diff options
| author | Ben Laurie <ben@openssl.org> | 2002-11-13 15:43:43 +0000 |
|---|---|---|
| committer | Ben Laurie <ben@openssl.org> | 2002-11-13 15:43:43 +0000 |
| commit | 54a656ef081f72a740c550ebd8099b40b8b5cde0 (patch) | |
| tree | 9b3638b56848c7f0648b84cfa7ad056116b37a1b /crypto | |
| parent | 8f797f14b8ff7d3d5cb04443284259a0c94860b3 (diff) | |
Security fixes brought forward from 0.9.7.
Diffstat (limited to 'crypto')
68 files changed, 388 insertions, 247 deletions
diff --git a/crypto/aes/aes_cbc.c b/crypto/aes/aes_cbc.c index 8974dc35a5..c5f1a13c24 100644 --- a/crypto/aes/aes_cbc.c +++ b/crypto/aes/aes_cbc.c @@ -65,20 +65,20 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, int n; unsigned long len = length; - unsigned char tmp[16]; + unsigned char tmp[AES_BLOCK_SIZE]; assert(in && out && key && ivec); assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc)); if (AES_ENCRYPT == enc) { while (len >= AES_BLOCK_SIZE) { - for(n=0; n < 16; ++n) + for(n=0; n < AES_BLOCK_SIZE; ++n) tmp[n] = in[n] ^ ivec[n]; AES_encrypt(tmp, out, key); - memcpy(ivec, out, 16); - len -= 16; - in += 16; - out += 16; + memcpy(ivec, out, AES_BLOCK_SIZE); + len -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; } if (len) { for(n=0; n < len; ++n) @@ -87,25 +87,25 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, tmp[n] = ivec[n]; AES_encrypt(tmp, tmp, key); memcpy(out, tmp, len); - memcpy(ivec, tmp, 16); + memcpy(ivec, tmp, AES_BLOCK_SIZE); } } else { while (len >= AES_BLOCK_SIZE) { - memcpy(tmp, in, 16); + memcpy(tmp, in, AES_BLOCK_SIZE); AES_decrypt(in, out, key); - for(n=0; n < 16; ++n) + for(n=0; n < AES_BLOCK_SIZE; ++n) out[n] ^= ivec[n]; - memcpy(ivec, tmp, 16); - len -= 16; - in += 16; - out += 16; + memcpy(ivec, tmp, AES_BLOCK_SIZE); + len -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; } if (len) { - memcpy(tmp, in, 16); + memcpy(tmp, in, AES_BLOCK_SIZE); AES_decrypt(tmp, tmp, key); for(n=0; n < len; ++n) out[n] ^= ivec[n]; - memcpy(ivec, tmp, 16); + memcpy(ivec, tmp, AES_BLOCK_SIZE); } } } diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index 2f1e64dfe8..5edfa17a04 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -288,14 +288,15 @@ a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h a_sign.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_sign.c -a_strex.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -a_strex.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -a_strex.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_strex.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -a_strex.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -a_strex.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -a_strex.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -a_strex.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +a_strex.o: ../../e_os.h ../../include/openssl/aes.h +a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h +a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h +a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h a_strex.o: ../../include/openssl/evp.h ../../include/openssl/idea.h a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h a_strex.o: ../../include/openssl/md4.h ../../include/openssl/md5.h @@ -309,7 +310,7 @@ a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_strex.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_strex.o: a_strex.c charmap.h +a_strex.o: ../cryptlib.h a_strex.c charmap.h a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -383,6 +384,30 @@ asn1_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c +asn1_gen.o: ../../e_os.h ../../include/openssl/aes.h +asn1_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +asn1_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +asn1_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +asn1_gen.o: ../../include/openssl/des.h ../../include/openssl/des_old.h +asn1_gen.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h +asn1_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +asn1_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +asn1_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +asn1_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +asn1_gen.o: ../../include/openssl/opensslconf.h +asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +asn1_gen.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +asn1_gen.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +asn1_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +asn1_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +asn1_gen.