[openssl-commits] [openssl] master update
Kurt Roeckx
kurt at openssl.org
Mon Sep 14 21:53:08 UTC 2015
The branch master has been updated
via a46c9789ce2aecedceef119e9883513c7a49f1ca (commit)
from df6da24bda457b724ba3e894e6c329a9b93d536f (commit)
- Log -----------------------------------------------------------------
commit a46c9789ce2aecedceef119e9883513c7a49f1ca
Author: Kurt Roeckx <kurt at roeckx.be>
Date: Mon Aug 17 16:02:18 2015 +0200
d2i: don't update input pointer on failure
Reviewed-by: Dr. Stephen Henson <steve at openssl.org>
MR #1005
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/d2i_pr.c | 11 ++++++++---
crypto/asn1/tasn_dec.c | 4 ++--
crypto/asn1/x_pubkey.c | 5 ++++-
crypto/asn1/x_x509.c | 7 ++++---
crypto/ec/ec_asn1.c | 8 ++++++--
crypto/x509v3/v3_scts.c | 4 +++-
6 files changed, 27 insertions(+), 12 deletions(-)
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index b92af8b..90ec2f4 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -72,6 +72,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
{
EVP_PKEY *ret;
+ const unsigned char *p = *pp;
if ((a == NULL) || (*a == NULL)) {
if ((ret = EVP_PKEY_new()) == NULL) {
@@ -94,10 +95,10 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
}
if (!ret->ameth->old_priv_decode ||
- !ret->ameth->old_priv_decode(ret, pp, length)) {
+ !ret->ameth->old_priv_decode(ret, &p, length)) {
if (ret->ameth->priv_decode) {
PKCS8_PRIV_KEY_INFO *p8 = NULL;
- p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
+ p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
if (!p8)
goto err;
EVP_PKEY_free(ret);
@@ -109,6 +110,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
goto err;
}
}
+ *pp = p;
if (a != NULL)
(*a) = ret;
return (ret);
@@ -136,6 +138,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
* input is surrounded by an ASN1 SEQUENCE.
*/
inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
+ p = *pp;
/*
* Since we only need to discern "traditional format" RSA and DSA keys we
* can just count the elements.
@@ -146,7 +149,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
keytype = EVP_PKEY_EC;
else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
* traditional format */
- PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
+ PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
EVP_PKEY *ret;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
@@ -157,6 +160,8 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
}
ret = EVP_PKCS82PKEY(p8);
PKCS8_PRIV_KEY_INFO_free(p8);
+ if (ret != NULL)
+ *pp = p;
if (a) {
*a = ret;
}
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index 7a6414a..732b425 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -281,9 +281,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
}
asn1_set_choice_selector(pval, i, it);
- *in = p;
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
goto auxerr;
+ *in = p;
return 1;
case ASN1_ITYPE_NDEF_SEQUENCE:
@@ -420,9 +420,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
/* Save encoding */
if (!asn1_enc_save(pval, *in, p - *in, it))
goto auxerr;
- *in = p;
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
goto auxerr;
+ *in = p;
return 1;
default:
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index d20afb9..b2d81df 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -184,13 +184,16 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
{
X509_PUBKEY *xpk;
EVP_PKEY *pktmp;
- xpk = d2i_X509_PUBKEY(NULL, pp, length);
+ const unsigned char *q;
+ q = *pp;
+ xpk = d2i_X509_PUBKEY(NULL, &q, length);
if (!xpk)
return NULL;
pktmp = X509_PUBKEY_get(xpk);
X509_PUBKEY_free(xpk);
if (!pktmp)
return NULL;
+ *pp = q;
if (a) {
EVP_PKEY_free(*a);
*a = pktmp;
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index 6e7850c..d8d55b2 100644
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -177,16 +177,17 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
if (!a || *a == NULL) {
freeret = 1;
}
- ret = d2i_X509(a, pp, length);
+ ret = d2i_X509(a, &q, length);
/* If certificate unreadable then forget it */
if (!ret)
return NULL;
/* update length */
- length -= *pp - q;
+ length -= q - *pp;
if (!length)
return ret;
- if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
+ if (!d2i_X509_CERT_AUX(&ret->aux, &q, length))
goto err;
+ *pp = q;
return ret;
err:
if (freeret) {
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 4e1566d..bd6592b 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -951,8 +951,9 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
{
EC_GROUP *group = NULL;
ECPKPARAMETERS *params = NULL;
+ const unsigned char *p = *in;
- if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) {
+ if ((params = d2i_ECPKPARAMETERS(NULL, &p, len)) == NULL) {
ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
ECPKPARAMETERS_free(params);
return NULL;
@@ -970,6 +971,7 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
}
ECPKPARAMETERS_free(params);
+ *in = p;
return (group);
}
@@ -996,8 +998,9 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
{
EC_KEY *ret = NULL;
EC_PRIVATEKEY *priv_key = NULL;
+ const unsigned char *p = *in;
- if ((priv_key = d2i_EC_PRIVATEKEY(NULL, in, len)) == NULL) {
+ if ((priv_key = d2i_EC_PRIVATEKEY(NULL, &p, len)) == NULL) {
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
return NULL;
}
@@ -1077,6 +1080,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
if (a)
*a = ret;
EC_PRIVATEKEY_free(priv_key);
+ *in = p;
return (ret);
err:
diff --git a/crypto/x509v3/v3_scts.c b/crypto/x509v3/v3_scts.c
index f93fdfc..b1505fe 100644
--- a/crypto/x509v3/v3_scts.c
+++ b/crypto/x509v3/v3_scts.c
@@ -183,8 +183,9 @@ static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
SCT *sct;
unsigned char *p, *p2;
unsigned short listlen, sctlen = 0, fieldlen;
+ const unsigned char *q = *pp;
- if (d2i_ASN1_OCTET_STRING(&oct, pp, length) == NULL)
+ if (d2i_ASN1_OCTET_STRING(&oct, &q, length) == NULL)
return NULL;
if (oct->length < 2)
goto done;
@@ -272,6 +273,7 @@ static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
done:
ASN1_OCTET_STRING_free(oct);
+ *pp = q;
return sk;
err:
More information about the openssl-commits
mailing list