From ffcdb24b13590190e92c7f88e2ad3e0a721408f2 Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Wed, 19 Aug 2020 13:40:22 +1000
Subject: pkeyutil: check return value reading password

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12678)
---
 apps/pkeyutl.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'apps')

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 4de2a56590..9bfef87311 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -331,9 +331,18 @@ int pkeyutl_main(int argc, char **argv)
             if (passin == NULL) {
                 /* Get password interactively */
                 char passwd_buf[4096];
+                int r;
+
                 BIO_snprintf(passwd_buf, sizeof(passwd_buf), "Enter %s: ", opt);
-                EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1,
-                                   passwd_buf, 0);
+                r = EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1,
+                                       passwd_buf, 0);
+                if (r < 0) {
+                    if (r == -2)
+                        BIO_puts(bio_err, "user abort\n");
+                    else
+                        BIO_puts(bio_err, "entry failed\n");
+                    goto end;
+                }
                 passwd = OPENSSL_strdup(passwd_buf);
                 if (passwd == NULL) {
                     BIO_puts(bio_err, "out of memory\n");
-- 
cgit v1.2.3