Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

More checking of allocation return values where not already done. 

Revamp hash initialisation to return a success/failure error code.

Document places where we prefer to continue with a NULL buffer,
rather than silently continue with possibly erroneous results.
This commit is contained in:
agc 2009-10-07 16:19:51 +00:00
parent a8429a111e
commit 7affbacab9
9 changed files with 135 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/external/bsd/netpgp/dist/src/lib/create.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: create.c,v 1.20 2009/10/06 02:26:05 agc Exp $");
__RCSID("$NetBSD: create.c,v 1.21 2009/10/07 16:19:51 agc Exp $");
#endif
#include <sys/types.h>
@ -371,7 +371,10 @@ write_seckey_body(const __ops_seckey_t *key,
size = MIN(needed, OPS_SHA1_HASH_SIZE);
__ops_hash_any(&hash, key->hash_alg);
hash.init(&hash);
if (!hash.init(&hash)) {
(void) fprintf(stderr, "write_seckey_body: bad alloc\n");
return 0;
}
/* preload if iterating */
for (j = 0; j < i; j++) {

2
crypto/external/bsd/netpgp/dist/src/lib/crypto.h vendored
View File

@ -61,7 +61,7 @@
#define OPS_MIN_HASH_SIZE 16
typedef void __ops_hash_init_t(__ops_hash_t *);
typedef int __ops_hash_init_t(__ops_hash_t *);
typedef void __ops_hash_add_t(__ops_hash_t *, const unsigned char *, unsigned);
typedef unsigned __ops_hash_finish_t(__ops_hash_t *, unsigned char *);

51
crypto/external/bsd/netpgp/dist/src/lib/misc.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: misc.c,v 1.21 2009/10/06 02:39:53 agc Exp $");
__RCSID("$NetBSD: misc.c,v 1.22 2009/10/07 16:19:51 agc Exp $");
#endif
#include <sys/types.h>
@ -439,7 +439,11 @@ __ops_fingerprint(__ops_fingerprint_t *fp, const __ops_pubkey_t *key)
}
__ops_hash_md5(&md5);
md5.init(&md5);
if (!md5.init(&md5)) {
(void) fprintf(stderr,
"__ops_fingerprint: bad md5 alloc\n");
return;
}
n = (size_t) BN_num_bytes(key->key.rsa.n);
if ((bn = calloc(1, n)) == NULL) {
@ -474,7 +478,11 @@ __ops_fingerprint(__ops_fingerprint_t *fp, const __ops_pubkey_t *key)
fprintf(stderr, "-> creating key fingerprint\n");
}
__ops_hash_sha1(&sha1);
sha1.init(&sha1);
if (!sha1.init(&sha1)) {
(void) fprintf(stderr,
"__ops_fingerprint: bad sha1 alloc\n");
return;
}
len = __ops_mem_len(mem);
@ -669,7 +677,11 @@ __ops_hash(unsigned char *out, __ops_hash_alg_t alg, const void *in,
__ops_hash_t hash;
__ops_hash_any(&hash, alg);
hash.init(&hash);
if (!hash.init(&hash)) {
(void) fprintf(stderr, "__ops_hash: bad alloc\n");
/* we'll just continue here - don't want to return a 0 hash */
/* XXX - agc - no way to return failure */
}
hash.add(&hash, in, length);
return hash.finish(&hash, out);
}
@ -708,7 +720,11 @@ __ops_calc_mdc_hash(const unsigned char *preamble,
}
/* init */
__ops_hash_any(&hash, OPS_HASH_SHA1);
hash.init(&hash);
if (!hash.init(&hash)) {
(void) fprintf(stderr, "__ops_calc_mdc_hash: bad alloc\n");
/* we'll just continue here - it will die anyway */
/* agc - XXX - no way to return failure */
}
/* preamble */
hash.add(&hash, preamble, sz_preamble);
@ -771,16 +787,25 @@ __ops_random(void *dest, size_t length)
void
__ops_memory_init(__ops_memory_t *mem, size_t needed)
{
unsigned char *temp;
mem->length = 0;
if (mem->buf) {
if (mem->allocated < needed) {
mem->buf = realloc(mem->buf, needed);
if ((temp = realloc(mem->buf, needed)) == NULL) {
(void) fprintf(stderr, "__ops_memory_init: bad alloc\n");
} else {
mem->buf = temp;
mem->allocated = needed;
}
}
} else {
if ((mem->buf = calloc(1, needed)) == NULL) {
(void) fprintf(stderr, "__ops_memory_init: bad alloc\n");
} else {
mem->allocated = needed;
}
return;
}
mem->buf = calloc(1, needed);
mem->allocated = needed;
}
/**
@ -1100,9 +1125,13 @@ sum16_destroyer(__ops_reader_t *readinfo)
void
__ops_reader_push_sum16(__ops_stream_t *stream)
{
sum16_t *arg = calloc(1, sizeof(*arg));
sum16_t *arg;
__ops_reader_push(stream, sum16_reader, sum16_destroyer, arg);
if ((arg = calloc(1, sizeof(*arg))) == NULL) {
(void) fprintf(stderr, "__ops_reader_push_sum16: bad alloc\n");
} else {
__ops_reader_push(stream, sum16_reader, sum16_destroyer, arg);
}
}
/**

