More checking of allocation return values where not already done.
Revamp hash initialisation to return a success/failure error code. Document places where we prefer to continue with a NULL buffer, rather than silently continue with possibly erroneous results.
This commit is contained in:
parent
a8429a111e
commit
7affbacab9
|
@ -57,7 +57,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: create.c,v 1.20 2009/10/06 02:26:05 agc Exp $");
|
||||
__RCSID("$NetBSD: create.c,v 1.21 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -371,7 +371,10 @@ write_seckey_body(const __ops_seckey_t *key,
|
|||
size = MIN(needed, OPS_SHA1_HASH_SIZE);
|
||||
|
||||
__ops_hash_any(&hash, key->hash_alg);
|
||||
hash.init(&hash);
|
||||
if (!hash.init(&hash)) {
|
||||
(void) fprintf(stderr, "write_seckey_body: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* preload if iterating */
|
||||
for (j = 0; j < i; j++) {
|
||||
|
|
|
@ -61,7 +61,7 @@
|
|||
|
||||
#define OPS_MIN_HASH_SIZE 16
|
||||
|
||||
typedef void __ops_hash_init_t(__ops_hash_t *);
|
||||
typedef int __ops_hash_init_t(__ops_hash_t *);
|
||||
typedef void __ops_hash_add_t(__ops_hash_t *, const unsigned char *, unsigned);
|
||||
typedef unsigned __ops_hash_finish_t(__ops_hash_t *, unsigned char *);
|
||||
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: misc.c,v 1.21 2009/10/06 02:39:53 agc Exp $");
|
||||
__RCSID("$NetBSD: misc.c,v 1.22 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -439,7 +439,11 @@ __ops_fingerprint(__ops_fingerprint_t *fp, const __ops_pubkey_t *key)
|
|||
}
|
||||
|
||||
__ops_hash_md5(&md5);
|
||||
md5.init(&md5);
|
||||
if (!md5.init(&md5)) {
|
||||
(void) fprintf(stderr,
|
||||
"__ops_fingerprint: bad md5 alloc\n");
|
||||
return;
|
||||
}
|
||||
|
||||
n = (size_t) BN_num_bytes(key->key.rsa.n);
|
||||
if ((bn = calloc(1, n)) == NULL) {
|
||||
|
@ -474,7 +478,11 @@ __ops_fingerprint(__ops_fingerprint_t *fp, const __ops_pubkey_t *key)
|
|||
fprintf(stderr, "-> creating key fingerprint\n");
|
||||
}
|
||||
__ops_hash_sha1(&sha1);
|
||||
sha1.init(&sha1);
|
||||
if (!sha1.init(&sha1)) {
|
||||
(void) fprintf(stderr,
|
||||
"__ops_fingerprint: bad sha1 alloc\n");
|
||||
return;
|
||||
}
|
||||
|
||||
len = __ops_mem_len(mem);
|
||||
|
||||
|
@ -669,7 +677,11 @@ __ops_hash(unsigned char *out, __ops_hash_alg_t alg, const void *in,
|
|||
__ops_hash_t hash;
|
||||
|
||||
__ops_hash_any(&hash, alg);
|
||||
hash.init(&hash);
|
||||
if (!hash.init(&hash)) {
|
||||
(void) fprintf(stderr, "__ops_hash: bad alloc\n");
|
||||
/* we'll just continue here - don't want to return a 0 hash */
|
||||
/* XXX - agc - no way to return failure */
|
||||
}
|
||||
hash.add(&hash, in, length);
|
||||
return hash.finish(&hash, out);
|
||||
}
|
||||
|
@ -708,7 +720,11 @@ __ops_calc_mdc_hash(const unsigned char *preamble,
|
|||
}
|
||||
/* init */
|
||||
__ops_hash_any(&hash, OPS_HASH_SHA1);
|
||||
hash.init(&hash);
|
||||
if (!hash.init(&hash)) {
|
||||
(void) fprintf(stderr, "__ops_calc_mdc_hash: bad alloc\n");
|
||||
/* we'll just continue here - it will die anyway */
|
||||
/* agc - XXX - no way to return failure */
|
||||
}
|
||||
|
||||
/* preamble */
|
||||
hash.add(&hash, preamble, sz_preamble);
|
||||
|
@ -771,16 +787,25 @@ __ops_random(void *dest, size_t length)
|
|||
void
|
||||
__ops_memory_init(__ops_memory_t *mem, size_t needed)
|
||||
{
|
||||
unsigned char *temp;
|
||||
|
||||
mem->length = 0;
|
||||
if (mem->buf) {
|
||||
if (mem->allocated < needed) {
|
||||
mem->buf = realloc(mem->buf, needed);
