diff options
| author | miod <> | 2014-07-23 20:43:56 +0000 |
|---|---|---|
| committer | miod <> | 2014-07-23 20:43:56 +0000 |
| commit | 16a537cdd77cec5128855400be9397107cbed865 (patch) | |
| tree | c3e44e912c220f3f352745434444c6e9a00725d0 /src | |
| parent | 9074b79d6e18e3a9e5873241dfd82982ce5a3ac1 (diff) | |
| download | openbsd-16a537cdd77cec5128855400be9397107cbed865.tar.gz openbsd-16a537cdd77cec5128855400be9397107cbed865.tar.bz2 openbsd-16a537cdd77cec5128855400be9397107cbed865.zip | |
Make sure PEM_def_callback() correctly handles negative buffer sizes; all uses
within libcrypto are safe, but until we can change this function prototype to
use size_t instead of int, better be safe than sorry.
tweaks and ok guenther@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/pem/pem_lib.c | 27 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/pem/pem_lib.c | 27 |
2 files changed, 34 insertions, 20 deletions
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index 8e5c82c245..26b1876f36 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pem_lib.c,v 1.33 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: pem_lib.c,v 1.34 2014/07/23 20:43:56 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -85,17 +85,22 @@ static int load_iv(char **fromp, unsigned char *to, int num); | |||
| 85 | static int check_pem(const char *nm, const char *name); | 85 | static int check_pem(const char *nm, const char *name); |
| 86 | int pem_check_suffix(const char *pem_str, const char *suffix); | 86 | int pem_check_suffix(const char *pem_str, const char *suffix); |
| 87 | 87 | ||
| 88 | /* XXX LSSL ABI XXX return value and `num' ought to be size_t */ | ||
| 88 | int | 89 | int |
| 89 | PEM_def_callback(char *buf, int num, int w, void *key) | 90 | PEM_def_callback(char *buf, int num, int w, void *key) |
| 90 | { | 91 | { |
| 91 | int i, j; | 92 | size_t l; |
| 93 | int i; | ||
| 92 | const char *prompt; | 94 | const char *prompt; |
| 93 | 95 | ||
| 94 | if (key) { | 96 | if (key) { |
| 95 | i = strlen(key); | 97 | l = strlen(key); |
| 96 | i = (i > num) ? num : i; | 98 | if (num < 0) |
| 97 | memcpy(buf, key, i); | 99 | return -1; |
| 98 | return (i); | 100 | if (l > (size_t)num) |
| 101 | l = (size_t)num; | ||
| 102 | memcpy(buf, key, l); | ||
| 103 | return (int)l; | ||
| 99 | } | 104 | } |
| 100 | 105 | ||
| 101 | prompt = EVP_get_pw_prompt(); | 106 | prompt = EVP_get_pw_prompt(); |
| @@ -110,13 +115,15 @@ PEM_def_callback(char *buf, int num, int w, void *key) | |||
| 110 | memset(buf, 0, num); | 115 | memset(buf, 0, num); |
| 111 | return (-1); | 116 | return (-1); |
| 112 | } | 117 | } |
| 113 | j = strlen(buf); | 118 | l = strlen(buf); |
| 114 | if (j < MIN_LENGTH) { | 119 | if (l < MIN_LENGTH) { |
| 115 | fprintf(stderr, "phrase is too short, needs to be at least %d chars\n", MIN_LENGTH); | 120 | fprintf(stderr, "phrase is too short, " |
| 121 | "needs to be at least %zu chars\n", | ||
| 122 | (size_t)MIN_LENGTH); | ||
| 116 | } else | 123 | } else |
| 117 | break; | 124 | break; |
| 118 | } | 125 | } |
| 119 | return (j); | 126 | return (int)l; |
| 120 | } | 127 | } |
| 121 | 128 | ||
| 122 | void | 129 | void |
diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c index 8e5c82c245..26b1876f36 100644 --- a/src/lib/libssl/src/crypto/pem/pem_lib.c +++ b/src/lib/libssl/src/crypto/pem/pem_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pem_lib.c,v 1.33 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: pem_lib.c,v 1.34 2014/07/23 20:43:56 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -85,17 +85,22 @@ static int load_iv(char **fromp, unsigned char *to, int num); | |||
| 85 | static int check_pem(const char *nm, const char *name); | 85 | static int check_pem(const char *nm, const char *name); |
| 86 | int pem_check_suffix(const char *pem_str, const char *suffix); | 86 | int pem_check_suffix(const char *pem_str, const char *suffix); |
| 87 | 87 | ||
| 88 | /* XXX LSSL ABI XXX return value and `num' ought to be size_t */ | ||
| 88 | int | 89 | int |
| 89 | PEM_def_callback(char *buf, int num, int w, void *key) | 90 | PEM_def_callback(char *buf, int num, int w, void *key) |
| 90 | { | 91 | { |
| 91 | int i, j; | 92 | size_t l; |
| 93 | int i; | ||
| 92 | const char *prompt; | 94 | const char *prompt; |
| 93 | 95 | ||
| 94 | if (key) { | 96 | if (key) { |
| 95 | i = strlen(key); | 97 | l = strlen(key); |
| 96 | i = (i > num) ? num : i; | 98 | if (num < 0) |
| 97 | memcpy(buf, key, i); | 99 | return -1; |
| 98 | return (i); | 100 | if (l > (size_t)num) |
| 101 | l = (size_t)num; | ||
| 102 | memcpy(buf, key, l); | ||
| 103 | return (int)l; | ||
| 99 | } | 104 | } |
| 100 | 105 | ||
| 101 | prompt = EVP_get_pw_prompt(); | 106 | prompt = EVP_get_pw_prompt(); |
| @@ -110,13 +115,15 @@ PEM_def_callback(char *buf, int num, int w, void *key) | |||
| 110 | memset(buf, 0, num); | 115 | memset(buf, 0, num); |
| 111 | return (-1); | 116 | return (-1); |
| 112 | } | 117 | } |
| 113 | j = strlen(buf); | 118 | l = strlen(buf); |
| 114 | if (j < MIN_LENGTH) { | 119 | if (l < MIN_LENGTH) { |
| 115 | fprintf(stderr, "phrase is too short, needs to be at least %d chars\n", MIN_LENGTH); | 120 | fprintf(stderr, "phrase is too short, " |
| 121 | "needs to be at least %zu chars\n", | ||
| 122 | (size_t)MIN_LENGTH); | ||
| 116 | } else | 123 | } else |
| 117 | break; | 124 | break; |
| 118 | } | 125 | } |
| 119 | return (j); | 126 | return (int)l; |
| 120 | } | 127 | } |
| 121 | 128 | ||
| 122 | void | 129 | void |