The branch master has been updated via 7f90026b3fca9cfd3d9098d358d949d37509a2e5 (commit) from 4718326a46ad460fefc5cc240a8599af4b5993c7 (commit)
- Log ----------------------------------------------------------------- commit 7f90026b3fca9cfd3d9098d358d949d37509a2e5 Author: Dr. David von Oheimb <david.von.ohe...@siemens.com> Date: Thu Jan 21 12:36:58 2021 +0100 Handle NULL result of ERR_reason_error_string() in some apps Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13920) ----------------------------------------------------------------------- Summary of changes: apps/pkey.c | 11 ++--------- apps/pkeyparam.c | 10 ++-------- apps/rsa.c | 13 +++---------- crypto/bio/b_sock2.c | 2 +- crypto/cmp/cmp_util.c | 25 ++++++++++++++++++++----- test/cmp_ctx_test.c | 6 +++--- 6 files changed, 31 insertions(+), 36 deletions(-) diff --git a/apps/pkey.c b/apps/pkey.c index 1a53447401..5cf0abe04b 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -258,15 +258,8 @@ int pkey_main(int argc, char **argv) * Note: at least for RSA keys if this function returns * -1, there will be no error reasons. */ - unsigned long err; - - BIO_printf(out, "Key is invalid\n"); - - while ((err = ERR_peek_error()) != 0) { - BIO_printf(out, "Detailed error: %s\n", - ERR_reason_error_string(err)); - ERR_get_error(); /* remove err from error stack */ - } + BIO_printf(bio_err, "Key is invalid\n"); + ERR_print_errors(bio_err); goto end; } } diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c index 42de552753..ef1a082d62 100644 --- a/apps/pkeyparam.c +++ b/apps/pkeyparam.c @@ -52,7 +52,6 @@ int pkeyparam_main(int argc, char **argv) int text = 0, noout = 0, ret = EXIT_FAILURE, check = 0, r; OPTION_CHOICE o; char *infile = NULL, *outfile = NULL, *prog; - unsigned long err; prog = opt_init(argc, argv, pkeyparam_options); while ((o = opt_next()) != OPT_EOF) { @@ -125,13 +124,8 @@ int pkeyparam_main(int argc, char **argv) * Note: at least for RSA keys if this function returns * -1, there will be no error reasons. */ - BIO_printf(out, "Parameters are invalid\n"); - - while ((err = ERR_peek_error()) != 0) { - BIO_printf(out, "Detailed error: %s\n", - ERR_reason_error_string(err)); - ERR_get_error(); /* remove err from error stack */ - } + BIO_printf(bio_err, "Parameters are invalid\n"); + ERR_print_errors(bio_err); goto end; } } diff --git a/apps/rsa.c b/apps/rsa.c index 499013bae4..251f84f210 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -259,7 +259,7 @@ int rsa_main(int argc, char **argv) pctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL); if (pctx == NULL) { - BIO_printf(out, "RSA unable to create PKEY context\n"); + BIO_printf(bio_err, "RSA unable to create PKEY context\n"); ERR_print_errors(bio_err); goto end; } @@ -269,15 +269,8 @@ int rsa_main(int argc, char **argv) if (r == 1) { BIO_printf(out, "RSA key ok\n"); } else if (r == 0) { - unsigned long err; - - while ((err = ERR_peek_error()) != 0 && - ERR_GET_LIB(err) == ERR_LIB_RSA && - ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) { - BIO_printf(out, "RSA key error: %s\n", - ERR_reason_error_string(err)); - ERR_get_error(); /* remove err from error stack */ - } + BIO_printf(bio_err, "RSA key not ok\n"); + ERR_print_errors(bio_err); } else if (r == -1) { ERR_print_errors(bio_err); goto end; diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c index c9f7c2cfe5..1817d9dd0f 100644 --- a/crypto/bio/b_sock2.c +++ b/crypto/bio/b_sock2.c @@ -175,7 +175,7 @@ int BIO_bind(int sock, const BIO_ADDR *addr, int options) # endif if (bind(sock, BIO_ADDR_sockaddr(addr), BIO_ADDR_sockaddr_size(addr)) != 0) { - ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(), + ERR_raise_data(ERR_LIB_SYS, get_last_socket_error() /* may be 0 */, "calling bind()"); ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_BIND_SOCKET); return 0; diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c index d246047943..81c7d02d88 100644 --- a/crypto/cmp/cmp_util.c +++ b/crypto/cmp/cmp_util.c @@ -155,12 +155,27 @@ void OSSL_CMP_print_errors_cb(OSSL_CMP_log_cb_t log_fn) while ((err = ERR_get_error_all(&file, &line, &func, &data, &flags)) != 0) { const char *component = improve_location_name(func, ERR_lib_error_string(err)); + unsigned long reason = ERR_GET_REASON(err); + const char *rs = NULL; + char rsbuf[256]; + +#ifndef OPENSSL_NO_ERR + if (ERR_SYSTEM_ERROR(err)) { + if (openssl_strerror_r(reason, rsbuf, sizeof(rsbuf))) + rs = rsbuf; + } else { + rs = ERR_reason_error_string(err); + } +#endif + if (rs == NULL) { + BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", reason); + rs = rsbuf; + } + if (data != NULL && (flags & ERR_TXT_STRING) != 0) + BIO_snprintf(msg, sizeof(msg), "%s:%s", rs, data); + else + BIO_snprintf(msg, sizeof(msg), "%s", rs); - if (!(flags & ERR_TXT_STRING)) - data = NULL; - BIO_snprintf(msg, sizeof(msg), "%s%s%s", ERR_reason_error_string(err), - data == NULL || *data == '\0' ? "" : " : ", - data == NULL ? "" : data); if (log_fn == NULL) { #ifndef OPENSSL_NO_STDIO BIO *bio = BIO_new_fp(stderr, BIO_NOCLOSE); diff --git a/test/cmp_ctx_test.c b/test/cmp_ctx_test.c index 3ea3013abe..e841f029ce 100644 --- a/test/cmp_ctx_test.c +++ b/test/cmp_ctx_test.c @@ -158,8 +158,8 @@ static int execute_CTX_print_errors_test(OSSL_CMP_CTX_TEST_FIXTURE *fixture) ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); base_err_msg_size += strlen("NULL_ARGUMENT"); expected_size = base_err_msg_size; - ossl_cmp_add_error_data("data1"); /* should prepend separator " : " */ - expected_size += strlen(" : " "data1"); + ossl_cmp_add_error_data("data1"); /* should prepend separator ":" */ + expected_size += strlen(":" "data1"); ossl_cmp_add_error_data("data2"); /* should prepend separator " : " */ expected_size += strlen(" : " "data2"); ossl_cmp_add_error_line("new line"); /* should prepend separator "\n" */ @@ -169,7 +169,7 @@ static int execute_CTX_print_errors_test(OSSL_CMP_CTX_TEST_FIXTURE *fixture) res = 0; ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS); - base_err_msg_size = strlen("INVALID_ARGS") + strlen(" : "); + base_err_msg_size = strlen("INVALID_ARGS") + strlen(":"); expected_size = base_err_msg_size; while (expected_size < 4096) { /* force split */ ERR_add_error_txt(STR_SEP, max_str_literal);