|
||||
if ((temp = realloc(mem->buf, needed)) == NULL) {
|
||||
(void) fprintf(stderr, "__ops_memory_init: bad alloc\n");
|
||||
} else {
|
||||
mem->buf = temp;
|
||||
mem->allocated = needed;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if ((mem->buf = calloc(1, needed)) == NULL) {
|
||||
(void) fprintf(stderr, "__ops_memory_init: bad alloc\n");
|
||||
} else {
|
||||
mem->allocated = needed;
|
||||
}
|
||||
return;
|
||||
}
|
||||
mem->buf = calloc(1, needed);
|
||||
mem->allocated = needed;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -1100,9 +1125,13 @@ sum16_destroyer(__ops_reader_t *readinfo)
|
|||
void
|
||||
__ops_reader_push_sum16(__ops_stream_t *stream)
|
||||
{
|
||||
sum16_t *arg = calloc(1, sizeof(*arg));
|
||||
sum16_t *arg;
|
||||
|
||||
__ops_reader_push(stream, sum16_reader, sum16_destroyer, arg);
|
||||
if ((arg = calloc(1, sizeof(*arg))) == NULL) {
|
||||
(void) fprintf(stderr, "__ops_reader_push_sum16: bad alloc\n");
|
||||
} else {
|
||||
__ops_reader_push(stream, sum16_reader, sum16_destroyer, arg);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: openssl_crypto.c,v 1.16 2009/10/06 03:30:59 agc Exp $");
|
||||
__RCSID("$NetBSD: openssl_crypto.c,v 1.17 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_OPENSSL_DSA_H
|
||||
|
@ -102,14 +102,18 @@ test_seckey(const __ops_seckey_t *seckey)
|
|||
RSA_free(test);
|
||||
}
|
||||
|
||||
static void
|
||||
static int
|
||||
md5_init(__ops_hash_t *hash)
|
||||
{
|
||||
if (hash->data) {
|
||||
(void) fprintf(stderr, "md5_init: hash data non-null\n");
|
||||
}
|
||||
hash->data = calloc(1, sizeof(MD5_CTX));
|
||||
if ((hash->data = calloc(1, sizeof(MD5_CTX))) == NULL) {
|
||||
(void) fprintf(stderr, "md5_init: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
MD5_Init(hash->data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -148,7 +152,7 @@ __ops_hash_md5(__ops_hash_t *hash)
|
|||
*hash = md5;
|
||||
}
|
||||
|
||||
static void
|
||||
static int
|
||||
sha1_init(__ops_hash_t *hash)
|
||||
{
|
||||
if (__ops_get_debug_level(__FILE__)) {
|
||||
|
@ -157,8 +161,12 @@ sha1_init(__ops_hash_t *hash)
|
|||
if (hash->data) {
|
||||
(void) fprintf(stderr, "sha1_init: hash data non-null\n");
|
||||
}
|
||||
hash->data = calloc(1, sizeof(SHA_CTX));
|
||||
if ((hash->data = calloc(1, sizeof(SHA_CTX))) == NULL) {
|
||||
(void) fprintf(stderr, "sha1_init: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
SHA1_Init(hash->data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -219,7 +227,7 @@ __ops_hash_sha1(__ops_hash_t *hash)
|
|||
*hash = sha1;
|
||||
}
|
||||
|
||||
static void
|
||||
static int
|
||||
sha256_init(__ops_hash_t *hash)
|
||||
{
|
||||
if (__ops_get_debug_level(__FILE__)) {
|
||||
|
@ -228,8 +236,12 @@ sha256_init(__ops_hash_t *hash)
|
|||
if (hash->data) {
|
||||
(void) fprintf(stderr, "sha256_init: hash data non-null\n");
|
||||
}
|
||||
hash->data = calloc(1, sizeof(SHA256_CTX));
|
||||
if ((hash->data = calloc(1, sizeof(SHA256_CTX))) == NULL) {
|
||||
(void) fprintf(stderr, "sha256_init: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
SHA256_Init(hash->data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -287,7 +299,7 @@ __ops_hash_sha256(__ops_hash_t *hash)
|
|||
/*
|
||||
* SHA384
|
||||
*/
|
||||
static void
|
||||
static int
|
||||
sha384_init(__ops_hash_t *hash)
|
||||
{
|
||||
if (__ops_get_debug_level(__FILE__)) {
|
||||
|
@ -296,8 +308,12 @@ sha384_init(__ops_hash_t *hash)
|
|||
if (hash->data) {
|
||||
(void) fprintf(stderr, "sha384_init: hash data non-null\n");
