From ffcdb24b13590190e92c7f88e2ad3e0a721408f2 Mon Sep 17 00:00:00 2001 From: Pauli Date: Wed, 19 Aug 2020 13:40:22 +1000 Subject: [PATCH] pkeyutil: check return value reading password Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/12678) --- apps/pkeyutl.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 4de2a56590..9bfef87311 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -331,9 +331,18 @@ int pkeyutl_main(int argc, char **argv) if (passin == NULL) { /* Get password interactively */ char passwd_buf[4096]; + int r; + BIO_snprintf(passwd_buf, sizeof(passwd_buf), "Enter %s: ", opt); - EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1, - passwd_buf, 0); + r = EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1, + passwd_buf, 0); + if (r < 0) { + if (r == -2) + BIO_puts(bio_err, "user abort\n"); + else + BIO_puts(bio_err, "entry failed\n"); + goto end; + } passwd = OPENSSL_strdup(passwd_buf); if (passwd == NULL) { BIO_puts(bio_err, "out of memory\n");