diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2023-05-13 09:04:18 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-05-17 12:09:23 +0200 |
| commit | 0f90c4de9f58070a423003ec6b34ef1a9a670ec9 (patch) | |
| tree | 427e98baa69694dae1f010fccee413bef2576bdf | |
| parent | 8ddacec11481a37302c19f4454e23299af399f83 (diff) | |
| download | openssl-new-OpenSSL_1_1_1-stable.tar.gz | |
Fix stack corruption in ui_readOpenSSL_1_1_1-stable
This is an alternative to #20893
Additionally this fixes also a possible issue in UI_UTIL_read_pw:
When UI_new returns NULL, the result code would still be zero
as if UI_UTIL_read_pw succeeded, but the password buffer is left
uninitialized, with subsequent possible stack corruption or worse.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20957)
(cherry picked from commit a64c48cff88e032cf9513578493c4536df725a22)
| -rw-r--r-- | crypto/ui/ui_lib.c | 4 | ||||
| -rw-r--r-- | crypto/ui/ui_util.c | 4 |
2 files changed, 5 insertions, 3 deletions
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c index 49cc45057c..daf11c7a0d 100644 --- a/crypto/ui/ui_lib.c +++ b/crypto/ui/ui_lib.c @@ -529,6 +529,10 @@ int UI_process(UI *ui) ok = 0; break; } + } else { + ui->flags &= ~UI_FLAG_REDOABLE; + ok = -2; + goto err; } } diff --git a/crypto/ui/ui_util.c b/crypto/ui/ui_util.c index 32a3c4e38d..e582252da6 100644 --- a/crypto/ui/ui_util.c +++ b/crypto/ui/ui_util.c @@ -32,7 +32,7 @@ int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt, int verify) { - int ok = 0; + int ok = -2; UI *ui; if (size < 1) @@ -47,8 +47,6 @@ int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt, ok = UI_process(ui); UI_free(ui); } - if (ok > 0) - ok = 0; return ok; } |