From e40ada04f45927eccf166adb067ee0ec795cefd4 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 21 Jun 2017 15:55:56 +0100 Subject: Remove OPENSSL_assert() from crypto/pem Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/3740) --- crypto/pem/pem_info.c | 13 ++++++++----- crypto/pem/pem_lib.c | 13 ++++++++----- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index dd493c8509..017dd0fe58 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -256,7 +256,13 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, if (enc != NULL) { objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); - if (objstr == NULL) { + if (objstr == NULL + /* + * Check "Proc-Type: 4,Encrypted\nDEK-Info: objstr,hex-iv\n" + * fits into buf + */ + || (strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13) + > sizeof(buf)) { PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER); goto err; } @@ -291,10 +297,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, goto err; } - /* create the right magic header stuff */ - OPENSSL_assert(strlen(objstr) + 23 - + 2 * EVP_CIPHER_iv_length(enc) + 13 <= - sizeof buf); + /* Create the right magic header stuff */ buf[0] = '\0'; PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 76e0698558..309545b04d 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -324,7 +324,14 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, if (enc != NULL) { objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); - if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) { + if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0 + || EVP_CIPHER_iv_length(enc) > (int)sizeof(iv) + /* + * Check "Proc-Type: 4,Encrypted\nDEK-Info: objstr,hex-iv\n" + * fits into buf + */ + || (strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13) + > sizeof(buf)) { PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER); goto err; } @@ -361,7 +368,6 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, #endif kstr = (unsigned char *)buf; } - OPENSSL_assert(EVP_CIPHER_iv_length(enc) <= (int)sizeof(iv)); if (RAND_bytes(iv, EVP_CIPHER_iv_length(enc)) <= 0) /* Generate a salt */ goto err; /* @@ -374,9 +380,6 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf, PEM_BUFSIZE); - OPENSSL_assert(strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13 - <= sizeof buf); - buf[0] = '\0'; PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), (char *)iv); -- cgit v1.2.3