d2i: don't update input pointer on failure
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> MR #1005 (cherry picked from commit a46c9789ce2aecedceef119e9883513c7a49f1ca)
This commit is contained in:
parent
421baf1862
commit
8f42c34f8f
@ -72,6 +72,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
|
|||||||
long length)
|
long length)
|
||||||
{
|
{
|
||||||
EVP_PKEY *ret;
|
EVP_PKEY *ret;
|
||||||
|
const unsigned char *p = *pp;
|
||||||
|
|
||||||
if ((a == NULL) || (*a == NULL)) {
|
if ((a == NULL) || (*a == NULL)) {
|
||||||
if ((ret = EVP_PKEY_new()) == NULL) {
|
if ((ret = EVP_PKEY_new()) == NULL) {
|
||||||
@ -94,10 +95,10 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!ret->ameth->old_priv_decode ||
|
if (!ret->ameth->old_priv_decode ||
|
||||||
!ret->ameth->old_priv_decode(ret, pp, length)) {
|
!ret->ameth->old_priv_decode(ret, &p, length)) {
|
||||||
if (ret->ameth->priv_decode) {
|
if (ret->ameth->priv_decode) {
|
||||||
PKCS8_PRIV_KEY_INFO *p8 = NULL;
|
PKCS8_PRIV_KEY_INFO *p8 = NULL;
|
||||||
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
|
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
|
||||||
if (!p8)
|
if (!p8)
|
||||||
goto err;
|
goto err;
|
||||||
EVP_PKEY_free(ret);
|
EVP_PKEY_free(ret);
|
||||||
@ -109,6 +110,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
*pp = p;
|
||||||
if (a != NULL)
|
if (a != NULL)
|
||||||
(*a) = ret;
|
(*a) = ret;
|
||||||
return (ret);
|
return (ret);
|
||||||
@ -136,6 +138,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
|
|||||||
* input is surrounded by an ASN1 SEQUENCE.
|
* input is surrounded by an ASN1 SEQUENCE.
|
||||||
*/
|
*/
|
||||||
inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
|
inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
|
||||||
|
p = *pp;
|
||||||
/*
|
/*
|
||||||
* Since we only need to discern "traditional format" RSA and DSA keys we
|
* Since we only need to discern "traditional format" RSA and DSA keys we
|
||||||
* can just count the elements.
|
* can just count the elements.
|
||||||
@ -146,7 +149,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
|
|||||||
keytype = EVP_PKEY_EC;
|
keytype = EVP_PKEY_EC;
|
||||||
else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
|
else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
|
||||||
* traditional format */
|
* traditional format */
|
||||||
PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
|
PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
|
||||||
EVP_PKEY *ret;
|
EVP_PKEY *ret;
|
||||||
|
|
||||||
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
|
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
|
||||||
@ -157,6 +160,8 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
|
|||||||
}
|
}
|
||||||
ret = EVP_PKCS82PKEY(p8);
|
ret = EVP_PKCS82PKEY(p8);
|
||||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
|
if (ret != NULL)
|
||||||
|
*pp = p;
|
||||||
if (a) {
|
if (a) {
|
||||||
*a = ret;
|
*a = ret;
|
||||||
}
|
}
|
||||||
|
@ -350,9 +350,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|||||||
}
|
}
|
||||||
|
|
||||||
asn1_set_choice_selector(pval, i, it);
|
asn1_set_choice_selector(pval, i, it);
|
||||||
*in = p;
|
|
||||||
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
|
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
|
||||||
goto auxerr;
|
goto auxerr;
|
||||||
|
*in = p;
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
case ASN1_ITYPE_NDEF_SEQUENCE:
|
case ASN1_ITYPE_NDEF_SEQUENCE:
|
||||||
@ -489,9 +489,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|||||||
/* Save encoding */
|
/* Save encoding */
|
||||||
if (!asn1_enc_save(pval, *in, p - *in, it))
