rewrite OCSP_parse_url to be sligthly less nasty and not have one byte buffer overreads

helpful nitpicking and ok tb@ miod@
author: beck <> 2016-12-21 18:13:59 +0000
committer: beck <> 2016-12-21 18:13:59 +0000
commit: 011dec0e088806b8dba48b272da1fbdcd6f66121 (patch)
tree: cf7e4fec41a18a2d93a5f30e387c9312c0c844dd
parent: 66b191e54f24dcd4e8df0762cb020622b7060949 (diff)
download: openbsd-011dec0e088806b8dba48b272da1fbdcd6f66121.tar.gz
openbsd-011dec0e088806b8dba48b272da1fbdcd6f66121.tar.bz2
openbsd-011dec0e088806b8dba48b272da1fbdcd6f66121.zip
1 files changed, 34 insertions, 78 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c
index be5bf7dab5..4a109b5513 100644
--- a/src/lib/libcrypto/ocsp/ocsp_lib.c
+++ b/src/lib/libcrypto/ocsp/ocsp_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ocsp_lib.c,v 1.18 2015/02/10 05:25:45 jsing Exp $ */
+/* $OpenBSD: ocsp_lib.c,v 1.19 2016/12/21 18:13:59 beck Exp $ */
 /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
 * project. */
@@ -182,99 +182,55 @@ OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
 int
 OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
 {
-        char *p, *buf;
+        char *host, *path, *port, *tmp;
-        char *host, *port;
-        *phost = NULL;
+        *phost = *pport = *ppath = NULL;
-        *pport = NULL;
+        *pssl = 0;
-        *ppath = NULL;
-        /* dup the buffer since we are going to mess with it */
+        if (strncmp(url, "https://", 8) == 0) {
-        buf = url ? strdup(url) : NULL;
-        if (!buf)
-                goto mem_err;
-        /* Check for initial colon */
-        p = strchr(buf, ':');
-        if (!p)
-                goto parse_err;
-        *(p++) = '\0';
-        if (!strcmp(buf, "http")) {
-                *pssl = 0;
-                port = "80";
-        } else if (!strcmp(buf, "https")) {
                *pssl = 1;
-                port = "443";
+                host = strdup(url + 8);
-        } else
+        } else if (strncmp(url, "http://", 7) == 0)
-                goto parse_err;
+                host = strdup(url + 7);
-        /* Check for double slash */
-        if ((p[0] != '/') || (p[1] != '/'))
-                goto parse_err;
-        p += 2;
-        host = p;
-        /* Check for trailing part of path */
-        p = strchr(p, '/');
-        if (!p)
-                *ppath = strdup("/");
        else {
-                *ppath = strdup(p);
+                OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
-                /* Set start of path to 0 so hostname is valid */
+                return 0;
-                *p = '\0';
+        }
+        if (host == NULL) {
+                OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
+                return 0;
        }
-        if (!*ppath)
+        if ((tmp = strchr(host, '/')) != NULL) {
-                goto mem_err;
+                path = strdup(tmp);
+                *tmp = '\0';
+        } else
+                path = strdup("/");
-        /* Look for optional ':' for port number */
+        if ((tmp = strchr(host, ':')) != NULL ) {
-        if ((p = strchr(host, ':'))) {
+                port = strdup(tmp + 1);
-                *p = 0;
+                *tmp = '\0';
-                port = p + 1;
        } else {
-                /* Not found: set default port */
                if (*pssl)
-                        port = "443";
+                        port = strdup("443");
                else
-                        port = "80";
+                        port = strdup("80");
        }
-        *pport = strdup(port);
+        if (path == NULL || port == NULL) {
-        if (!*pport)
+                free(host);
-                goto mem_err;
+                free(path);
+                free(port);
-        *phost = strdup(host);
+                OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
+                return 0;
-        if (!*phost)
+        }
-                goto mem_err;
-        free(buf);
+        *phost = host;
+        *ppath = path;
+        *pport = port;
        return 1;
-mem_err:
-        OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
-        goto err;
-parse_err:
-        OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
