File: | src/lib/libcrypto/asn1/a_string.c |
Warning: | line 373, column 16 Array access (from variable 's') results in a null pointer dereference |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: a_string.c,v 1.4 2021/12/25 13:17:48 jsing Exp $ */ | ||||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||||
3 | * All rights reserved. | ||||
4 | * | ||||
5 | * This package is an SSL implementation written | ||||
6 | * by Eric Young (eay@cryptsoft.com). | ||||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||||
8 | * | ||||
9 | * This library is free for commercial and non-commercial use as long as | ||||
10 | * the following conditions are aheared to. The following conditions | ||||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||||
13 | * included with this distribution is covered by the same copyright terms | ||||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||||
15 | * | ||||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||||
17 | * the code are not to be removed. | ||||
18 | * If this package is used in a product, Eric Young should be given attribution | ||||
19 | * as the author of the parts of the library used. | ||||
20 | * This can be in the form of a textual message at program startup or | ||||
21 | * in documentation (online or textual) provided with the package. | ||||
22 | * | ||||
23 | * Redistribution and use in source and binary forms, with or without | ||||
24 | * modification, are permitted provided that the following conditions | ||||
25 | * are met: | ||||
26 | * 1. Redistributions of source code must retain the copyright | ||||
27 | * notice, this list of conditions and the following disclaimer. | ||||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||||
29 | * notice, this list of conditions and the following disclaimer in the | ||||
30 | * documentation and/or other materials provided with the distribution. | ||||
31 | * 3. All advertising materials mentioning features or use of this software | ||||
32 | * must display the following acknowledgement: | ||||
33 | * "This product includes cryptographic software written by | ||||
34 | * Eric Young (eay@cryptsoft.com)" | ||||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||||
36 | * being used are not cryptographic related :-). | ||||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||||
38 | * the apps directory (application code) you must include an acknowledgement: | ||||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||||
40 | * | ||||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
51 | * SUCH DAMAGE. | ||||
52 | * | ||||
53 | * The licence and distribution terms for any publically available version or | ||||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||||
55 | * copied and put under another distribution licence | ||||
56 | * [including the GNU Public Licence.] | ||||
57 | */ | ||||
58 | |||||
59 | #include <stdio.h> | ||||
60 | #include <string.h> | ||||
61 | |||||
62 | #include <openssl/asn1.h> | ||||
63 | #include <openssl/buffer.h> | ||||
64 | #include <openssl/err.h> | ||||
65 | |||||
66 | #include "asn1_locl.h" | ||||
67 | |||||
68 | ASN1_STRING * | ||||
69 | ASN1_STRING_new(void) | ||||
70 | { | ||||
71 | return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING4)); | ||||