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +asn1_gen.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +asn1_gen.o: ../../include/openssl/x509v3.h ../cryptlib.h asn1_gen.c asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index e0265f69d2..f4ea96cd54 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -191,7 +191,9 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) if (a->data == NULL) c=(unsigned char *)OPENSSL_malloc(w+1); else - c=(unsigned char *)OPENSSL_realloc(a->data,w+1); + c=(unsigned char *)OPENSSL_realloc_clean(a->data, + a->length, + w+1); if (c == NULL) return(0); if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); a->data=c; diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c index bb88660f58..afd27b80e1 100644 --- a/crypto/asn1/a_bytes.c +++ b/crypto/asn1/a_bytes.c @@ -285,7 +285,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) goto err; } - if (!BUF_MEM_grow(&b,num+os->length)) + if (!BUF_MEM_grow_clean(&b,num+os->length)) { c->error=ERR_R_BUF_LIB; goto err; diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c index a80fbe9ff7..71b4a28611 100644 --- a/crypto/asn1/a_d2i_fp.c +++ b/crypto/asn1/a_d2i_fp.c @@ -166,7 +166,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) { want-=(len-off); - if (!BUF_MEM_grow(b,len+want)) + if (!BUF_MEM_grow_clean(b,len+want)) { ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); goto err; @@ -221,7 +221,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) if (want > (len-off)) { want-=(len-off); - if (!BUF_MEM_grow(b,len+want)) + if (!BUF_MEM_grow_clean(b,len+want)) { ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); goto err; diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 71ce7c3896..0a8e6c287c 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -183,8 +183,8 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) if ((a == NULL) || (a->data == NULL)) return(BIO_write(bp,"NULL",4)); - i=i2t_ASN1_OBJECT(buf,80,a); - if (i > 80) i=80; + i=i2t_ASN1_OBJECT(buf,sizeof buf,a); + if (i > sizeof buf) i=sizeof buf; BIO_write(bp,buf,i); return(i); } diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c index 7ddb7662f1..1def6c6549 100644 --- a/crypto/asn1/a_strex.c +++ b/crypto/asn1/a_strex.c @@ -63,6 +63,7 @@ #include <openssl/asn1.h> #include "charmap.h" +#include "cryptlib.h" /* ASN1_STRING_print_ex() and X509_NAME_print_ex(). * Enhanced string and name printing routines handling @@ -114,14 +115,17 @@ typedef int char_io(void *arg, const void *buf, int len); static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg) { unsigned char chflgs, chtmp; - char tmphex[11]; + char tmphex[HEX_SIZE(long)+3]; + + if(c > 0xffffffffL) + return -1; if(c > 0xffff) { - BIO_snprintf(tmphex, 11, "\\W%08lX", c); + BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c); if(!io_ch(arg, tmphex, 10)) return -1; return 10; } if(c > 0xff) { - BIO_snprintf(tmphex, 11, "\\U%04lX", c); + BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c); if(!io_ch(arg, tmphex, 6)) return -1; return 6; } @@ -195,7 +199,7 @@ static int do_buf(unsigned char *buf, int buflen, if(type & BUF_TYPE_CONVUTF8) { unsigned char utfbuf[6]; int utflen; - utflen = UTF8_putc(utfbuf, 6, c); + utflen = UTF8_putc(utfbuf, sizeof utfbuf, c); for(i = 0; i < utflen; i++) { /* We don't need to worry about setting orflags correctly * because if utflen==1 its value will be correct anyway @@ -461,7 +465,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, if(fn_opt != XN_FLAG_FN_NONE) { int objlen, fld_len; if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) { - OBJ_obj2txt(objtmp, 80, fn, 1); + OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1); fld_len = 0; /* XXX: what should this be? */ objbuf = objtmp; } else { diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c index 10c8946769..d64edbd797 100644 --- a/crypto/asn1/asn1_par.c +++ b/crypto/asn1/asn1_par.c @@ -79,12 +79,7 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, else p="prim: "; if (BIO_write(bp,p,6) < 6) goto err; - if (indent) - { - if (indent > 128) indent=128; - memset(str,' ',indent); - if (BIO_write(bp,str,indent) < indent) goto err; - } + BIO_indent(bp,indent,128); p=str; if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c index 48cc3bfb90..9494e597ab 100644 --- a/crypto/asn1/f_int.c +++ b/crypto/asn1/f_int.c @@ -169,8 +169,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) sp=(unsigned char *)OPENSSL_malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)OPENSSL_realloc(s, - (unsigned