diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2016-04-09 12:39:30 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-04-13 10:44:06 +1000 |
| commit | dce19bf6e4a2a3d0b13a81224de63fc316461ab9 (patch) | |
| tree | b97a0ac4f71bf5c6d5a6e35bd11396cf02dcd70a | |
| parent | 5f41f030e2feb5295657285aa8c6602c7810bc4b (diff) | |
upstream commit
make private key loading functions consistently handle NULL
key pointer arguments; ok markus@
Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
| -rw-r--r-- | authfile.c | 34 | ||||
| -rw-r--r-- | sshkey.c | 40 |
2 files changed, 46 insertions, 28 deletions
diff --git a/authfile.c b/authfile.c index d67042411..f46b4e37f 100644 --- a/authfile.c +++ b/authfile.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: authfile.c,v 1.120 2015/12/11 04:21:11 mmcc Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.121 2016/04/09 12:39:30 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -147,7 +147,8 @@ sshkey_load_public_rsa1(int fd, struct sshkey **keyp, char **commentp) | |||
| 147 | struct sshbuf *b = NULL; | 147 | struct sshbuf *b = NULL; |
| 148 | int r; | 148 | int r; |
| 149 | 149 | ||
| 150 | *keyp = NULL; | 150 | if (keyp != NULL) |
| 151 | *keyp = NULL; | ||
| 151 | if (commentp != NULL) | 152 | if (commentp != NULL) |
| 152 | *commentp = NULL; | 153 | *commentp = NULL; |
| 153 | 154 | ||
| @@ -200,7 +201,8 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, | |||
| 200 | { | 201 | { |
| 201 | int fd, r; | 202 | int fd, r; |
| 202 | 203 | ||
| 203 | *keyp = NULL; | 204 | if (keyp != NULL) |
| 205 | *keyp = NULL; | ||
| 204 | if (commentp != NULL) | 206 | if (commentp != NULL) |
| 205 | *commentp = NULL; | 207 | *commentp = NULL; |
| 206 | 208 | ||
| @@ -231,6 +233,8 @@ sshkey_load_private_type_fd(int fd, int type, const char *passphrase, | |||
| 231 | struct sshbuf *buffer = NULL; | 233 | struct sshbuf *buffer = NULL; |
| 232 | int r; | 234 | int r; |
| 233 | 235 | ||
| 236 | if (keyp != NULL) | ||
| 237 | *keyp = NULL; | ||
| 234 | if ((buffer = sshbuf_new()) == NULL) { | 238 | if ((buffer = sshbuf_new()) == NULL) { |
| 235 | r = SSH_ERR_ALLOC_FAIL; | 239 | r = SSH_ERR_ALLOC_FAIL; |
| 236 | goto out; | 240 | goto out; |
| @@ -255,7 +259,8 @@ sshkey_load_private(const char *filename, const char *passphrase, | |||
| 255 | struct sshbuf *buffer = NULL; | 259 | struct sshbuf *buffer = NULL; |
| 256 | int r, fd; | 260 | int r, fd; |
| 257 | 261 | ||
| 258 | *keyp = NULL; | 262 | if (keyp != NULL) |
| 263 | *keyp = NULL; | ||
| 259 | if (commentp != NULL) | 264 | if (commentp != NULL) |
| 260 | *commentp = NULL; | 265 | *commentp = NULL; |
| 261 | 266 | ||
| @@ -408,7 +413,8 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) | |||
| 408 | char *file = NULL; | 413 | char *file = NULL; |
| 409 | int r = SSH_ERR_INTERNAL_ERROR; | 414 | int r = SSH_ERR_INTERNAL_ERROR; |
| 410 | 415 | ||
| 411 | *keyp = NULL; | 416 | if (keyp != NULL) |
| 417 | *keyp = NULL; | ||
| 412 | 418 | ||