72 | } | ||||
73 | |||||
74 | ASN1_STRING * | ||||
75 | ASN1_STRING_type_new(int type) | ||||
76 | { | ||||
77 | ASN1_STRING *a; | ||||
78 | |||||
79 | if ((a = calloc(1, sizeof(ASN1_STRING))) == NULL((void*)0)) { | ||||
80 | ASN1error(ERR_R_MALLOC_FAILURE)ERR_put_error(13,(0xfff),((1|64)),"/usr/src/lib/libcrypto/asn1/a_string.c" ,80); | ||||
81 | return NULL((void*)0); | ||||
82 | } | ||||
83 | a->type = type; | ||||
84 | |||||
85 | return a; | ||||
86 | } | ||||
87 | |||||
88 | void | ||||
89 | ASN1_STRING_free(ASN1_STRING *a) | ||||
90 | { | ||||
91 | if (a == NULL((void*)0)) | ||||
92 | return; | ||||
93 | if (a->data != NULL((void*)0) && !(a->flags & ASN1_STRING_FLAG_NDEF0x010)) | ||||
94 | freezero(a->data, a->length); | ||||
95 | free(a); | ||||
96 | } | ||||
97 | |||||
98 | int | ||||
99 | ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) | ||||
100 | { | ||||
101 | int cmp; | ||||
102 | |||||
103 | if (a == NULL((void*)0) || b == NULL((void*)0)) | ||||
104 | return -1; | ||||
105 | if ((cmp = (a->length - b->length)) != 0) | ||||
106 | return cmp; | ||||
107 | if ((cmp = memcmp(a->data, b->data, a->length)) != 0) | ||||
108 | return cmp; | ||||
109 | |||||
110 | return (a->type - b->type); | ||||
111 | } | ||||
112 | |||||
113 | int | ||||
114 | ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) | ||||
115 | { | ||||
116 | if (str == NULL((void*)0)) | ||||
117 | return 0; | ||||
118 | if (!ASN1_STRING_set(dst, str->data, str->length)) | ||||
119 | return 0; | ||||
120 | dst->type = str->type; | ||||
121 | dst->flags = str->flags; | ||||
122 | return 1; | ||||
123 | } | ||||
124 | |||||
125 | ASN1_STRING * | ||||
126 | ASN1_STRING_dup(const ASN1_STRING *str) | ||||
127 | { | ||||
128 | ASN1_STRING *ret; | ||||
129 | |||||
130 | if (!str) | ||||
131 | return NULL((void*)0); | ||||
132 | ret = ASN1_STRING_new(); | ||||
133 | if (!ret) | ||||
134 | return NULL((void*)0); | ||||
135 | if (!ASN1_STRING_copy(ret, str)) { | ||||
136 | ASN1_STRING_free(ret); | ||||
137 | return NULL((void*)0); | ||||
138 | } | ||||
139 | return ret; | ||||
140 | } | ||||
141 | |||||
142 | int | ||||
143 | ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) | ||||
144 | { | ||||
145 | const char *data = _data; | ||||
146 | |||||
147 | if (len < 0) { | ||||
148 | if (data == NULL((void*)0)) | ||||
149 | return (0); | ||||
150 | else | ||||
151 | len = strlen(data); | ||||
152 | } | ||||
153 | if ((str->length < len) || (str->data == NULL((void*)0))) { | ||||
154 | unsigned char *tmp; | ||||
155 | tmp = realloc(str->data, len + 1); | ||||
156 | if (tmp == NULL((void*)0)) { | ||||
157 | ASN1error(ERR_R_MALLOC_FAILURE)ERR_put_error(13,(0xfff),((1|64)),"/usr/src/lib/libcrypto/asn1/a_string.c" ,157); | ||||
158 | return (0); | ||||
159 | } | ||||
160 | str->data = tmp; | ||||
161 | } | ||||
162 | str->length = len; | ||||
163 | if (data != NULL((void*)0)) { | ||||
164 | memmove(str->data, data, len); | ||||
165 | } | ||||
166 | str->data[str->length] = '\0'; | ||||
167 | return (1); | ||||
168 | } | ||||
169 | |||||
170 | void | ||||
171 | ASN1_STRING_set0(ASN1_STRING *str, void *data, int len) | ||||
172 | { | ||||
173 | freezero(str->data, str->length); | ||||
