX *ctx) err: ZKP_TRANSCRIPT_reset(transcript); + OPENSSL_free(wV); + OPENSSL_free(wO); + OPENSSL_free(wR); + OPENSSL_free(wL); + bp_inner_product_ctx_free(ip_ctx); bp_inner_product_pub_param_free(ip_pp); diff --git a/crypto/zkp/nizk/nizk_encode.c b/crypto/zkp/nizk/nizk_encode.c index 6d139f538..9fd1a9af5 100644 --- a/crypto/zkp/nizk/nizk_encode.c +++ b/crypto/zkp/nizk/nizk_encode.c @@ -684,7 +684,7 @@ NIZK_PLAINTEXT_EQUALITY_PROOF *NIZK_PLAINTEXT_EQUALITY_PROOF_decode(const unsign proof->B = sk_EC_POINT_pop(sk_point); sk_bn = zkp_stack_of_bignum_decode(p, &len, bn_len); - if (sk_point == NULL) + if (sk_bn == NULL) goto err; p += len; diff --git a/crypto/zkp/nizk/nizk_plaintext_knowledge.c b/crypto/zkp/nizk/nizk_plaintext_knowledge.c index a86de3b8b..e897eb125 100644 --- a/crypto/zkp/nizk/nizk_plaintext_knowledge.c +++ b/crypto/zkp/nizk/nizk_plaintext_knowledge.c @@ -219,6 +219,7 @@ int NIZK_PLAINTEXT_KNOWLEDGE_PROOF_verify(NIZK_PLAINTEXT_KNOWLEDGE_CTX *ctx, if (bn_ctx == NULL) goto err; + BN_CTX_start(bn_ctx); e = BN_CTX_get(bn_ctx); bn_1 = BN_CTX_get(bn_ctx); bn1 = BN_CTX_get(bn_ctx); @@ -284,5 +285,7 @@ int NIZK_PLAINTEXT_KNOWLEDGE_PROOF_verify(NIZK_PLAINTEXT_KNOWLEDGE_CTX *ctx, EC_POINT_free(R); zkp_poly_points_free(poly); ZKP_TRANSCRIPT_reset(transcript); + BN_CTX_end(bn_ctx); + BN_CTX_free(bn_ctx); return ret; } diff --git a/test/bulletproofs_test.c b/test/bulletproofs_test.c index 09c50549c..91a89ca6d 100644 --- a/test/bulletproofs_test.c +++ b/test/bulletproofs_test.c @@ -36,10 +36,10 @@ static int r1cs_example_logic1(BP_R1CS_CTX *ctx, return 0; } - if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) - || !(b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1)) - || !(c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1))) { - return 0; + if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL + || (b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1)) == NULL + || (c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1)) == NULL) { + goto err; } if (!BP_R1CS_LINEAR_COMBINATION_add(a, lc->a2) diff --git a/test/paillier_internal_test.c b/test/paillier_internal_test.c index 9e8f29304..5143d73e7 100644 --- a/test/paillier_internal_test.c +++ b/test/paillier_internal_test.c @@ -150,6 +150,7 @@ static size_t paillier_add(PAILLIER_CTX *ctx, unsigned char **out, ret = size; err: + OPENSSL_free(buf); PAILLIER_CIPHERTEXT_free(c1); PAILLIER_CIPHERTEXT_free(c2); PAILLIER_CIPHERTEXT_free(r); @@ -230,6 +231,7 @@ static size_t paillier_sub(PAILLIER_CTX *ctx, unsigned char **out, ret = size; err: + OPENSSL_free(buf); PAILLIER_CIPHERTEXT_free(c1); PAILLIER_CIPHERTEXT_free(c2); PAILLIER_CIPHERTEXT_free(r);