50
crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: openssl_crypto.c,v 1.16 2009/10/06 03:30:59 agc Exp $");
__RCSID("$NetBSD: openssl_crypto.c,v 1.17 2009/10/07 16:19:51 agc Exp $");
#endif
#ifdef HAVE_OPENSSL_DSA_H
@ -102,14 +102,18 @@ test_seckey(const __ops_seckey_t *seckey)
RSA_free(test);
}
static void
static int
md5_init(__ops_hash_t *hash)
{
if (hash->data) {
(void) fprintf(stderr, "md5_init: hash data non-null\n");
}
hash->data = calloc(1, sizeof(MD5_CTX));
if ((hash->data = calloc(1, sizeof(MD5_CTX))) == NULL) {
(void) fprintf(stderr, "md5_init: bad alloc\n");
return 0;
}
MD5_Init(hash->data);
return 1;
}
static void
@ -148,7 +152,7 @@ __ops_hash_md5(__ops_hash_t *hash)
*hash = md5;
}
static void
static int
sha1_init(__ops_hash_t *hash)
{
if (__ops_get_debug_level(__FILE__)) {
@ -157,8 +161,12 @@ sha1_init(__ops_hash_t *hash)
if (hash->data) {
(void) fprintf(stderr, "sha1_init: hash data non-null\n");
}
hash->data = calloc(1, sizeof(SHA_CTX));
if ((hash->data = calloc(1, sizeof(SHA_CTX))) == NULL) {
(void) fprintf(stderr, "sha1_init: bad alloc\n");
return 0;
}
SHA1_Init(hash->data);
return 1;
}
static void
@ -219,7 +227,7 @@ __ops_hash_sha1(__ops_hash_t *hash)
*hash = sha1;
}
static void
static int
sha256_init(__ops_hash_t *hash)
{
if (__ops_get_debug_level(__FILE__)) {
@ -228,8 +236,12 @@ sha256_init(__ops_hash_t *hash)
if (hash->data) {
(void) fprintf(stderr, "sha256_init: hash data non-null\n");
}
hash->data = calloc(1, sizeof(SHA256_CTX));
if ((hash->data = calloc(1, sizeof(SHA256_CTX))) == NULL) {
(void) fprintf(stderr, "sha256_init: bad alloc\n");
return 0;
}
SHA256_Init(hash->data);
return 1;
}
static void
@ -287,7 +299,7 @@ __ops_hash_sha256(__ops_hash_t *hash)
/*
* SHA384
*/
static void
static int
sha384_init(__ops_hash_t *hash)
{
if (__ops_get_debug_level(__FILE__)) {
@ -296,8 +308,12 @@ sha384_init(__ops_hash_t *hash)
if (hash->data) {
(void) fprintf(stderr, "sha384_init: hash data non-null\n");
}
hash->data = calloc(1, sizeof(SHA512_CTX));
if ((hash->data = calloc(1, sizeof(SHA512_CTX))) == NULL) {
(void) fprintf(stderr, "sha512_init: bad alloc\n");
return 0;
}
SHA384_Init(hash->data);
return 1;
}
static void
@ -355,7 +371,7 @@ __ops_hash_sha384(__ops_hash_t *hash)
/*
* SHA512
*/
static void
static int
sha512_init(__ops_hash_t *hash)
{
if (__ops_get_debug_level(__FILE__)) {
@ -364,8 +380,12 @@ sha512_init(__ops_hash_t *hash)
if (hash->data) {
(void) fprintf(stderr, "sha512_init: hash data non-null\n");
}
hash->data = calloc(1, sizeof(SHA512_CTX));
if ((hash->data = calloc(1, sizeof(SHA512_CTX))) == NULL) {
(void) fprintf(stderr, "sha512_init: bad alloc\n");
return 0;
}
SHA512_Init(hash->data);
return 1;
}
static void
@ -424,7 +444,7 @@ __ops_hash_sha512(__ops_hash_t *hash)
* SHA224
*/
static void
static int
sha224_init(__ops_hash_t *hash)
{
if (__ops_get_debug_level(__FILE__)) {
@ -433,8 +453,12 @@ sha224_init(__ops_hash_t *hash)
if (hash->data) {
(void) fprintf(stderr, "sha224_init: hash data non-null\n");
}
hash->data = calloc(1, sizeof(SHA256_CTX));
if ((hash->data = calloc(1, sizeof(SHA256_CTX))) == NULL) {
(void) fprintf(stderr, "sha256_init: bad alloc\n");
return 0;
}
SHA224_Init(hash->data);
return 1;
}
static void