int)num+i*2); + sp=OPENSSL_realloc_clean(s,slen,num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); diff --git a/crypto/asn1/t_crl.c b/crypto/asn1/t_crl.c index 60db305756..757c148df8 100644 --- a/crypto/asn1/t_crl.c +++ b/crypto/asn1/t_crl.c @@ -84,11 +84,11 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x) int X509_CRL_print(BIO *out, X509_CRL *x) { - char buf[256]; STACK_OF(X509_REVOKED) *rev; X509_REVOKED *r; long l; int i, n; + char *p; BIO_printf(out, "Certificate Revocation List (CRL):\n"); l = X509_CRL_get_version(x); @@ -96,8 +96,9 @@ int X509_CRL_print(BIO *out, X509_CRL *x) i = OBJ_obj2nid(x->sig_alg->algorithm); BIO_printf(out, "%8sSignature Algorithm: %s\n", "", (i == NID_undef) ? "NONE" : OBJ_nid2ln(i)); - X509_NAME_oneline(X509_CRL_get_issuer(x),buf,256); - BIO_printf(out,"%8sIssuer: %s\n","",buf); + p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0); + BIO_printf(out,"%8sIssuer: %s\n","",p); + OPENSSL_free(p); BIO_printf(out,"%8sLast Update: ",""); ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x)); BIO_printf(out,"\n%8sNext Update: ",""); diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index e3e0739bbd..bd89c1dc11 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -141,14 +141,10 @@ int RSA_print(BIO *bp, const RSA *x, int off) goto err; } - if (off) - { - if (off > 128) off=128; - memset(str,' ',off); - } if (x->d != NULL) { - if (off && (BIO_write(bp,str,off) <= 0)) goto err; + if(!BIO_indent(bp,off,128)) + goto err; if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) <= 0) goto err; } @@ -194,7 +190,6 @@ int DSA_print_fp(FILE *fp, const DSA *x, int off) int DSA_print(BIO *bp, const DSA *x, int off) { - char str[128]; unsigned char *m=NULL; int ret=0; size_t buf_len=0,i; @@ -221,14 +216,10 @@ int DSA_print(BIO *bp, const DSA *x, int off) goto err; } - if (off) - { - if (off > 128) off=128; - memset(str,' ',off); - } if (x->priv_key != NULL) { - if (off && (BIO_write(bp,str,off) <= 0)) goto err; + if(!BIO_indent(bp,off,128)) + goto err; if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) <= 0) goto err; } @@ -612,9 +603,9 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, { if ((i%15) == 0) { - str[0]='\n'; - memset(&(str[1]),' ',off+4); - if (BIO_write(bp,str,off+1+4) <= 0) return(0); + if(BIO_puts(bp,"\n") <= 0 + || !BIO_indent(bp,off+4,128)) + return 0; } if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":") <= 0) return(0); diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c index 7ebb39b216..b70bda71db 100644 --- a/crypto/asn1/t_req.c +++ b/crypto/asn1/t_req.c @@ -91,7 +91,6 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long EVP_PKEY *pkey; STACK_OF(X509_ATTRIBUTE) *sk; STACK_OF(X509_EXTENSION) *exts; - char str[128]; char mlch = ' '; int nmindent = 0; @@ -116,8 +115,9 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long l=0; for (i=0; i<ri->version->length; i++) { l<<=8; l+=ri->version->data[i]; } - sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l); - if (BIO_puts(bp,str) <= 0) goto err; + if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg, + l) <= 0) + goto err; } if(!(cflag & X509_FLAG_NO_SUBJECT)) { @@ -176,14 +176,14 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) { /* may not be */ - sprintf(str,"%8sAttributes:\n",""); - if (BIO_puts(bp,str) <= 0) goto err; + if(BIO_printf(bp,"%8sAttributes:\n","") <= 0) + goto err; sk=x->req_info->attributes; if (sk_X509_ATTRIBUTE_num(sk) == 0) { - sprintf(str,"%12sa0:00\n",""); - if (BIO_puts(bp,str) <= 0) goto err; + if(BIO_printf(bp,"%12sa0:00\n","") <= 0) + goto err; } else { @@ -198,8 +198,8 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long a=sk_X509_ATTRIBUTE_value(sk,i); if(X509_REQ_extension_nid(OBJ_obj2nid(a->object))) continue; - sprintf(str,"%12s",""); - if (BIO_puts(bp,str) <= 0) goto err; + if(BIO_printf(bp,"%12s","") <= 0) + goto err; if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) { if (a->single) diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 5074a74928..7bf2866150 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -444,15 +444,17 @@ err: int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) { - char *s,*c; + char *s,*c,*b; int ret=0,l,ll,i,first=1; - char buf[256]; ll=80-2-obase; - s=X509_NAME_oneline(name,buf,256); + b=s=X509_NAME_oneline(name,NULL,0); if (!*s) + { + free(b); return 1; + } s++; /* skip the first slash */ l=ll; @@ -508,6 +510,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) err: X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); } + free(b); |