diff options
author | schwarze <> | 2020-06-04 21:21:03 +0000 |
---|---|---|
committer | schwarze <> | 2020-06-04 21:21:03 +0000 |
commit | d0cf9aeca512581235a63d9ed8e8a3c69039b9df (patch) | |
tree | 2920ef908eabfe843f01bfd04a3aaf4eff0a1cec /src/regress/lib/libcrypto/x509/x509attribute.c | |
parent | 53beb8fe96aa9ab3ce5c57b525e3a1fbb817382e (diff) | |
download | openbsd-d0cf9aeca512581235a63d9ed8e8a3c69039b9df.tar.gz openbsd-d0cf9aeca512581235a63d9ed8e8a3c69039b9df.tar.bz2 openbsd-d0cf9aeca512581235a63d9ed8e8a3c69039b9df.zip |
When X509_ATTRIBUTE_create() receives an invalid NID (e.g., -1), return
failure rather than silently constructing a broken X509_ATTRIBUTE object
that might cause NULL pointer accesses later on. This matters because
X509_ATTRIBUTE_create() is used by documented API functions like
PKCS7_add_attribute(3) and the NID comes straight from the user.
This fixes a bug found while working on documentation.
OK tb@ and "thanks" bluhm@
Diffstat (limited to 'src/regress/lib/libcrypto/x509/x509attribute.c')
-rw-r--r-- | src/regress/lib/libcrypto/x509/x509attribute.c | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/src/regress/lib/libcrypto/x509/x509attribute.c b/src/regress/lib/libcrypto/x509/x509attribute.c new file mode 100644 index 0000000000..3dd6d2912c --- /dev/null +++ b/src/regress/lib/libcrypto/x509/x509attribute.c | |||
@@ -0,0 +1,107 @@ | |||
1 | /* $OpenBSD: x509attribute.c,v 1.1 2020/06/04 21:21:03 schwarze Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org> | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | */ | ||
17 | |||
18 | #include <errno.h> | ||
19 | #include <stdio.h> | ||
20 | #include <string.h> | ||
21 | |||
22 | #include <openssl/err.h> | ||
23 | #include <openssl/x509.h> | ||
24 | |||
25 | void fail_head(const char *); | ||
26 | void fail_tail(void); | ||
27 | void fail_str(const char *, const char *); | ||
28 | void fail_int(const char *, int); | ||
29 | |||
30 | static const char *testname; | ||
31 | static int errcount; | ||
32 | |||
33 | void | ||
34 | fail_head(const char *stepname) | ||
35 | { | ||
36 | fprintf(stderr, "failure#%d testname=%s stepname=%s ", | ||
37 | ++errcount, testname, stepname); | ||
38 | } | ||
39 | |||
40 | void | ||
41 | fail_tail(void) | ||
42 | { | ||
43 | unsigned long errnum; | ||
44 | |||
45 | if ((errnum = ERR_get_error())) | ||
46 | fprintf(stderr, "OpenSSL says: %s\n", | ||
47 | ERR_error_string(errnum, NULL)); | ||
48 | if (errno) | ||
49 | fprintf(stderr, "libc says: %s\n", strerror(errno)); | ||
50 | } | ||
51 | |||
52 | void | ||
53 | fail_str(const char *stepname, const char *result) | ||
54 | { | ||
55 | fail_head(stepname); | ||
56 | fprintf(stderr, "wrong result=%s\n", result); | ||
57 | fail_tail(); | ||
58 | } | ||
59 | |||
60 | void | ||
61 | fail_int(const char *stepname, int result) | ||
62 | { | ||
63 | fail_head(stepname); | ||
64 | fprintf(stderr, "wrong result=%d\n", result); | ||
65 | fail_tail(); | ||
66 | } | ||
67 | |||
68 | int | ||
69 | main(void) | ||
70 | { | ||
71 | X509_ATTRIBUTE *attrib; | ||
72 | ASN1_TYPE *any; | ||
73 | ASN1_OBJECT *coid; | ||
74 | int num; | ||
75 | |||
76 | testname = "preparation"; | ||
77 | if ((coid = OBJ_nid2obj(NID_pkcs7_data)) == NULL) { | ||
78 | fail_str("OBJ_nid2obj", "NULL"); | ||
79 | return 1; | ||
80 | } | ||
81 | |||
82 | testname = "valid_args"; | ||
83 | if ((attrib = X509_ATTRIBUTE_create(NID_pkcs9_contentType, | ||
84 | V_ASN1_OBJECT, coid)) == NULL) | ||
85 | fail_str("X509_ATTRIBUTE_create", "NULL"); | ||
86 | else if (attrib->object == NULL) | ||
87 | fail_str("attrib->object", "NULL"); | ||
88 | else if (attrib->single) | ||
89 | fail_int("attrib->single", attrib->single); | ||
90 | else if ((num = sk_ASN1_TYPE_num(attrib->value.set)) != 1) | ||
91 | fail_int("num", num); | ||
92 | else if ((any = sk_ASN1_TYPE_value(attrib->value.set, 0)) == NULL) | ||
93 | fail_str("any", "NULL"); | ||
94 | else if (any->type != V_ASN1_OBJECT) | ||
95 | fail_int("any->type", any->type); | ||
96 | else if (any->value.object != coid) | ||
97 | fail_str("value", "wrong pointer"); | ||
98 | X509_ATTRIBUTE_free(attrib); | ||
99 | |||
100 | testname = "bad_nid"; | ||
101 | if ((attrib = X509_ATTRIBUTE_create(-1, | ||
102 | V_ASN1_OBJECT, coid)) != NULL) | ||
103 | fail_str("X509_ATTRIBUTE_create", "not NULL"); | ||
104 | X509_ATTRIBUTE_free(attrib); | ||
105 | |||
106 | return errcount != 0; | ||
107 | } | ||