summaryrefslogtreecommitdiff
path: root/apps/passwd.c
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2016-06-18 15:46:13 +0100
committerDr. Stephen Henson <steve@openssl.org>2016-07-15 14:09:05 +0100
commitd166ed8c11e10e9fdaeac182effb9dd318843924 (patch)
treefd47ffb1f5d42b121b04d14c1a8f6bdc659637f6 /apps/passwd.c
parent1fc431ba57d12189a9bdacd3999ea2a7b91458d8 (diff)
downloadopenssl-new-d166ed8c11e10e9fdaeac182effb9dd318843924.tar.gz
check return values for EVP_Digest*() APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'apps/passwd.c')
-rw-r--r--apps/passwd.c85
1 files changed, 53 insertions, 32 deletions
diff --git a/apps/passwd.c b/apps/passwd.c
index e2825219c9..8404d8cc7a 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -287,7 +287,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
char *salt_out;
int n;
unsigned int i;
- EVP_MD_CTX *md, *md2;
+ EVP_MD_CTX *md = NULL, *md2 = NULL;
size_t passwd_len, salt_len;
passwd_len = strlen(passwd);
@@ -303,49 +303,65 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
assert(salt_len <= 8);
md = EVP_MD_CTX_new();
- if (md == NULL)
- return NULL;
- EVP_DigestInit_ex(md, EVP_md5(), NULL);
- EVP_DigestUpdate(md, passwd, passwd_len);
- EVP_DigestUpdate(md, "$", 1);
- EVP_DigestUpdate(md, magic, strlen(magic));
- EVP_DigestUpdate(md, "$", 1);
- EVP_DigestUpdate(md, salt_out, salt_len);
+ if (md == NULL
+ || !EVP_DigestInit_ex(md, EVP_md5(), NULL)
+ || !EVP_DigestUpdate(md, passwd, passwd_len)
+ || !EVP_DigestUpdate(md, "$", 1)
+ || !EVP_DigestUpdate(md, magic, strlen(magic))
+ || !EVP_DigestUpdate(md, "$", 1)
+ || !EVP_DigestUpdate(md, salt_out, salt_len))
md2 = EVP_MD_CTX_new();
- if (md2 == NULL)
- return NULL;
- EVP_DigestInit_ex(md2, EVP_md5(), NULL);
- EVP_DigestUpdate(md2, passwd, passwd_len);
- EVP_DigestUpdate(md2, salt_out, salt_len);
- EVP_DigestUpdate(md2, passwd, passwd_len);
- EVP_DigestFinal_ex(md2, buf, NULL);
-
- for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
- EVP_DigestUpdate(md, buf, sizeof buf);
- EVP_DigestUpdate(md, buf, i);
+ if (md2 == NULL
+ || !EVP_DigestInit_ex(md2, EVP_md5(), NULL)
+ || !EVP_DigestUpdate(md2, passwd, passwd_len)
+ || !EVP_DigestUpdate(md2, salt_out, salt_len)
+ || !EVP_DigestUpdate(md2, passwd, passwd_len)
+ || !EVP_DigestFinal_ex(md2, buf, NULL))
+ goto err;
+
+ for (i = passwd_len; i > sizeof buf; i -= sizeof buf) {
+ if (!EVP_DigestUpdate(md, buf, sizeof buf))
+ goto err;
+ }
+ if (!EVP_DigestUpdate(md, buf, i))
+ goto err;
n = passwd_len;
while (n) {
- EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1);
+ if (!EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1))
+ goto err;
n >>= 1;
}
- EVP_DigestFinal_ex(md, buf, NULL);
+ if (!EVP_DigestFinal_ex(md, buf, NULL))
+ return NULL;
for (i = 0; i < 1000; i++) {
- EVP_DigestInit_ex(md2, EVP_md5(), NULL);
- EVP_DigestUpdate(md2, (i & 1) ? (unsigned const char *)passwd : buf,
- (i & 1) ? passwd_len : sizeof buf);
- if (i % 3)
- EVP_DigestUpdate(md2, salt_out, salt_len);
- if (i % 7)
- EVP_DigestUpdate(md2, passwd, passwd_len);
- EVP_DigestUpdate(md2, (i & 1) ? buf : (unsigned const char *)passwd,
- (i & 1) ? sizeof buf : passwd_len);
- EVP_DigestFinal_ex(md2, buf, NULL);
+ if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
+ goto err;
+ if (!EVP_DigestUpdate(md2,
+ (i & 1) ? (unsigned const char *)passwd : buf,
+ (i & 1) ? passwd_len : sizeof buf))
+ goto err;
+ if (i % 3) {
+ if (!EVP_DigestUpdate(md2, salt_out, salt_len))
+ goto err;
+ }
+ if (i % 7) {
+ if (!EVP_DigestUpdate(md2, passwd, passwd_len))
+ goto err;
+ }
+ if (!EVP_DigestUpdate(md2,
+ (i & 1) ? buf : (unsigned const char *)passwd,
+ (i & 1) ? sizeof buf : passwd_len))
+ goto err;
+ if (!EVP_DigestFinal_ex(md2, buf, NULL))
+ goto err;
}
EVP_MD_CTX_free(md2);
EVP_MD_CTX_free(md);
+ md2 = NULL;
+ md = NULL;
{
/* transform buf into output string */
@@ -386,6 +402,11 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
}
return out_buf;
+
+ err:
+ EVP_MD_CTX_free(md2);
+ EVP_MD_CTX_free(md);
+ return NULL;
}
# endif