Hello,
Regarding openssl 0.9.7:
When using OPENSSL_DES_LIBDES_COMPATIBILITY, I noticed that
`des_read_pw_string' was not functioning. I tracked this down to a
bug in crypto/ui/ui_lib.c:general_allocate_string().
Callers of general_allocate_string (including ultimately
UI_UTIL_read_pw, which is used to implement des_read_pw_string) expect
it to return 0 for success, or non-zero for failure. However, the
return code is mishandled here:
164 static int general_allocate_string(UI *ui, const char *prompt,
[...]
168 int ret = -1;
[...]
179 ret=sk_UI_STRING_push(ui->strings, s);
180 /* sk_push() returns 0 on error. Let's addapt that */
181 if (ret <= 0) ret--;
sk_UI_STRING_push returns 0 on error, or a positive integer
for success. Therefore, if sk_UI_STRING_push succeeds,
general_allocate_string returns a positive integer, which does not
match what callers expect.
This is the simple fix I applied locally (note the same issue exists
in general_allocate_boolean).
--- ui_lib.c Wed Dec 4 18:04:40 2002
+++ ui_lib.c Sun Jan 12 09:04:16 2003
@@ -178,7 +178,7 @@
s->_.string_data.test_buf=test_buf;
ret=sk_UI_STRING_push(ui->strings, s);
/* sk_push() returns 0 on error. Let's addapt that */
- if (ret <= 0) ret--;
+ ret = (ret == 0) ? -1 : 0;
}
else
free_string(s);
@@ -228,7 +228,7 @@
ret=sk_UI_STRING_push(ui->strings, s);
/* sk_push() returns 0 on error.
Let's addapt that */
- if (ret <= 0) ret--;
+ ret = (ret == 0) ? -1 : 0;
}
else
free_string(s);
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
