[openssl] master update
Richard Levitte
levitte at openssl.org
Wed Mar 13 12:40:42 UTC 2019
The branch master has been updated
via 62ca15650576f3953103b27e220e4ff4cc4abed5 (commit)
from fff684168c7923aa85e6b4381d71d933396e32b0 (commit)
- Log -----------------------------------------------------------------
commit 62ca15650576f3953103b27e220e4ff4cc4abed5
Author: David von Oheimb <David.von.Oheimb at siemens.com>
Date: Thu Feb 1 11:06:03 2018 +0100
prevent app_get_pass() from revealing cleartext password on syntax error
When the argument for '-pass' was badly formed, that argument got
displayed in full. This turns out to not be such a good idea if the
user simply forgot to start the argument with 'pass:', or spellt the
prefix incorrectly. We therefore change the display to say that a
colon is missing or only showing the incorrect prefix.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6218)
-----------------------------------------------------------------------
Summary of changes:
apps/apps.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/apps/apps.c b/apps/apps.c
index d095dee..06b5434 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -48,6 +48,8 @@ static int WIN32_rename(const char *from, const char *to);
# define rename(from,to) WIN32_rename((from),(to))
#endif
+#define PASS_SOURCE_SIZE_MAX 4
+
typedef struct {
const char *name;
unsigned long flag;
@@ -205,6 +207,7 @@ static char *app_get_pass(const char *arg, int keepbio)
char *tmp, tpass[APP_PASS_LEN];
int i;
+ /* PASS_SOURCE_SIZE_MAX = max number of chars before ':' in below strings */
if (strncmp(arg, "pass:", 5) == 0)
return OPENSSL_strdup(arg + 5);
if (strncmp(arg, "env:", 4) == 0) {
@@ -253,7 +256,16 @@ static char *app_get_pass(const char *arg, int keepbio)
return NULL;
}
} else {
- BIO_printf(bio_err, "Invalid password argument \"%s\"\n", arg);
+ /* argument syntax error; do not reveal too much about arg */
+ tmp = strchr(arg, ':');
+ if (tmp == NULL || tmp - arg > PASS_SOURCE_SIZE_MAX)
+ BIO_printf(bio_err,
+ "Invalid password argument, missing ':' within the first %d chars\n",
+ PASS_SOURCE_SIZE_MAX + 1);
+ else
+ BIO_printf(bio_err,
+ "Invalid password argument, starting with \"%.*s\"\n",
+ (int)(tmp - arg + 1), arg);
return NULL;
}
}
More information about the openssl-commits
mailing list