RT4227: Range-check in apps.

Implement range-checking in all counts in apps. Turns out only a couple of cases were missing. And make the range-checking code more strict. Replace almost all opt_ulong() calls with opt_long() Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
author: Rich Salz <rsalz@akamai.com> 2016-01-11 20:40:38 -0500
committer: Rich Salz <rsalz@openssl.org> 2016-01-12 01:00:31 -0500
commit: bd4850df648bee9d8e0595b7e1147266e6f55a3e (patch)
tree: 4a62e47c26c25cd7b55418cf7fb3b9c7ba9fc45f /apps/enc.c
parent: 2bec39eb86986349d2538fffc821f2e1106cee14 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/apps/enc.c b/apps/enc.c
index 58d2550d21..17cc8e8742 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -58,6 +58,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 #include "apps.h"
 #include <openssl/bio.h>
 #include <openssl/err.h>
@@ -142,7 +143,7 @@ int enc_main(int argc, char **argv)
     int ret = 1, inl, nopad = 0;
     unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
     unsigned char *buff = NULL, salt[PKCS5_SALT_LEN];
-    unsigned long n;
+    long n;
 #ifdef ZLIB
     int do_zlib = 0;
     BIO *bzl = NULL;
@@ -236,7 +237,8 @@ int enc_main(int argc, char **argv)
             k = i >= 1 && p[i] == 'k';
             if (k)
                 p[i] = '\0';
-            if (!opt_ulong(opt_arg(), &n))
+            if (!opt_long(opt_arg(), &n)
+                    || n < 0 || (k && n >= LONG_MAX / 1024))
                 goto opthelp;
             if (k)
                 n *= 1024;
author	Rich Salz <rsalz@akamai.com>	2016-01-11 20:40:38 -0500
committer	Rich Salz <rsalz@openssl.org>	2016-01-12 01:00:31 -0500
commit	bd4850df648bee9d8e0595b7e1147266e6f55a3e (patch)
tree	4a62e47c26c25cd7b55418cf7fb3b9c7ba9fc45f /apps/enc.c
parent	2bec39eb86986349d2538fffc821f2e1106cee14 (diff)