14
crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c vendored
View File

@ -58,7 +58,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: packet-parse.c,v 1.24 2009/10/06 05:54:24 agc Exp $");
__RCSID("$NetBSD: packet-parse.c,v 1.25 2009/10/07 16:19:51 agc Exp $");
#endif
#ifdef HAVE_OPENSSL_CAST_H
@ -2237,7 +2237,11 @@ parse_hash_init(__ops_stream_t *stream, __ops_hash_alg_t type,
hash = &stream->hashes[stream->hashc++];
__ops_hash_any(&hash->hash, type);
hash->hash.init(&hash->hash);
if (!hash->hash.init(&hash->hash)) {
(void) fprintf(stderr, "parse_hash_init: bad alloc\n");
/* just continue and die here */
/* XXX - agc - no way to return failure */
}
(void) memcpy(hash->keyid, keyid, sizeof(hash->keyid));
}
@ -2573,7 +2577,11 @@ parse_seckey(__ops_region_t *region, __ops_stream_t *stream)
__ops_hash_any(&hashes[n],
pkt.u.seckey.hash_alg);
hashes[n].init(&hashes[n]);
if (!hashes[n].init(&hashes[n])) {
(void) fprintf(stderr,
"parse_seckey: bad alloc\n");
return 0;
}
/* preload hashes with zeroes... */
for (i = 0; i < n; ++i) {
hashes[n].add(&hashes[n],

