diff options
author | David Drysdale <drysdale@google.com> | 2022-06-13 15:39:14 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-06-13 15:39:14 +0000 |
commit | 644de3bb439154b04635f14abf224c7754ba4ee4 (patch) | |
tree | 4677b055721e533fa1567778258f4590bcf2850d | |
parent | 727e7a1c2004d4c7e4e54c4694ec06c85db99e9a (diff) | |
parent | deb9281da916640484f1bfd444582586cdc97e69 (diff) | |
download | keymaster-644de3bb439154b04635f14abf224c7754ba4ee4.tar.gz |
Catch more allocation failure cases am: 513e6158d0 am: deb9281da9
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/keymaster/+/18808330
Change-Id: I4210b250e30db29c59a5cbf47ddc0c0a81b3a238
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | km_openssl/ec_key_factory.cpp | 9 | ||||
-rw-r--r-- | ng/AndroidRemotelyProvisionedComponentDevice.cpp | 3 | ||||
-rw-r--r-- | ng/AndroidSharedSecret.cpp | 3 |
3 files changed, 15 insertions, 0 deletions
diff --git a/km_openssl/ec_key_factory.cpp b/km_openssl/ec_key_factory.cpp index 2e0e2f1..4ec3175 100644 --- a/km_openssl/ec_key_factory.cpp +++ b/km_openssl/ec_key_factory.cpp @@ -234,12 +234,18 @@ keymaster_error_t EcKeyFactory::ImportKey(const AuthorizationSet& key_descriptio switch (EVP_PKEY_type(pkey->type)) { case EVP_PKEY_ED25519: key.reset(new (std::nothrow) Ed25519Key(*hw_enforced, *sw_enforced, this)); + if (key.get() == nullptr) { + return KM_ERROR_MEMORY_ALLOCATION_FAILED; + } if (!key->EvpToInternal(pkey.get())) { return KM_ERROR_UNSUPPORTED_KEY_FORMAT; } break; case EVP_PKEY_X25519: key.reset(new (std::nothrow) X25519Key(*hw_enforced, *sw_enforced, this)); + if (key.get() == nullptr) { + return KM_ERROR_MEMORY_ALLOCATION_FAILED; + } if (!key->EvpToInternal(pkey.get())) { return KM_ERROR_UNSUPPORTED_KEY_FORMAT; } @@ -249,6 +255,9 @@ keymaster_error_t EcKeyFactory::ImportKey(const AuthorizationSet& key_descriptio if (!ec_key.get()) return KM_ERROR_INVALID_ARGUMENT; key.reset(new (std::nothrow) EcKey(*hw_enforced, *sw_enforced, this, move(ec_key))); + if (key.get() == nullptr) { + return KM_ERROR_MEMORY_ALLOCATION_FAILED; + } break; } default: diff --git a/ng/AndroidRemotelyProvisionedComponentDevice.cpp b/ng/AndroidRemotelyProvisionedComponentDevice.cpp index 0c2d842..54ea70c 100644 --- a/ng/AndroidRemotelyProvisionedComponentDevice.cpp +++ b/ng/AndroidRemotelyProvisionedComponentDevice.cpp @@ -113,6 +113,9 @@ ScopedAStatus AndroidRemotelyProvisionedComponentDevice::generateCertificateRequ request.test_mode = testMode; request.num_keys = keysToSign.size(); request.keys_to_sign_array = new (std::nothrow) KeymasterBlob[keysToSign.size()]; + if (request.keys_to_sign_array == nullptr) { + return km_utils::kmError2ScopedAStatus(KM_ERROR_MEMORY_ALLOCATION_FAILED); + } for (size_t i = 0; i < keysToSign.size(); i++) { request.SetKeyToSign(i, keysToSign[i].macedKey.data(), keysToSign[i].macedKey.size()); } diff --git a/ng/AndroidSharedSecret.cpp b/ng/AndroidSharedSecret.cpp index b2cb85d..c800666 100644 --- a/ng/AndroidSharedSecret.cpp +++ b/ng/AndroidSharedSecret.cpp @@ -46,6 +46,9 @@ ScopedAStatus AndroidSharedSecret::computeSharedSecret(const vector<SharedSecret ComputeSharedHmacRequest request(impl_->message_version()); request.params_array.params_array = new (std::nothrow) keymaster::HmacSharingParameters[params.size()]; + if (request.params_array.params_array == nullptr) { + return kmError2ScopedAStatus(KM_ERROR_MEMORY_ALLOCATION_FAILED); + } request.params_array.num_params = params.size(); for (size_t i = 0; i < params.size(); ++i) { request.params_array.params_array[i].seed = {params[i].seed.data(), params[i].seed.size()}; |