174 | str->data = data; | ||||
175 | str->length = len; | ||||
176 | } | ||||
177 | |||||
178 | void | ||||
179 | asn1_add_error(const unsigned char *address, int offset) | ||||
180 | { | ||||
181 | ERR_asprintf_error_data("offset=%d", offset); | ||||
182 | } | ||||
183 | |||||
184 | int | ||||
185 | ASN1_STRING_length(const ASN1_STRING *x) | ||||
186 | { | ||||
187 | return (x->length); | ||||
188 | } | ||||
189 | |||||
190 | void | ||||
191 | ASN1_STRING_length_set(ASN1_STRING *x, int len) | ||||
192 | { | ||||
193 | x->length = len; | ||||
194 | } | ||||
195 | |||||
196 | int | ||||
197 | ASN1_STRING_type(const ASN1_STRING *x) | ||||
198 | { | ||||
199 | return (x->type); | ||||
200 | } | ||||
201 | |||||
202 | unsigned char * | ||||
203 | ASN1_STRING_data(ASN1_STRING *x) | ||||
204 | { | ||||
205 | return (x->data); | ||||
206 | } | ||||
207 | |||||
208 | const unsigned char * | ||||
209 | ASN1_STRING_get0_data(const ASN1_STRING *x) | ||||
210 | { | ||||
211 | return (x->data); | ||||
212 | } | ||||
213 | |||||
214 | int | ||||
215 | ASN1_STRING_print(BIO *bp, const ASN1_STRING *v) | ||||
216 | { | ||||
217 | int i, n; | ||||
218 | char buf[80]; | ||||
219 | const char *p; | ||||
220 | |||||
221 | if (v == NULL((void*)0)) | ||||
222 | return (0); | ||||
223 | n = 0; | ||||
224 | p = (const char *)v->data; | ||||
225 | for (i = 0; i < v->length; i++) { | ||||
226 | if ((p[i] > '~') || ((p[i] < ' ') && | ||||
227 | (p[i] != '\n') && (p[i] != '\r'))) | ||||
228 | buf[n] = '.'; | ||||
229 | else | ||||
230 | buf[n] = p[i]; | ||||
231 | n++; | ||||
232 | if (n >= 80) { | ||||
233 | if (BIO_write(bp, buf, n) <= 0) | ||||
234 | return (0); | ||||
235 | n = 0; | ||||
236 | } | ||||
237 | } | ||||
238 | if (n > 0) | ||||
239 | if (BIO_write(bp, buf, n) <= 0) | ||||
240 | return (0); | ||||
241 | return (1); | ||||
242 | } | ||||
243 | |||||
244 | /* | ||||
245 | * Utility function: convert any string type to UTF8, returns number of bytes | ||||
246 | * in output string or a negative error code | ||||
247 | */ | ||||
248 | int | ||||
249 | ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in) | ||||
250 | { | ||||
251 | ASN1_STRING stmp, *str = &stmp; | ||||
252 | int mbflag, ret; | ||||
253 | |||||
254 | if (!in) | ||||
255 | return -1; | ||||
256 | |||||
257 | if ((mbflag = asn1_tag2charwidth(in->type)) == -1) | ||||
258 | return -1; | ||||
259 | mbflag |= MBSTRING_FLAG0x1000; | ||||
260 | |||||
261 | stmp.data = NULL((void*)0); | ||||
262 | stmp.length = 0; | ||||
263 | ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, | ||||
264 | B_ASN1_UTF8STRING0x2000); | ||||
265 | if (ret < 0) | ||||
266 | return ret; | ||||
267 | *out = stmp.data; | ||||
268 | return stmp.length; | ||||
269 | } | ||||
270 | |||||
271 | int | ||||
272 | i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type) | ||||
273 | { | ||||
274 | int i, n = 0; | ||||
275 | static const char h[] = "0123456789ABCDEF"; | ||||
276 | char buf[2]; | ||||
277 | |||||
278 | if (a == NULL((void*)0)) | ||||
279 | return (0); | ||||
280 | |||||
281 | if (a->length == 0) { | ||||
282 | if (BIO_write(bp, "0", 1) != 1) | ||||
283 | goto err; | ||||
284 | n = 1; | ||||
285 | } else { | ||||
286 | for (i = 0; i < a->length; i++) { | ||||
