aboutsummaryrefslogtreecommitdiff
path: root/src/pki_crypto.c
diff options
context:
space:
mode:
authorDirkjan Bussink <d.bussink@gmail.com>2020-12-10 14:01:32 +0000
committerAndreas Schneider <asn@cryptomilk.org>2020-12-11 13:32:02 +0100
commitdaeee74edd8ac25c1d246d40333e78518574eded (patch)
treee6646a06bcc8e4338d3a094bcd5af034fe8a0c1f /src/pki_crypto.c
parentf6a2f6190c2aa047d901547720ae6d1729e1e2c0 (diff)
downloadlibssh-daeee74edd8ac25c1d246d40333e78518574eded.tar.gz
libssh-daeee74edd8ac25c1d246d40333e78518574eded.tar.xz
libssh-daeee74edd8ac25c1d246d40333e78518574eded.zip
Add safety checks for all ssh_string_fill calls
These calls can fail and the return code should always be checked. These issues were identified when code review called it out on new code. The updates here are to existing code with no behavior changes to make review simpler. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/pki_crypto.c')
-rw-r--r--src/pki_crypto.c31
1 files changed, 26 insertions, 5 deletions
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 08409209..3c3e0a40 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -840,7 +840,11 @@ ssh_string pki_private_key_to_pem(const ssh_key key,
goto err;
}
- ssh_string_fill(blob, buf->data, buf->length);
+ rc = ssh_string_fill(blob, buf->data, buf->length);
+ if (rc < 0) {
+ goto err;
+ }
+
BIO_free(mem);
return blob;
@@ -1411,6 +1415,7 @@ static ssh_string pki_dsa_signature_to_blob(const ssh_signature sig)
const unsigned char *raw_sig_data = NULL;
size_t raw_sig_len;
+ int rc;
DSA_SIG *dsa_sig;
@@ -1467,7 +1472,11 @@ static ssh_string pki_dsa_signature_to_blob(const ssh_signature sig)
return NULL;
}
- ssh_string_fill(sig_blob, buffer, 40);
+ rc = ssh_string_fill(sig_blob, buffer, 40);
+ if (rc < 0) {
+ SSH_STRING_FREE(sig_blob);
+ return NULL;
+ }
return sig_blob;
@@ -1544,7 +1553,10 @@ static ssh_string pki_ecdsa_signature_to_blob(const ssh_signature sig)
goto error;
}
- ssh_string_fill(sig_blob, ssh_buffer_get(buf), ssh_buffer_get_len(buf));
+ rc = ssh_string_fill(sig_blob, ssh_buffer_get(buf), ssh_buffer_get_len(buf));
+ if (rc < 0) {
+ goto error;
+ }
SSH_STRING_FREE(r);
SSH_STRING_FREE(s);
@@ -1554,6 +1566,7 @@ static ssh_string pki_ecdsa_signature_to_blob(const ssh_signature sig)
return sig_blob;
error:
+ SSH_STRING_FREE(sig_blob);
SSH_STRING_FREE(r);
SSH_STRING_FREE(s);
ECDSA_SIG_free(ecdsa_sig);
@@ -1698,7 +1711,11 @@ static int pki_signature_from_dsa_blob(UNUSED_PARAM(const ssh_key pubkey),
if (r == NULL) {
goto error;
}
- ssh_string_fill(r, ssh_string_data(sig_blob), 20);
+ rc = ssh_string_fill(r, ssh_string_data(sig_blob), 20);
+ if (rc < 0) {
+ SSH_STRING_FREE(r);
+ goto error;
+ }
pr = ssh_make_string_bn(r);
ssh_string_burn(r);
@@ -1711,7 +1728,11 @@ static int pki_signature_from_dsa_blob(UNUSED_PARAM(const ssh_key pubkey),
if (s == NULL) {
goto error;
}
- ssh_string_fill(s, (char *)ssh_string_data(sig_blob) + 20, 20);
+ rc = ssh_string_fill(s, (char *)ssh_string_data(sig_blob) + 20, 20);
+ if (rc < 0) {
+ SSH_STRING_FREE(s);
+ goto error;
+ }
ps = ssh_make_string_bn(s);
ssh_string_burn(s);