|
||||
}
|
||||
hash->data = calloc(1, sizeof(SHA512_CTX));
|
||||
if ((hash->data = calloc(1, sizeof(SHA512_CTX))) == NULL) {
|
||||
(void) fprintf(stderr, "sha512_init: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
SHA384_Init(hash->data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -355,7 +371,7 @@ __ops_hash_sha384(__ops_hash_t *hash)
|
|||
/*
|
||||
* SHA512
|
||||
*/
|
||||
static void
|
||||
static int
|
||||
sha512_init(__ops_hash_t *hash)
|
||||
{
|
||||
if (__ops_get_debug_level(__FILE__)) {
|
||||
|
@ -364,8 +380,12 @@ sha512_init(__ops_hash_t *hash)
|
|||
if (hash->data) {
|
||||
(void) fprintf(stderr, "sha512_init: hash data non-null\n");
|
||||
}
|
||||
hash->data = calloc(1, sizeof(SHA512_CTX));
|
||||
if ((hash->data = calloc(1, sizeof(SHA512_CTX))) == NULL) {
|
||||
(void) fprintf(stderr, "sha512_init: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
SHA512_Init(hash->data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -424,7 +444,7 @@ __ops_hash_sha512(__ops_hash_t *hash)
|
|||
* SHA224
|
||||
*/
|
||||
|
||||
static void
|
||||
static int
|
||||
sha224_init(__ops_hash_t *hash)
|
||||
{
|
||||
if (__ops_get_debug_level(__FILE__)) {
|
||||
|
@ -433,8 +453,12 @@ sha224_init(__ops_hash_t *hash)
|
|||
if (hash->data) {
|
||||
(void) fprintf(stderr, "sha224_init: hash data non-null\n");
|
||||
}
|
||||
hash->data = calloc(1, sizeof(SHA256_CTX));
|
||||
if ((hash->data = calloc(1, sizeof(SHA256_CTX))) == NULL) {
|
||||
(void) fprintf(stderr, "sha256_init: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
SHA224_Init(hash->data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
|
|
|
@ -58,7 +58,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: packet-parse.c,v 1.24 2009/10/06 05:54:24 agc Exp $");
|
||||
__RCSID("$NetBSD: packet-parse.c,v 1.25 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_OPENSSL_CAST_H
|
||||
|
@ -2237,7 +2237,11 @@ parse_hash_init(__ops_stream_t *stream, __ops_hash_alg_t type,
|
|||
hash = &stream->hashes[stream->hashc++];
|
||||
|
||||
__ops_hash_any(&hash->hash, type);
|
||||
hash->hash.init(&hash->hash);
|
||||
if (!hash->hash.init(&hash->hash)) {
|
||||
(void) fprintf(stderr, "parse_hash_init: bad alloc\n");
|
||||
/* just continue and die here */
|
||||
/* XXX - agc - no way to return failure */
|
||||
}
|
||||
(void) memcpy(hash->keyid, keyid, sizeof(hash->keyid));
|
||||
}
|
||||
|
||||
|
@ -2573,7 +2577,11 @@ parse_seckey(__ops_region_t *region, __ops_stream_t *stream)
|
|||
|
||||
__ops_hash_any(&hashes[n],
|
||||
pkt.u.seckey.hash_alg);
|
||||
hashes[n].init(&hashes[n]);
|
||||
if (!hashes[n].init(&hashes[n])) {
|
||||
(void) fprintf(stderr,
|
||||
"parse_seckey: bad alloc\n");
|
||||
return 0;
|
||||
}
|
||||
/* preload hashes with zeroes... */
|
||||
for (i = 0; i < n; ++i) {
|
||||
hashes[n].add(&hashes[n],
|
||||
|
|
|
@ -54,7 +54,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: reader.c,v 1.24 2009/10/07 04:56:51 agc Exp $");
|
||||
__RCSID("$NetBSD: reader.c,v 1.25 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -593,7 +593,11 @@ process_dash_escaped(dearmour_t *dearmour,
|
|||
__ops_hash_md5(hash);
|
||||
}
|
||||
|
||||
hash->init(hash);
|
||||
if (!hash->init(hash)) {
|
||||
OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
|
||||
"can't initialise hash");
|
||||
return -1;
|
||||
}
|
||||
|
||||
body->length = 0;
|
||||
total = 0;
|
||||
|
@ -1587,7 +1591,11 @@ se_ip_data_reader(void *dest_,
|
|||
size_t sz_plaintext;
|
||||
|
||||