287 | if ((i != 0) && (i % 35 == 0)) { | ||||
288 | if (BIO_write(bp, "\\\n", 2) != 2) | ||||
289 | goto err; | ||||
290 | n += 2; | ||||
291 | } | ||||
292 | buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f]; | ||||
293 | buf[1] = h[((unsigned char)a->data[i]) & 0x0f]; | ||||
294 | if (BIO_write(bp, buf, 2) != 2) | ||||
295 | goto err; | ||||
296 | n += 2; | ||||
297 | } | ||||
298 | } | ||||
299 | return (n); | ||||
300 | |||||
301 | err: | ||||
302 | return (-1); | ||||
303 | } | ||||
304 | |||||
305 | int | ||||
306 | a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) | ||||
307 | { | ||||
308 | int ret = 0; | ||||
309 | int i, j, k, m, n, again, bufsize; | ||||
310 | unsigned char *s = NULL((void*)0), *sp; | ||||
| |||||
311 | unsigned char *bufp; | ||||
312 | int first = 1; | ||||
313 | size_t num = 0, slen = 0; | ||||
314 | |||||
315 | bufsize = BIO_gets(bp, buf, size); | ||||
316 | for (;;) { | ||||
317 | if (bufsize < 1) { | ||||
318 | if (first) | ||||
319 | break; | ||||
320 | else | ||||
321 | goto err_sl; | ||||
322 | } | ||||
323 | first = 0; | ||||
324 | |||||
325 | i = bufsize; | ||||
326 | if (buf[i-1] == '\n') | ||||
327 | buf[--i] = '\0'; | ||||
328 | if (i
| ||||
329 | goto err_sl; | ||||
330 | if (buf[i-1] == '\r') | ||||
331 | buf[--i] = '\0'; | ||||
332 | if (i
| ||||
333 | goto err_sl; | ||||
334 | if (buf[i - 1] == '\\') { | ||||
335 | i--; | ||||
336 | again = 1; | ||||
337 | } else | ||||
338 | again = 0; | ||||
339 | buf[i] = '\0'; | ||||
340 | if (i < 2) | ||||
341 | goto err_sl; | ||||
342 | |||||
343 | bufp = (unsigned char *)buf; | ||||
344 | |||||
345 | k = 0; | ||||
346 | if (i % 2 != 0) { | ||||
347 | ASN1error(ASN1_R_ODD_NUMBER_OF_CHARS)ERR_put_error(13,(0xfff),(145),"/usr/src/lib/libcrypto/asn1/a_string.c" ,347); | ||||
348 | goto err; | ||||
349 | } | ||||
350 | i /= 2; | ||||
351 | if (num + i > slen) { | ||||
352 | sp = realloc(s, num + i); | ||||
353 | if (sp == NULL((void*)0)) { | ||||
354 | ASN1error(ERR_R_MALLOC_FAILURE)ERR_put_error(13,(0xfff),((1|64)),"/usr/src/lib/libcrypto/asn1/a_string.c" ,354); | ||||
355 | goto err; | ||||
356 | } | ||||
357 | s = sp; | ||||
358 | slen = num + i; | ||||
359 | } | ||||
360 | for (j = 0; j
| ||||
361 | for (n = 0; n < 2; n++) { | ||||
362 | m = bufp[k + n]; | ||||
363 | if ((m >= '0') && (m <= '9')) | ||||
364 | m -= '0'; | ||||
365 | else if ((m >= 'a') && (m <= 'f')) | ||||
366 | m = m - 'a' + 10; | ||||
367 | else if ((m >= 'A') && (m <= 'F')) | ||||
368 | m = m - 'A' + 10; | ||||
369 | else { | ||||
370 | ASN1error(ASN1_R_NON_HEX_CHARACTERS)ERR_put_error(13,(0xfff),(141),"/usr/src/lib/libcrypto/asn1/a_string.c" ,370); | ||||
371 | goto err; | ||||
372 | } | ||||
373 | s[num + j] <<= 4; | ||||
| |||||
374 | s[num + j] |= m; | ||||
375 | } | ||||
376 | } | ||||
377 | num += i; | ||||
378 | if (again
| ||||
379 | bufsize = BIO_gets(bp, buf, size); | ||||
380 | else | ||||
381 | break; | ||||
382 | } | ||||
383 | bs->length = num; | ||||
384 | bs->data = s; | ||||
385 | return (1); | ||||
386 | |||||
387 | err_sl: | ||||
388 | ASN1error(ASN1_R_SHORT_LINE)ERR_put_error(13,(0xfff),(150),"/usr/src/lib/libcrypto/asn1/a_string.c" ,388); | ||||
389 | err: | ||||
390 | free(s); | ||||
391 | return (ret); | ||||
392 | } |