Inicio Explorar Ayuda
Iniciar sesión
OWEALs
/
openssl
espejo de git://git.openssl.org/openssl.git
2
0
Fork 0
Archivos Incidencias 1 Wiki
Explorar el Código

Remove OPENSSL_assert() from crypto/pem

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3740)
Matt Caswell hace 7 años
padre
7d248ee0ae
commit
e40ada04f4
Se han modificado 2 ficheros con 16 adiciones y 10 borrados
Dividir vista Mostrar estadísticas de diff
  1. 8 5
      crypto/pem/pem_info.c
  2. 8 5
      crypto/pem/pem_lib.c

+ 8 - 5
crypto/pem/pem_info.c
Ver fichero 

@@ -256,7 +256,13 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 
 
     if (enc != NULL) {
 
         objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
 
-        if (objstr == NULL) {
 
+        if (objstr == NULL
 
+                   /*
 
+                    * Check "Proc-Type: 4,Encrypted\nDEK-Info: objstr,hex-iv\n"
 
+                    * fits into buf
 
+                    */
 
+                || (strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13)
 
+                   > sizeof(buf)) {
 
             PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
 
             goto err;
 
         }
 
@@ -291,10 +297,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 
                 goto err;
 
             }
 
 
-            /* create the right magic header stuff */
 
-            OPENSSL_assert(strlen(objstr) + 23
 
-                           + 2 * EVP_CIPHER_iv_length(enc) + 13 <=
 
-                           sizeof buf);
 
+            /* Create the right magic header stuff */ 
             buf[0] = '\0';
 
             PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
 
             PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc),

+ 8 - 5
crypto/pem/pem_lib.c
Ver fichero 

@@ -324,7 +324,14 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
 
 
     if (enc != NULL) {
 
         objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
 
-        if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) {
 
+        if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0
 
+                || EVP_CIPHER_iv_length(enc) > (int)sizeof(iv)
 
+                   /*
 
+                    * Check "Proc-Type: 4,Encrypted\nDEK-Info: objstr,hex-iv\n"
 
+                    * fits into buf
 
+                    */
 
+                || (strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13)
 
+                   > sizeof(buf)) {
 
             PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
 
             goto err;
 
         }
 
@@ -361,7 +368,6 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
 
 #endif
 
             kstr = (unsigned char *)buf;
 
         }
 
-        OPENSSL_assert(EVP_CIPHER_iv_length(enc) <= (int)sizeof(iv));
 
         if (RAND_bytes(iv, EVP_CIPHER_iv_length(enc)) <= 0) /* Generate a salt */
 
             goto err;
 
         /*
 
@@ -374,9 +380,6 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
 
         if (kstr == (unsigned char *)buf)
 
             OPENSSL_cleanse(buf, PEM_BUFSIZE);
 
 
-        OPENSSL_assert(strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13
 
-                       <= sizeof buf);
 
-
 
         buf[0] = '\0';
 
         PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
 
         PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), (char *)iv);