| 413 | if (asprintf(&file, "%s-cert.pub", filename) == -1) | 419 | if (asprintf(&file, "%s-cert.pub", filename) == -1) |
| 414 | return SSH_ERR_ALLOC_FAIL; | 420 | return SSH_ERR_ALLOC_FAIL; |
| @@ -418,11 +424,12 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) | |||
| 418 | } | 424 | } |
| 419 | if ((r = sshkey_try_load_public(pub, file, NULL)) != 0) | 425 | if ((r = sshkey_try_load_public(pub, file, NULL)) != 0) |
| 420 | goto out; | 426 | goto out; |
| 421 | 427 | /* success */ | |
| 422 | *keyp = pub; | 428 | if (keyp != NULL) { |
| 423 | pub = NULL; | 429 | *keyp = pub; |
| 430 | pub = NULL; | ||
| 431 | } | ||
| 424 | r = 0; | 432 | r = 0; |
| 425 | |||
| 426 | out: | 433 | out: |
| 427 | free(file); | 434 | free(file); |
| 428 | sshkey_free(pub); | 435 | sshkey_free(pub); |
| @@ -437,7 +444,8 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, | |||
| 437 | struct sshkey *key = NULL, *cert = NULL; | 444 | struct sshkey *key = NULL, *cert = NULL; |
| 438 | int r; | 445 | int r; |
| 439 | 446 | ||
| 440 | *keyp = NULL; | 447 | if (keyp != NULL) |
| 448 | *keyp = NULL; | ||
| 441 | 449 | ||
| 442 | switch (type) { | 450 | switch (type) { |
| 443 | #ifdef WITH_OPENSSL | 451 | #ifdef WITH_OPENSSL |
| @@ -467,8 +475,10 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, | |||
| 467 | (r = sshkey_cert_copy(cert, key)) != 0) | 475 | (r = sshkey_cert_copy(cert, key)) != 0) |
| 468 | goto out; | 476 | goto out; |
| 469 | r = 0; | 477 | r = 0; |
| 470 | *keyp = key; | 478 | if (keyp != NULL) { |
| 471 | key = NULL; | 479 | *keyp = key; |
| 480 | key = NULL; | ||
| 481 | } | ||
| 472 | out: | 482 | out: |
| 473 | sshkey_free(key); | 483 | sshkey_free(key); |
| 474 | sshkey_free(cert); | 484 | sshkey_free(cert); |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshkey.c,v 1.31 2015/12/11 04:21:12 mmcc Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.32 2016/04/09 12:39:30 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
| @@ -1966,7 +1966,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
| 1966 | #ifdef DEBUG_PK /* XXX */ | 1966 | #ifdef DEBUG_PK /* XXX */ |
| 1967 | sshbuf_dump(b, stderr); | 1967 | sshbuf_dump(b, stderr); |
| 1968 | #endif | 1968 | #endif |
| 1969 | *keyp = NULL; | 1969 | if (keyp != NULL) |
| 1970 | *keyp = NULL; | ||
| 1970 | if ((copy = sshbuf_fromb(b)) == NULL) { | 1971 | if ((copy = sshbuf_fromb(b)) == NULL) { |
| 1971 | ret = SSH_ERR_ALLOC_FAIL; | 1972 | ret = SSH_ERR_ALLOC_FAIL; |
| 1972 | goto out; | 1973 | goto out; |
| @@ -2121,8 +2122,10 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
| 2121 | goto out; | 2122 | goto out; |
| 2122 | } | 2123 | } |
| 2123 | ret = 0; | 2124 | ret = 0; |
| 2124 | *keyp = key; | 2125 | if (keyp != NULL) { |
| 2125 | key = NULL; | 2126 | *keyp = key; |
| 2127 | key = NULL; | ||
| 2128 | } | ||
| 2126 | out: | 2129 | out: |
| 2127 | sshbuf_free(copy); | 2130 | sshbuf_free(copy); |
| 2128 | sshkey_free(key); | 2131 | sshkey_free(key); |
| @@ -3631,12 +3634,10 @@ sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, | |||
