mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Check file name for not being NULL before opening it

Browse Source 
Fixes #24416

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25458)
This commit is contained in:
Зишан Мирза 2024-09-14 00:24:24 +02:00 committed by Tomas Mraz
parent 4f899849ce
commit 3ef1b7426b
6 changed files with 68 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/srp/srp_vfy.c
View File

@ -409,6 +409,11 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
error_code = SRP_ERR_OPEN_FILE;
if (verifier_file == NULL) {
ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
if (in == NULL || BIO_read_filename(in, verifier_file) <= 0)
goto err;

10
crypto/x509/by_file.c
View File

@ -91,6 +91,11 @@ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
int count = 0;
X509 *x = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
in = BIO_new(BIO_s_file());
if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
@ -168,6 +173,11 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
int count = 0;
X509_CRL *x = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
in = BIO_new(BIO_s_file());
if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {

3
doc/man3/BIO_s_file.pod
View File

@ -95,7 +95,8 @@ BIO_seek() returns 0 for success or negative values for failure.
BIO_tell() returns the current file position or negative values for failure.
BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and
BIO_rw_filename() return 1 for success or <=0 for failure.
BIO_rw_filename() return 1 for success or <=0 for failure. An error is also
returned if the file does not exist.
=head1 EXAMPLES

9
ssl/ssl_cert.c
View File

@ -748,6 +748,10 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file,
LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp);
OSSL_LIB_CTX *prev_libctx = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
if (name_hash == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
goto err;
@ -874,6 +878,11 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
int num = 0;
LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp);
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
if (name_hash == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
goto err;

35
ssl/ssl_rsa.c
View File

@ -53,10 +53,15 @@ int SSL_use_certificate(SSL *ssl, X509 *x)
int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
{
int j;
BIO *in;
BIO *in = NULL;
int ret = 0;
X509 *cert = NULL, *x = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@ -163,9 +168,14 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
{
int j, ret = 0;
BIO *in;
BIO *in = NULL;
EVP_PKEY *pkey = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@ -296,10 +306,15 @@ static int ssl_set_cert(CERT *c, X509 *x, SSL_CTX *ctx)
int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
{
int j = SSL_R_BAD_VALUE;
BIO *in;
BIO *in = NULL;
int ret = 0;
X509 *x = NULL, *cert = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@ -373,9 +388,14 @@ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
{
int j, ret = 0;
BIO *in;
BIO *in = NULL;
EVP_PKEY *pkey = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@ -436,7 +456,7 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
*/
static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
{
BIO *in;
BIO *in = NULL;
int ret = 0;
X509 *x = NULL;
pem_password_cb *passwd_callback;
@ -462,6 +482,11 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
passwd_callback_userdata = sc->default_passwd_callback_userdata;
}
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);

14
ssl/ssl_rsa_legacy.c
View File

@ -43,9 +43,14 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
{
int j, ret = 0;
BIO *in;
BIO *in = NULL;
RSA *rsa = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@ -125,9 +130,14 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
{
int j, ret = 0;
BIO *in;
BIO *in = NULL;
RSA *rsa = NULL;
if (file == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
in = BIO_new(BIO_s_file());
if (in == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);