-err:
-        free(buf);
-        free(*ppath);
-        free(*pport);
-        free(*phost);
-        *phost = NULL;
-        *pport = NULL;
-        *ppath = NULL;
-        return 0;
 }
 OCSP_CERTID *
 OCSP_CERTID_dup(OCSP_CERTID *x)
 {
author	beck <>	2016-12-21 18:13:59 +0000
committer	beck <>	2016-12-21 18:13:59 +0000
commit	011dec0e088806b8dba48b272da1fbdcd6f66121 (patch)
tree	cf7e4fec41a18a2d93a5f30e387c9312c0c844dd
parent	66b191e54f24dcd4e8df0762cb020622b7060949 (diff)
download	openbsd-011dec0e088806b8dba48b272da1fbdcd6f66121.tar.gz openbsd-011dec0e088806b8dba48b272da1fbdcd6f66121.tar.bz2 openbsd-011dec0e088806b8dba48b272da1fbdcd6f66121.zip

diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c index be5bf7dab5..4a109b5513 100644 --- a/src/lib/libcrypto/ocsp/ocsp_lib.c +++ b/src/lib/libcrypto/ocsp/ocsp_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ocsp_lib.c,v 1.18 2015/02/10 05:25:45 jsing Exp $ */	1	/* $OpenBSD: ocsp_lib.c,v 1.19 2016/12/21 18:13:59 beck Exp $ */
2	/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL	2	/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
3	* project. */	3	* project. */
4		4
@@ -182,99 +182,55 @@ OCSP_id_cmp(OCSP_CERTID a, OCSP_CERTID b)
182	int	182	int
183	OCSP_parse_url(char url, char phost, char pport, char ppath, int pssl)	183	OCSP_parse_url(char url, char phost, char pport, char ppath, int pssl)
184	{	184	{
185	char p, buf;	185	char host, path, port, tmp;
186	char host, port;
187		186
188	*phost = NULL;	187	phost = pport = *ppath = NULL;
189	*pport = NULL;	188	*pssl = 0;
190	*ppath = NULL;
191		189
192	/* dup the buffer since we are going to mess with it */	190	if (strncmp(url, "https://", 8) == 0) {
193	buf = url ? strdup(url) : NULL;
194	if (!buf)
195	goto mem_err;
196
197	/* Check for initial colon */
198	p = strchr(buf, ':');
199	if (!p)
200	goto parse_err;
201
202	*(p++) = '\0';
203
204	if (!strcmp(buf, "http")) {
205	*pssl = 0;
206	port = "80";
207	} else if (!strcmp(buf, "https")) {
208	*pssl = 1;	191	*pssl = 1;
209	port = "443";	192	host = strdup(url + 8);
210	} else	193	} else if (strncmp(url, "http://", 7) == 0)
211	goto parse_err;	194	host = strdup(url + 7);
212
213	/* Check for double slash */
214	if ((p[0] != '/') \|\| (p[1] != '/'))
215	goto parse_err;
216
217	p += 2;
218
219	host = p;
220
221	/* Check for trailing part of path */
222	p = strchr(p, '/');
223	if (!p)
224	*ppath = strdup("/");
225	else {	195	else {
226	*ppath = strdup(p);	196	OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
227	/* Set start of path to 0 so hostname is valid */	197	return 0;
228	*p = '\0';	198	}
		199	if (host == NULL) {
		200	OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
		201	return 0;
229	}	202	}
230		203
231	if (!*ppath)	204	if ((tmp = strchr(host, '/')) != NULL) {
232	goto mem_err;	205	path = strdup(tmp);
		206	*tmp = '\0';
		207	} else
		208	path = strdup("/");
233		209
234	/* Look for optional ':' for port number */	210	if ((tmp = strchr(host, ':')) != NULL ) {
235	if ((p = strchr(host, ':'))) {	211	port = strdup(tmp + 1);
236	*p = 0;	212	*tmp = '\0';
237	port = p + 1;
238	} else {	213	} else {
239	/* Not found: set default port */
240	if (*pssl)	214	if (*pssl)
241	port = "443";	215	port = strdup("443");
242	else	216	else
243	port = "80";	217	port = strdup("80");
244	}	218	}
245		219
246	*pport = strdup(port);	220	if (path == NULL \|\| port == NULL) {
247	if (!*pport)	221	free(host);
248	goto mem_err;	222	free(path);
249		223	free(port);
250	*phost = strdup(host);	224	OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
251		225	return 0;
252	if (!*phost)	226	}
253	goto mem_err;
254
255	free(buf);
256		227
		228	*phost = host;
		229	*ppath = path;
		230	*pport = port;
257	return 1;	231	return 1;
258
259	mem_err:
260	OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
261	goto err;
262
263	parse_err:
264	OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
265
266	err:
267	free(buf);
268	free(*ppath);
269	free(*pport);
270	free(*phost);
271	*phost = NULL;
272	*pport = NULL;
273	*ppath = NULL;
274	return 0;
275	}	232	}
276		233
277
278	OCSP_CERTID *	234	OCSP_CERTID *
279	OCSP_CERTID_dup(OCSP_CERTID *x)	235	OCSP_CERTID_dup(OCSP_CERTID *x)
280	{	236	{