The branch OpenSSL_1_1_0-stable has been updated via fac8e70de383861315b1fd1ee64193c794f1d9ca (commit) from b066ef30585bdb051f9aae84d3b5a5df402c43b7 (commit)
- Log ----------------------------------------------------------------- commit fac8e70de383861315b1fd1ee64193c794f1d9ca Author: Richard Levitte <levi...@openssl.org> Date: Wed Jul 5 10:26:25 2017 +0200 Fix small UI issues - in EVP_read_pw_string_min(), the return value from UI_add_* wasn't properly checked - in UI_process(), |state| was never made NULL, which means an error when closing the session wouldn't be accurately reported. Reviewed-by: Paul Dale <paul.d...@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3849) (cherry picked from commit b96dba9e5ec7afc355be1eab915f69c8c0d51741) ----------------------------------------------------------------------- Summary of changes: crypto/evp/evp_key.c | 20 +++++++++++--------- crypto/ui/ui_lib.c | 2 ++ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 8a4297c..5201130 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -49,7 +49,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) { - int ret; + int ret = -1; char buff[BUFSIZ]; UI *ui; @@ -57,16 +57,18 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, prompt = prompt_string; ui = UI_new(); if (ui == NULL) - return -1; - UI_add_input_string(ui, prompt, 0, buf, min, - (len >= BUFSIZ) ? BUFSIZ - 1 : len); - if (verify) - UI_add_verify_string(ui, prompt, 0, - buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len, - buf); + return ret; + if (UI_add_input_string(ui, prompt, 0, buf, min, + (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0 + || (verify + && UI_add_verify_string(ui, prompt, 0, buff, min, + (len >= BUFSIZ) ? BUFSIZ - 1 : len, + buf) < 0)) + goto end; ret = UI_process(ui); - UI_free(ui); OPENSSL_cleanse(buff, BUFSIZ); + end: + UI_free(ui); return ret; } #endif /* OPENSSL_NO_UI */ diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c index 24d30e1..464dac4 100644 --- a/crypto/ui/ui_lib.c +++ b/crypto/ui/ui_lib.c @@ -479,6 +479,8 @@ int UI_process(UI *ui) } } } + + state = NULL; err: if (ui->meth->ui_close_session != NULL && ui->meth->ui_close_session(ui) <= 0) { _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits