Security fix.
This commit is contained in:
Ben Laurie
parent
d78e52987e
commit
7c517a04b1
3
CHANGES
3
CHANGES
@ -12,6 +12,9 @@
|
||||
*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
|
||||
+) applies to 0.9.7 only
|
||||
|
||||
+) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
|
||||
[Ben Laurie and Theo de Raadt]
|
||||
|
||||
*) Fix BN_rand_range bug pointed out by Dominikus Scherkl
|
||||
<Dominikus.Scherkl@biodata.com>. (The previous implementation
|
||||
worked incorrectly for those cases where range = 10..._2 and
|
||||
|
||||
@ -148,7 +148,6 @@
|
||||
#include <signal.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <setjmp.h>
|
||||
#include <errno.h>
|
||||
|
||||
#ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */
|
||||
@ -256,7 +255,6 @@ static struct sigaction savsig[NX509_SIG];
|
||||
#else
|
||||
static void (*savsig[NX509_SIG])(int );
|
||||
#endif
|
||||
static jmp_buf save;
|
||||
|
||||
#ifdef OPENSSL_SYS_VMS
|
||||
static struct IOSB iosb;
|
||||
@ -374,6 +372,8 @@ static void read_till_nl(FILE *in)
|
||||
} while (strchr(buf,'\n') == NULL);
|
||||
}
|
||||
|
||||
static sig_atomic_t intr_signal;
|
||||
|
||||
static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
|
||||
{
|
||||
static int ps;
|
||||
@ -383,29 +383,31 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
|
||||
char *p;
|
||||
|
||||
#ifndef OPENSSL_SYS_WIN16
|
||||
if ((ok = setjmp(save)))
|
||||
{
|
||||
if (ok == 1) ok=0;
|
||||
goto error;
|
||||
}
|
||||
intr_signal=0;
|
||||
ok=0;
|
||||
ps=0;
|
||||
|
||||
pushsig();
|
||||
ps=1;
|
||||
|
||||
if (!echo) noecho_console(ui);
|
||||
if (!echo && !noecho_console(ui))
|
||||
goto error;
|
||||
ps=2;
|
||||
|
||||
result[0]='\0';
|
||||
#ifdef OPENSSL_SYS_MSDOS
|
||||
if (!echo)
|
||||
{
|
||||
noecho_fgets(result,maxsize,tty_in);
|
||||
p=result; /* FIXME: noecho_fgets doesn't return errors */
|
||||
}
|
||||
else
|
||||
fgets(result,maxsize,tty_in);
|
||||
p=fgets(result,maxsize,tty_in);
|
||||
#else
|
||||
fgets(result,maxsize,tty_in);
|
||||
p=fgets(result,maxsize,tty_in);
|
||||
#endif
|
||||
if(!p)
|
||||
goto error;
|
||||
if (feof(tty_in)) goto error;
|
||||
if (ferror(tty_in)) goto error;
|
||||
if ((p=(char *)strchr(result,'\n')) != NULL)
|
||||
@ -419,9 +421,11 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
|
||||
ok=1;
|
||||
|
||||
error:
|
||||
if (intr_signal == SIGINT)
|
||||
ok=-1;
|
||||
if (!echo) fprintf(tty_out,"\n");
|
||||
if (ps >= 2 && !echo)
|
||||
echo_console(ui);
|
||||
if (ps >= 2 && !echo && !echo_console(ui))
|
||||
ok=0;
|
||||
|
||||
if (ps >= 1)
|
||||
popsig();
|
||||
@ -602,18 +606,9 @@ static void popsig(void)
|
||||
|
||||
static void recsig(int i)
|
||||
{
|
||||
switch(i)
|
||||
{
|
||||
case SIGINT:
|
||||
longjmp(save,-1);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
longjmp(save,1);
|
||||
intr_signal=i;
|
||||
}
|
||||
|
||||
|
||||
/* Internal functions specific for Windows */
|
||||
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
|
||||
static int noecho_fgets(char *buf, int size, FILE *tty)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user