20
crypto/external/bsd/netpgp/dist/src/lib/reader.c vendored
View File

@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: reader.c,v 1.24 2009/10/07 04:56:51 agc Exp $");
__RCSID("$NetBSD: reader.c,v 1.25 2009/10/07 16:19:51 agc Exp $");
#endif
#include <sys/types.h>
@ -593,7 +593,11 @@ process_dash_escaped(dearmour_t *dearmour,
__ops_hash_md5(hash);
}
hash->init(hash);
if (!hash->init(hash)) {
OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
"can't initialise hash");
return -1;
}
body->length = 0;
total = 0;
@ -1587,7 +1591,11 @@ se_ip_data_reader(void *dest_,
size_t sz_plaintext;
__ops_hash_any(&hash, OPS_HASH_SHA1);
hash.init(&hash);
if (!hash.init(&hash)) {
(void) fprintf(stderr,
"se_ip_data_reader: can't init hash\n");
return -1;
}
__ops_init_subregion(&decrypted_region, NULL);
decrypted_region.length =
@ -2307,7 +2315,11 @@ hash_reader(void *dest,
void
__ops_reader_push_hash(__ops_stream_t *stream, __ops_hash_t *hash)
{
hash->init(hash);
if (!hash->init(hash)) {
(void) fprintf(stderr, "__ops_reader_push_hash: can't init hash\n");
/* just continue and die */
/* XXX - agc - no way to return failure */
}
__ops_reader_push(stream, hash_reader, NULL, hash);
}

9
crypto/external/bsd/netpgp/dist/src/lib/signature.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: signature.c,v 1.20 2009/10/07 04:18:47 agc Exp $");
__RCSID("$NetBSD: signature.c,v 1.21 2009/10/07 16:19:51 agc Exp $");
#endif
#include <sys/types.h>
@ -378,7 +378,12 @@ static void
initialise_hash(__ops_hash_t *hash, const __ops_sig_t *sig)
{
__ops_hash_any(hash, sig->info.hash_alg);
hash->init(hash);
if (!hash->init(hash)) {
(void) fprintf(stderr,
"initialise_hash: bad hash init\n");
/* just continue and die */
/* XXX - agc - no way to return failure */
}
}
static void

7
crypto/external/bsd/netpgp/dist/src/lib/validate.c vendored
View File

@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: validate.c,v 1.20 2009/10/07 04:18:47 agc Exp $");
__RCSID("$NetBSD: validate.c,v 1.21 2009/10/07 16:19:51 agc Exp $");
#endif
#include <sys/types.h>
@ -104,7 +104,10 @@ check_binary_sig(const unsigned len,
__OPS_USED(signer);
__ops_hash_any(&hash, sig->info.hash_alg);
hash.init(&hash);
if (!hash.init(&hash)) {
(void) fprintf(stderr, "check_binary_sig: bad hash init\n");
return 0;
}
hash.add(&hash, data, len);
switch (sig->info.version) {
case OPS_V3:

16
crypto/external/bsd/netpgp/dist/src/lib/writer.c vendored
View File

@ -58,7 +58,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: writer.c,v 1.14 2009/10/07 04:18:47 agc Exp $");
__RCSID("$NetBSD: writer.c,v 1.15 2009/10/07 16:19:51 agc Exp $");
#endif
#include <sys/types.h>
@ -1375,7 +1375,12 @@ __ops_push_checksum_writer(__ops_output_t *output, __ops_seckey_t *seckey)
sum->hashed = seckey->checkhash;
/* init the hash */
__ops_hash_any(&sum->hash, sum->hash_alg);
sum->hash.init(&sum->hash);
if (!sum->hash.init(&sum->hash)) {
(void) fprintf(stderr,
"__ops_push_checksum_writer: bad hash init\n");
/* just continue and die */
/* XXX - agc - no way to return failure */
}
__ops_writer_push(output, skey_checksum_writer,
skey_checksum_finaliser, skey_checksum_destroyer, sum);
}
@ -1629,7 +1634,12 @@ stream_write_se_ip_first(__ops_output_t *output,
preamble[blocksize] = preamble[blocksize - 2];
preamble[blocksize + 1] = preamble[blocksize - 1];
__ops_hash_any(&se_ip->hash, OPS_HASH_SHA1);
se_ip->hash.init(&se_ip->hash);
if (!se_ip->hash.init(&se_ip->hash)) {
free(preamble);
(void) fprintf(stderr,
"stream_write_se_ip_first: bad hash init\n");
return 0;
}
__ops_write(output, preamble, sz_preamble);
se_ip->hash.add(&se_ip->hash, preamble, sz_preamble);
__ops_write(output, data, sz_pd - sz_preamble - 1);