[openssl] master update
tomas at openssl.org
tomas at openssl.org
Wed Dec 1 11:32:04 UTC 2021
The branch master has been updated
via d2217c88df6e65c756013417e5ee4f470dd12470 (commit)
from 29a27cb2c5c1757831f42117871f8c59058343a9 (commit)
- Log -----------------------------------------------------------------
commit d2217c88df6e65c756013417e5ee4f470dd12470
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Nov 30 11:52:10 2021 +0100
various kdfs: Always reset buflen after clearing the buffer
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17165)
-----------------------------------------------------------------------
Summary of changes:
providers/implementations/kdfs/krb5kdf.c | 1 +
providers/implementations/kdfs/pbkdf1.c | 4 +++-
providers/implementations/kdfs/pbkdf2.c | 4 +++-
providers/implementations/kdfs/pkcs12kdf.c | 4 +++-
providers/implementations/kdfs/scrypt.c | 4 +++-
providers/implementations/kdfs/sshkdf.c | 1 +
6 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c
index f8d4baa568..2c887f0eb9 100644
--- a/providers/implementations/kdfs/krb5kdf.c
+++ b/providers/implementations/kdfs/krb5kdf.c
@@ -98,6 +98,7 @@ static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len,
{
OPENSSL_clear_free(*dst, *dst_len);
*dst = NULL;
+ *dst_len = 0;
return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
}
diff --git a/providers/implementations/kdfs/pbkdf1.c b/providers/implementations/kdfs/pbkdf1.c
index c93ff9b3eb..b9b164c4e2 100644
--- a/providers/implementations/kdfs/pbkdf1.c
+++ b/providers/implementations/kdfs/pbkdf1.c
@@ -134,13 +134,15 @@ static int kdf_pbkdf1_set_membuf(unsigned char **buffer, size_t *buflen,
const OSSL_PARAM *p)
{
OPENSSL_clear_free(*buffer, *buflen);
+ *buffer = NULL;
+ *buflen = 0;
+
if (p->data_size == 0) {
if ((*buffer = OPENSSL_malloc(1)) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return 0;
}
} else if (p->data != NULL) {
- *buffer = NULL;
if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
return 0;
}
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
index 16acf300ea..b9e865f8ec 100644
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -126,13 +126,15 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen,
const OSSL_PARAM *p)
{
OPENSSL_clear_free(*buffer, *buflen);
+ *buffer = NULL;
+ *buflen = 0;
+
if (p->data_size == 0) {
if ((*buffer = OPENSSL_malloc(1)) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return 0;
}
} else if (p->data != NULL) {
- *buffer = NULL;
if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
return 0;
}
diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c
index 7f461fe022..a29a618ee8 100644
--- a/providers/implementations/kdfs/pkcs12kdf.c
+++ b/providers/implementations/kdfs/pkcs12kdf.c
@@ -182,13 +182,15 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen,
const OSSL_PARAM *p)
{
OPENSSL_clear_free(*buffer, *buflen);
+ *buffer = NULL;
+ *buflen = 0;
+
if (p->data_size == 0) {
if ((*buffer = OPENSSL_malloc(1)) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return 0;
}
} else if (p->data != NULL) {
- *buffer = NULL;
if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
return 0;
}
diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c
index 2bbea0c7cc..a7072f785f 100644
--- a/providers/implementations/kdfs/scrypt.c
+++ b/providers/implementations/kdfs/scrypt.c
@@ -108,13 +108,15 @@ static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen,
const OSSL_PARAM *p)
{
OPENSSL_clear_free(*buffer, *buflen);
+ *buffer = NULL;
+ *buflen = 0;
+
if (p->data_size == 0) {
if ((*buffer = OPENSSL_malloc(1)) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return 0;
}
} else if (p->data != NULL) {
- *buffer = NULL;
if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
return 0;
}
diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c
index 93a7a64fb5..be23c2143d 100644
--- a/providers/implementations/kdfs/sshkdf.c
+++ b/providers/implementations/kdfs/sshkdf.c
@@ -91,6 +91,7 @@ static int sshkdf_set_membuf(unsigned char **dst, size_t *dst_len,
{
OPENSSL_clear_free(*dst, *dst_len);
*dst = NULL;
+ *dst_len = 0;
return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
}
More information about the openssl-commits
mailing list