[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Richard Levitte levitte at openssl.org
Wed Jul 5 09:17:25 UTC 2017


The branch OpenSSL_1_0_2-stable has been updated
       via  f22a0783075002f4b7802f54b3903ff733410110 (commit)
      from  1408482587df60662a87943de3f9581dae75ecc0 (commit)


- Log -----------------------------------------------------------------
commit f22a0783075002f4b7802f54b3903ff733410110
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Jul 5 10:26:25 2017 +0200

    Fix small UI issues
    
    - in EVP_read_pw_string_min(), the return value from UI_add_* wasn't
      properly checked
    - in UI_process(), |state| was never made NULL, which means an error
      when closing the session wouldn't be accurately reported.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/3849)
    
    (cherry picked from commit b96dba9e5ec7afc355be1eab915f69c8c0d51741)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/evp_key.c | 20 +++++++++++---------
 crypto/ui/ui_lib.c   |  2 ++
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 5be9e33..cdffe1c 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -97,7 +97,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
                            int verify)
 {
-    int ret;
+    int ret = -1;
     char buff[BUFSIZ];
     UI *ui;
 
@@ -105,16 +105,18 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
         prompt = prompt_string;
     ui = UI_new();
     if (ui == NULL)
-        return -1;
-    UI_add_input_string(ui, prompt, 0, buf, min,
-                        (len >= BUFSIZ) ? BUFSIZ - 1 : len);
-    if (verify)
-        UI_add_verify_string(ui, prompt, 0,
-                             buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
-                             buf);
+        return ret;
+    if (UI_add_input_string(ui, prompt, 0, buf, min,
+                            (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0
+        || (verify
+            && UI_add_verify_string(ui, prompt, 0, buff, min,
+                                    (len >= BUFSIZ) ? BUFSIZ - 1 : len,
+                                    buf) < 0))
+        goto end;
     ret = UI_process(ui);
-    UI_free(ui);
     OPENSSL_cleanse(buff, BUFSIZ);
+ end:
+    UI_free(ui);
     return ret;
 }
 
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 643ae59..d06089b 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -520,6 +520,8 @@ int UI_process(UI *ui)
             }
         }
     }
+
+    state = NULL;
  err:
     if (ui->meth->ui_close_session != NULL
         && ui->meth->ui_close_session(ui) <= 0)


More information about the openssl-commits mailing list