diff options
author | Matt Caswell <matt@openssl.org> | 2016-10-21 15:21:55 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-10-28 09:48:54 +0100 |
commit | fbba62f6c9671b151df648f06afdf6af14518ab4 (patch) | |
tree | 306ae4259835d52da837c326788f6f2720ec950e /crypto/bio/bio_lib.c | |
parent | 42c6046064d2ee45d59baec53bedde4ea434294f (diff) |
Add some sanity checks for BIO_read* and BIO_gets
Make sure the return value isn't bigger than the buffer len
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/bio/bio_lib.c')
-rw-r--r-- | crypto/bio/bio_lib.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index 1a9b9137ba..b8673adce0 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -278,6 +278,10 @@ static int bio_read_intern(BIO *b, void *data, size_t datal, size_t *read) ret = (int)bio_call_callback(b, BIO_CB_READ | BIO_CB_RETURN, data, datal, 0, 0L, ret, read); + /* Shouldn't happen */ + if (ret > 0 && *read > datal) + return -1; + return ret; } @@ -433,6 +437,11 @@ int BIO_gets(BIO *b, char *out, int outl) return (-2); } + if (outl < 0) { + BIOerr(BIO_F_BIO_GETS, BIO_R_INVALID_ARGUMENT); + return 0; + } + if (b->callback != NULL || b->callback_ex != NULL) { ret = (int)bio_call_callback(b, BIO_CB_GETS, out, outl, 0, 0L, 1, NULL); if (ret <= 0) @@ -456,7 +465,8 @@ int BIO_gets(BIO *b, char *out, int outl) 0, 0L, ret, &read); if (ret > 0) { - if (read > INT_MAX) + /* Shouldn't happen */ + if (read > (size_t)outl) ret = -1; else ret = (int)read; |