Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Browse Source

various kdfs: Always reset buflen after clearing the buffer

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17165)
Tomas Mraz 2 years ago
parent
29a27cb2c5
commit
d2217c88df
6 changed files with 14 additions and 4 deletions
Split View Show Diff Stats
  1. 1 0
      providers/implementations/kdfs/krb5kdf.c
  2. 3 1
      providers/implementations/kdfs/pbkdf1.c
  3. 3 1
      providers/implementations/kdfs/pbkdf2.c
  4. 3 1
      providers/implementations/kdfs/pkcs12kdf.c
  5. 3 1
      providers/implementations/kdfs/scrypt.c
  6. 1 0
      providers/implementations/kdfs/sshkdf.c

+ 1 - 0
providers/implementations/kdfs/krb5kdf.c
View File 

@@ -98,6 +98,7 @@ static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len,
 
 {
 
     OPENSSL_clear_free(*dst, *dst_len);
 
     *dst = NULL;
 
+    *dst_len = 0;
 
     return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
 
 }

+ 3 - 1
providers/implementations/kdfs/pbkdf1.c
View File 

@@ -134,13 +134,15 @@ static int kdf_pbkdf1_set_membuf(unsigned char **buffer, size_t *buflen,
 
                              const OSSL_PARAM *p)
 
 {
 
     OPENSSL_clear_free(*buffer, *buflen);
 
+    *buffer = NULL;
 
+    *buflen = 0;
 
+
 
     if (p->data_size == 0) {
 
         if ((*buffer = OPENSSL_malloc(1)) == NULL) {
 
             ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
 
             return 0;
 
         }
 
     } else if (p->data != NULL) {
 
-        *buffer = NULL;
 
         if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
 
             return 0;
 
     }

+ 3 - 1
providers/implementations/kdfs/pbkdf2.c
View File 

@@ -126,13 +126,15 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen,
 
                              const OSSL_PARAM *p)
 
 {
 
     OPENSSL_clear_free(*buffer, *buflen);
 
+    *buffer = NULL;
 
+    *buflen = 0;
 
+
 
     if (p->data_size == 0) {
 
         if ((*buffer = OPENSSL_malloc(1)) == NULL) {
 
             ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
 
             return 0;
 
         }
 
     } else if (p->data != NULL) {
 
-        *buffer = NULL;
 
         if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
 
             return 0;
 
     }

+ 3 - 1
providers/implementations/kdfs/pkcs12kdf.c
View File 

@@ -182,13 +182,15 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen,
 
                              const OSSL_PARAM *p)
 
 {
 
     OPENSSL_clear_free(*buffer, *buflen);
 
+    *buffer = NULL;
 
+    *buflen = 0;
 
+
 
     if (p->data_size == 0) {
 
         if ((*buffer = OPENSSL_malloc(1)) == NULL) {
 
             ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
 
             return 0;
 
         }
 
     } else if (p->data != NULL) {
 
-        *buffer = NULL;
 
         if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
 
             return 0;
 
     }

+ 3 - 1
providers/implementations/kdfs/scrypt.c
View File 

@@ -108,13 +108,15 @@ static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen,
 
                              const OSSL_PARAM *p)
 
 {
 
     OPENSSL_clear_free(*buffer, *buflen);
 
+    *buffer = NULL;
 
+    *buflen = 0;
 
+
 
     if (p->data_size == 0) {
 
         if ((*buffer = OPENSSL_malloc(1)) == NULL) {
 
             ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
 
             return 0;
 
         }
 
     } else if (p->data != NULL) {
 
-        *buffer = NULL;
 
         if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
 
             return 0;
 
     }

+ 1 - 0
providers/implementations/kdfs/sshkdf.c
View File 

@@ -91,6 +91,7 @@ static int sshkdf_set_membuf(unsigned char **dst, size_t *dst_len,
 
 {
 
     OPENSSL_clear_free(*dst, *dst_len);
 
     *dst = NULL;
 
+    *dst_len = 0;
 
     return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
 
 }