| 3631 | /* The encrypted private part is not parsed by this function. */ | 3634 | /* The encrypted private part is not parsed by this function. */ |
| 3632 | 3635 | ||
| 3633 | r = 0; | 3636 | r = 0; |
| 3634 | if (keyp != NULL) | 3637 | if (keyp != NULL) { |
| 3635 | *keyp = pub; | 3638 | *keyp = pub; |
| 3636 | else | 3639 | pub = NULL; |
| 3637 | sshkey_free(pub); | 3640 | } |
| 3638 | pub = NULL; | ||
| 3639 | |||
| 3640 | out: | 3641 | out: |
| 3641 | sshbuf_free(copy); | 3642 | sshbuf_free(copy); |
| 3642 | sshkey_free(pub); | 3643 | sshkey_free(pub); |
| @@ -3657,7 +3658,8 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
| 3657 | const struct sshcipher *cipher; | 3658 | const struct sshcipher *cipher; |
| 3658 | struct sshkey *prv = NULL; | 3659 | struct sshkey *prv = NULL; |
| 3659 | 3660 | ||
| 3660 | *keyp = NULL; | 3661 | if (keyp != NULL) |
| 3662 | *keyp = NULL; | ||
| 3661 | if (commentp != NULL) | 3663 | if (commentp != NULL) |
| 3662 | *commentp = NULL; | 3664 | *commentp = NULL; |
| 3663 | 3665 | ||
| @@ -3743,8 +3745,10 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
| 3743 | goto out; | 3745 | goto out; |
| 3744 | } | 3746 | } |
| 3745 | r = 0; | 3747 | r = 0; |
| 3746 | *keyp = prv; | 3748 | if (keyp != NULL) { |
| 3747 | prv = NULL; | 3749 | *keyp = prv; |
| 3750 | prv = NULL; | ||
| 3751 | } | ||
| 3748 | if (commentp != NULL) { | 3752 | if (commentp != NULL) { |
| 3749 | *commentp = comment; | 3753 | *commentp = comment; |
| 3750 | comment = NULL; | 3754 | comment = NULL; |
| @@ -3769,7 +3773,8 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
| 3769 | BIO *bio = NULL; | 3773 | BIO *bio = NULL; |
| 3770 | int r; | 3774 | int r; |
| 3771 | 3775 | ||
| 3772 | *keyp = NULL; | 3776 | if (keyp != NULL) |
| 3777 | *keyp = NULL; | ||
| 3773 | 3778 | ||
| 3774 | if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) | 3779 | if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) |
| 3775 | return SSH_ERR_ALLOC_FAIL; | 3780 | return SSH_ERR_ALLOC_FAIL; |
| @@ -3838,8 +3843,10 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
| 3838 | goto out; | 3843 | goto out; |
| 3839 | } | 3844 | } |
| 3840 | r = 0; | 3845 | r = 0; |
| 3841 | *keyp = prv; | 3846 | if (keyp != NULL) { |
| 3842 | prv = NULL; | 3847 | *keyp = prv; |
| 3848 | prv = NULL; | ||
| 3849 | } | ||
| 3843 | out: | 3850 | out: |
| 3844 | BIO_free(bio); | 3851 | BIO_free(bio); |
| 3845 | if (pk != NULL) | 3852 | if (pk != NULL) |
| @@ -3853,7 +3860,8 @@ int | |||
| 3853 | sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, | 3860 | sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, |
| 3854 | const char *passphrase, struct sshkey **keyp, char **commentp) | 3861 | const char *passphrase, struct sshkey **keyp, char **commentp) |
| 3855 | { | 3862 | { |
| 3856 | *keyp = NULL; | 3863 | if (keyp != NULL) |
| 3864 | *keyp = NULL; | ||
| 3857 | if (commentp != NULL) | 3865 | if (commentp != NULL) |
| 3858 | *commentp = NULL; | 3866 | *commentp = NULL; |
| 3859 | 3867 | ||