summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorFdaSilvaYY <fdasilvayy@gmail.com>2016-05-09 18:42:58 +0200
committerRich Salz <rsalz@openssl.org>2016-07-20 07:35:38 +0200
commitf6c460e8f69e90fdb87129bb70951ced89c7906f (patch)
tree63966a5b1ea5339f1f81f19d0eae5f484c6987d7 /apps
parentSimplify code related to tmp_email_dn. (diff)
downloadopenssl-f6c460e8f69e90fdb87129bb70951ced89c7906f.tar.xz
openssl-f6c460e8f69e90fdb87129bb70951ced89c7906f.zip
Fix double calls to strlen
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1284)
Diffstat (limited to 'apps')
-rw-r--r--apps/ca.c13
-rw-r--r--apps/enc.c6
-rw-r--r--apps/passwd.c22
3 files changed, 26 insertions, 15 deletions
diff --git a/apps/ca.c b/apps/ca.c
index 444e454df8..91006cf97c 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -2137,27 +2137,28 @@ static int get_certificate_status(const char *serial, CA_DB *db)
{
char *row[DB_NUMBER], **rrow;
int ok = -1, i;
+ size_t serial_len = strlen(serial);
/* Free Resources */
for (i = 0; i < DB_NUMBER; i++)
row[i] = NULL;
/* Malloc needed char spaces */
- row[DB_serial] = app_malloc(strlen(serial) + 2, "row serial#");
+ row[DB_serial] = app_malloc(serial_len + 2, "row serial#");
- if (strlen(serial) % 2) {
+ if (serial_len % 2) {
/*
* Set the first char to 0
*/ ;
row[DB_serial][0] = '0';
/* Copy String from serial to row[DB_serial] */
- memcpy(row[DB_serial] + 1, serial, strlen(serial));
- row[DB_serial][strlen(serial) + 1] = '\0';
+ memcpy(row[DB_serial] + 1, serial, serial_len);
+ row[DB_serial][serial_len + 1] = '\0';
} else {
/* Copy String from serial to row[DB_serial] */
- memcpy(row[DB_serial], serial, strlen(serial));
- row[DB_serial][strlen(serial)] = '\0';
+ memcpy(row[DB_serial], serial, serial_len);
+ row[DB_serial][serial_len] = '\0';
}
/* Make it Upper Case */
diff --git a/apps/enc.c b/apps/enc.c
index 403d14e800..10ab15af27 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -382,6 +382,8 @@ int enc_main(int argc, char **argv)
* output BIO. If decrypting read salt from input BIO.
*/
unsigned char *sptr;
+ size_t str_len = strlen(str);
+
if (nosalt)
sptr = NULL;
else {
@@ -421,7 +423,7 @@ int enc_main(int argc, char **argv)
if (!EVP_BytesToKey(cipher, dgst, sptr,
(unsigned char *)str,
- strlen(str), 1, key, iv)) {
+ str_len, 1, key, iv)) {
BIO_printf(bio_err, "EVP_BytesToKey failed\n");
goto end;
}
@@ -432,7 +434,7 @@ int enc_main(int argc, char **argv)
if (str == strbuf)
OPENSSL_cleanse(str, SIZE);
else
- OPENSSL_cleanse(str, strlen(str));
+ OPENSSL_cleanse(str, str_len);
}
if (hiv != NULL) {
int siz = EVP_CIPHER_iv_length(cipher);
diff --git a/apps/passwd.c b/apps/passwd.c
index 8404d8cc7a..3ae8f96471 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -288,26 +288,35 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
int n;
unsigned int i;
EVP_MD_CTX *md = NULL, *md2 = NULL;
- size_t passwd_len, salt_len;
+ size_t passwd_len, salt_len, magic_len;
passwd_len = strlen(passwd);
out_buf[0] = '$';
out_buf[1] = 0;
- assert(strlen(magic) <= 4); /* "1" or "apr1" */
+ magic_len = strlen(magic);
+
+ if (magic_len > 4) /* assert it's "1" or "apr1" */
+ return NULL;
+
OPENSSL_strlcat(out_buf, magic, sizeof out_buf);
OPENSSL_strlcat(out_buf, "$", sizeof out_buf);
OPENSSL_strlcat(out_buf, salt, sizeof out_buf);
- assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
- salt_out = out_buf + 2 + strlen(magic);
+
+ if (strlen(out_buf) > 6 + 8); /* assert "$apr1$..salt.." */
+ return NULL;
+
+ salt_out = out_buf + 2 + magic_len;
salt_len = strlen(salt_out);
- assert(salt_len <= 8);
+
+ if (salt_len > 8)
+ return NULL;
md = EVP_MD_CTX_new();
if (md == NULL
|| !EVP_DigestInit_ex(md, EVP_md5(), NULL)
|| !EVP_DigestUpdate(md, passwd, passwd_len)
|| !EVP_DigestUpdate(md, "$", 1)
- || !EVP_DigestUpdate(md, magic, strlen(magic))
+ || !EVP_DigestUpdate(md, magic, magic_len)
|| !EVP_DigestUpdate(md, "$", 1)
|| !EVP_DigestUpdate(md, salt_out, salt_len))
@@ -365,7 +374,6 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
{
/* transform buf into output string */
-
unsigned char buf_perm[sizeof buf];
int dest, source;
char *output;