diff options
| author | tb <> | 2024-01-05 10:14:08 +0000 |
|---|---|---|
| committer | tb <> | 2024-01-05 10:14:08 +0000 |
| commit | 4e9c1dd37b2c84e683b606d19f2625d47f57e083 (patch) | |
| tree | 8435e6f3e2e7f2e7a3b88deca6164255f8bdd282 /src | |
| parent | 502f566fc93b8d6fe73e06627ab3d122dc4e004f (diff) | |
| download | openbsd-4e9c1dd37b2c84e683b606d19f2625d47f57e083.tar.gz openbsd-4e9c1dd37b2c84e683b606d19f2625d47f57e083.tar.bz2 openbsd-4e9c1dd37b2c84e683b606d19f2625d47f57e083.zip | |
Plug a leak in EVP_read_pw_string_min()
Use an error exit that frees the ui in case the UI_add_* fail. Also add
a few empty lines for readability.
ok joshua
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/evp/evp_key.c | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c index 2f6e7e70cc..16c002fe67 100644 --- a/src/lib/libcrypto/evp/evp_key.c +++ b/src/lib/libcrypto/evp/evp_key.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: evp_key.c,v 1.30 2023/07/07 19:37:53 beck Exp $ */ | 1 | /* $OpenBSD: evp_key.c,v 1.31 2024/01/05 10:14:08 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -99,30 +99,35 @@ int | |||
| 99 | EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, | 99 | EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, |
| 100 | int verify) | 100 | int verify) |
| 101 | { | 101 | { |
| 102 | int ret; | 102 | UI *ui = NULL; |
| 103 | char buff[BUFSIZ]; | 103 | char buff[BUFSIZ]; |
| 104 | UI *ui; | 104 | int ret = -1; |
| 105 | 105 | ||
| 106 | if (len > BUFSIZ) | 106 | if (len > BUFSIZ) |
| 107 | len = BUFSIZ; | 107 | len = BUFSIZ; |
| 108 | /* Ensure that 0 <= min <= len - 1. In particular, 1 <= len. */ | 108 | /* Ensure that 0 <= min <= len - 1. In particular, 1 <= len. */ |
| 109 | if (min < 0 || len - 1 < min) | 109 | if (min < 0 || len - 1 < min) |
| 110 | return -1; | 110 | goto err; |
| 111 | |||
| 111 | if ((prompt == NULL) && (prompt_string[0] != '\0')) | 112 | if ((prompt == NULL) && (prompt_string[0] != '\0')) |
| 112 | prompt = prompt_string; | 113 | prompt = prompt_string; |
| 113 | ui = UI_new(); | 114 | |
| 114 | if (ui == NULL) | 115 | if ((ui = UI_new()) == NULL) |
| 115 | return -1; | 116 | goto err; |
| 116 | if (UI_add_input_string(ui, prompt, 0, buf, min, len - 1) < 0) | 117 | if (UI_add_input_string(ui, prompt, 0, buf, min, len - 1) < 0) |
| 117 | return -1; | 118 | goto err; |
| 118 | if (verify) { | 119 | if (verify) { |
| 119 | if (UI_add_verify_string(ui, prompt, 0, buff, min, len - 1, buf) | 120 | if (UI_add_verify_string(ui, prompt, 0, buff, min, len - 1, buf) |
| 120 | < 0) | 121 | < 0) |
| 121 | return -1; | 122 | goto err; |
| 122 | } | 123 | } |
| 124 | |||
| 123 | ret = UI_process(ui); | 125 | ret = UI_process(ui); |
| 126 | |||
| 127 | err: | ||
| 124 | UI_free(ui); | 128 | UI_free(ui); |
| 125 | explicit_bzero(buff, BUFSIZ); | 129 | explicit_bzero(buff, BUFSIZ); |
| 130 | |||
| 126 | return ret; | 131 | return ret; |
| 127 | } | 132 | } |
| 128 | 133 | ||