__ops_hash_any(&hash, OPS_HASH_SHA1);
|
||||
hash.init(&hash);
|
||||
if (!hash.init(&hash)) {
|
||||
(void) fprintf(stderr,
|
||||
"se_ip_data_reader: can't init hash\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
__ops_init_subregion(&decrypted_region, NULL);
|
||||
decrypted_region.length =
|
||||
|
@ -2307,7 +2315,11 @@ hash_reader(void *dest,
|
|||
void
|
||||
__ops_reader_push_hash(__ops_stream_t *stream, __ops_hash_t *hash)
|
||||
{
|
||||
hash->init(hash);
|
||||
if (!hash->init(hash)) {
|
||||
(void) fprintf(stderr, "__ops_reader_push_hash: can't init hash\n");
|
||||
/* just continue and die */
|
||||
/* XXX - agc - no way to return failure */
|
||||
}
|
||||
__ops_reader_push(stream, hash_reader, NULL, hash);
|
||||
}
|
||||
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: signature.c,v 1.20 2009/10/07 04:18:47 agc Exp $");
|
||||
__RCSID("$NetBSD: signature.c,v 1.21 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -378,7 +378,12 @@ static void
|
|||
initialise_hash(__ops_hash_t *hash, const __ops_sig_t *sig)
|
||||
{
|
||||
__ops_hash_any(hash, sig->info.hash_alg);
|
||||
hash->init(hash);
|
||||
if (!hash->init(hash)) {
|
||||
(void) fprintf(stderr,
|
||||
"initialise_hash: bad hash init\n");
|
||||
/* just continue and die */
|
||||
/* XXX - agc - no way to return failure */
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
|
|
|
@ -54,7 +54,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: validate.c,v 1.20 2009/10/07 04:18:47 agc Exp $");
|
||||
__RCSID("$NetBSD: validate.c,v 1.21 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -104,7 +104,10 @@ check_binary_sig(const unsigned len,
|
|||
|
||||
__OPS_USED(signer);
|
||||
__ops_hash_any(&hash, sig->info.hash_alg);
|
||||
hash.init(&hash);
|
||||
if (!hash.init(&hash)) {
|
||||
(void) fprintf(stderr, "check_binary_sig: bad hash init\n");
|
||||
return 0;
|
||||
}
|
||||
hash.add(&hash, data, len);
|
||||
switch (sig->info.version) {
|
||||
case OPS_V3:
|
||||
|
|
|
@ -58,7 +58,7 @@
|
|||
|
||||
#if defined(__NetBSD__)
|
||||
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: writer.c,v 1.14 2009/10/07 04:18:47 agc Exp $");
|
||||
__RCSID("$NetBSD: writer.c,v 1.15 2009/10/07 16:19:51 agc Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -1375,7 +1375,12 @@ __ops_push_checksum_writer(__ops_output_t *output, __ops_seckey_t *seckey)
|
|||
sum->hashed = seckey->checkhash;
|
||||
/* init the hash */
|
||||
__ops_hash_any(&sum->hash, sum->hash_alg);
|
||||
sum->hash.init(&sum->hash);
|
||||
if (!sum->hash.init(&sum->hash)) {
|
||||
(void) fprintf(stderr,
|
||||
"__ops_push_checksum_writer: bad hash init\n");
|
||||
/* just continue and die */
|
||||
/* XXX - agc - no way to return failure */
|
||||
}
|
||||
__ops_writer_push(output, skey_checksum_writer,
|
||||
skey_checksum_finaliser, skey_checksum_destroyer, sum);
|
||||
}
|
||||
|
@ -1629,7 +1634,12 @@ stream_write_se_ip_first(__ops_output_t *output,
|
|||
preamble[blocksize] = preamble[blocksize - 2];
|
||||
preamble[blocksize + 1] = preamble[blocksize - 1];
|
||||
__ops_hash_any(&se_ip->hash, OPS_HASH_SHA1);
|
||||
se_ip->hash.init(&se_ip->hash);
|
||||
if (!se_ip->hash.init(&se_ip->hash)) {
|
||||
free(preamble);
|
||||
(void) fprintf(stderr,
|
||||
"stream_write_se_ip_first: bad hash init\n");
|
||||
return 0;
|
||||
}
|
||||
__ops_write(output, preamble, sz_preamble);
|
||||
se_ip->hash.add(&se_ip->hash, preamble, sz_preamble);
|
||||
__ops_write(output, data, sz_pd - sz_preamble - 1);
|
||||
|
|
Loading…
Reference in New Issue