|
if (!asn1_enc_save(pval, *in, p - *in, it))
|
||||||
goto auxerr;
|
goto auxerr;
|
||||||
*in = p;
|
|
||||||
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
|
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
|
||||||
goto auxerr;
|
goto auxerr;
|
||||||
|
*in = p;
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
|
@ -188,13 +188,16 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
|
|||||||
{
|
{
|
||||||
X509_PUBKEY *xpk;
|
X509_PUBKEY *xpk;
|
||||||
EVP_PKEY *pktmp;
|
EVP_PKEY *pktmp;
|
||||||
xpk = d2i_X509_PUBKEY(NULL, pp, length);
|
const unsigned char *q;
|
||||||
|
q = *pp;
|
||||||
|
xpk = d2i_X509_PUBKEY(NULL, &q, length);
|
||||||
if (!xpk)
|
if (!xpk)
|
||||||
return NULL;
|
return NULL;
|
||||||
pktmp = X509_PUBKEY_get(xpk);
|
pktmp = X509_PUBKEY_get(xpk);
|
||||||
X509_PUBKEY_free(xpk);
|
X509_PUBKEY_free(xpk);
|
||||||
if (!pktmp)
|
if (!pktmp)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
*pp = q;
|
||||||
if (a) {
|
if (a) {
|
||||||
EVP_PKEY_free(*a);
|
EVP_PKEY_free(*a);
|
||||||
*a = pktmp;
|
*a = pktmp;
|
||||||
|
@ -180,16 +180,17 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
|
|||||||
if (!a || *a == NULL) {
|
if (!a || *a == NULL) {
|
||||||
freeret = 1;
|
freeret = 1;
|
||||||
}
|
}
|
||||||
ret = d2i_X509(a, pp, length);
|
ret = d2i_X509(a, &q, length);
|
||||||
/* If certificate unreadable then forget it */
|
/* If certificate unreadable then forget it */
|
||||||
if (!ret)
|
if (!ret)
|
||||||
return NULL;
|
return NULL;
|
||||||
/* update length */
|
/* update length */
|
||||||
length -= *pp - q;
|
length -= q - *pp;
|
||||||
if (!length)
|
if (!length)
|
||||||
return ret;
|
return ret;
|
||||||
if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
|
if (!d2i_X509_CERT_AUX(&ret->aux, &q, length))
|
||||||
goto err;
|
goto err;
|
||||||
|
*pp = q;
|
||||||
return ret;
|
return ret;
|
||||||
err:
|
err:
|
||||||
if (freeret) {
|
if (freeret) {
|
||||||
|
@ -970,8 +970,9 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
|
|||||||
{
|
{
|
||||||
EC_GROUP *group = NULL;
|
EC_GROUP *group = NULL;
|
||||||
ECPKPARAMETERS *params = NULL;
|
ECPKPARAMETERS *params = NULL;
|
||||||
|
const unsigned char *p = *in;
|
||||||
|
|
||||||
if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) {
|
if ((params = d2i_ECPKPARAMETERS(NULL, &p, len)) == NULL) {
|
||||||
ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
|
ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
|
||||||
ECPKPARAMETERS_free(params);
|
ECPKPARAMETERS_free(params);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -989,6 +990,7 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
|
|||||||
*a = group;
|
*a = group;
|
||||||
|
|
||||||
ECPKPARAMETERS_free(params);
|
ECPKPARAMETERS_free(params);
|
||||||
|
*in = p;
|
||||||
return (group);
|
return (group);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1016,8 +1018,9 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
|
|||||||
int ok = 0;
|
int ok = 0;
|
||||||
EC_KEY *ret = NULL;
|
EC_KEY *ret = NULL;
|
||||||
EC_PRIVATEKEY *priv_key = NULL;
|
EC_PRIVATEKEY *priv_key = NULL;
|
||||||
|
const unsigned char *p = *in;
|
||||||
|
|
||||||
if ((priv_key = d2i_EC_PRIVATEKEY(NULL, in, len)) == NULL) {
|
if ((priv_key = d2i_EC_PRIVATEKEY(NULL, &p, len)) == NULL) {
|
||||||
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -1096,6 +1099,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
|
|||||||
|
|
||||||
if (a)
|
if (a)
|
||||||
*a = ret;
|
*a = ret;
|
||||||
|
*in = p;
|
||||||
ok = 1;
|
ok = 1;
|
||||||
err:
|
err:
|
||||||
if (!ok) {
|
if (!ok) {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user