diff options
| author | deraadt <> | 2014-06-12 20:40:57 +0000 |
|---|---|---|
| committer | deraadt <> | 2014-06-12 20:40:57 +0000 |
| commit | 95b33f3e2fad03793adf906f7d3b08883ec3684c (patch) | |
| tree | 44a491147b347caf1b2dd774e13e12db3c08944e /src/lib/libcrypto/dh | |
| parent | 71477dc340552244618421bfc331e3226e59f4ea (diff) | |
| download | openbsd-95b33f3e2fad03793adf906f7d3b08883ec3684c.tar.gz openbsd-95b33f3e2fad03793adf906f7d3b08883ec3684c.tar.bz2 openbsd-95b33f3e2fad03793adf906f7d3b08883ec3684c.zip | |
replace atoi() calls with strtol(). Follow the idiomatic pattern in our
manual page strictly. Return -2 if the strings are not strict numbers.
The numbers remain in the range of "int". Range checking for these parameters
is done later in the pkey_*_ctl() functions, or sometimes in functions much
further downstream... but not always!!!
ok millert miod mikeb
Diffstat (limited to 'src/lib/libcrypto/dh')
| -rw-r--r-- | src/lib/libcrypto/dh/dh_pmeth.c | 42 |
1 files changed, 30 insertions, 12 deletions
diff --git a/src/lib/libcrypto/dh/dh_pmeth.c b/src/lib/libcrypto/dh/dh_pmeth.c index b51e0794b7..cb424ac149 100644 --- a/src/lib/libcrypto/dh/dh_pmeth.c +++ b/src/lib/libcrypto/dh/dh_pmeth.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dh_pmeth.c,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */ | 1 | /* $OpenBSD: dh_pmeth.c,v 1.6 2014/06/12 20:40:57 deraadt Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -57,6 +57,7 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <limits.h> | ||
| 60 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 61 | #include <openssl/asn1t.h> | 62 | #include <openssl/asn1t.h> |
| 62 | #include <openssl/x509.h> | 63 | #include <openssl/x509.h> |
| @@ -143,21 +144,38 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | |||
| 143 | static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, | 144 | static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, |
| 144 | const char *type, const char *value) | 145 | const char *type, const char *value) |
| 145 | { | 146 | { |
| 146 | if (!strcmp(type, "dh_paramgen_prime_len")) | 147 | long lval; |
| 147 | { | 148 | char *ep; |
| 148 | int len; | 149 | int len; |
| 149 | len = atoi(value); | 150 | |
| 151 | if (!strcmp(type, "dh_paramgen_prime_len")) { | ||
| 152 | errno = 0; | ||
| 153 | lval = strtol(value, &ep, 10); | ||
| 154 | if (value[0] == '\0' || *ep != '\0') | ||
| 155 | goto not_a_number; | ||
| 156 | if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) || | ||
| 157 | (lval > INT_MAX || lval < INT_MIN)) | ||
| 158 | goto out_of_range; | ||
| 159 | len = lval; | ||
| 150 | return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len); | 160 | return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len); |
| 151 | } | 161 | } |
| 152 | if (!strcmp(type, "dh_paramgen_generator")) | 162 | if (!strcmp(type, "dh_paramgen_generator")) { |
| 153 | { | 163 | errno = 0; |
| 154 | int len; | 164 | lval = strtol(value, &ep, 10); |
| 155 | len = atoi(value); | 165 | if (value[0] == '\0' || *ep != '\0') |
| 166 | goto not_a_number; | ||
| 167 | if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) || | ||
| 168 | (lval > INT_MAX || lval < INT_MIN)) | ||
| 169 | goto out_of_range; | ||
| 170 | len = lval; | ||
| 156 | return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len); | 171 | return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len); |
| 157 | } | ||
| 158 | return -2; | ||
| 159 | } | 172 | } |
| 160 | 173 | ||
| 174 | not_a_number: | ||
| 175 | out_of_range: | ||
| 176 | return -2; | ||
| 177 | } | ||
| 178 | |||
| 161 | static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | 179 | static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) |
| 162 | { | 180 | { |
| 163 | DH *dh = NULL; | 181 | DH *dh = NULL; |