From 684eba444726b77bcdb78dda0abe744e75ea9d51 Mon Sep 17 00:00:00 2001 From: Daniel Fiala Date: Mon, 11 Apr 2022 21:58:31 +0200 Subject: [PATCH 1/2] Do a prelimary check for numbers in openssl prime command. Fixes openssl#16241. --- apps/prime.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/apps/prime.c b/apps/prime.c index 190254d90e4c3..8511b99b7e409 100644 --- a/apps/prime.c +++ b/apps/prime.c @@ -19,6 +19,21 @@ typedef enum OPTION_choice { OPT_PROV_ENUM } OPTION_CHOICE; +static int check_num(const char *s, const int is_hex) +{ + int i; + // It would make sense to use ossl_isxdigit and ossl_isdigit here, + // but ossl_ctype_check is a local symbol in libcrypto.so + if (is_hex) { + for (i = 0; ('0' <= s[i] && s[i] <= '9') + || ('A' <= s[i] && s[i] <= 'F') + || ('a' <= s[i] && s[i] <= 'f'); i++); + } else { + for (i = 0; '0' <= s[i] && s[i] <= '9'; i++); + } + return s[i] == 0; +} + const OPTIONS prime_options[] = { {OPT_HELP_STR, 1, '-', "Usage: %s [options] [number...]\n"}, @@ -117,12 +132,10 @@ int prime_main(int argc, char **argv) OPENSSL_free(s); } else { for ( ; *argv; argv++) { - int r; + int r = check_num(argv[0], hex); - if (hex) - r = BN_hex2bn(&bn, argv[0]); - else - r = BN_dec2bn(&bn, argv[0]); + if (r) + r = hex ? BN_hex2bn(&bn, argv[0]) : BN_dec2bn(&bn, argv[0]); if (!r) { BIO_printf(bio_err, "Failed to process value (%s)\n", argv[0]); From 8213c4b3198f110948196900bbaf1611f2c88c90 Mon Sep 17 00:00:00 2001 From: Daniel Fiala Date: Tue, 12 Apr 2022 10:01:36 +0200 Subject: [PATCH 2/2] fixup! Do a prelimary check for numbers in openssl prime command. --- apps/prime.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/apps/prime.c b/apps/prime.c index 8511b99b7e409..1462c81eae2b7 100644 --- a/apps/prime.c +++ b/apps/prime.c @@ -22,8 +22,10 @@ typedef enum OPTION_choice { static int check_num(const char *s, const int is_hex) { int i; - // It would make sense to use ossl_isxdigit and ossl_isdigit here, - // but ossl_ctype_check is a local symbol in libcrypto.so + /* + * It would make sense to use ossl_isxdigit and ossl_isdigit here, + * but ossl_ctype_check is a local symbol in libcrypto.so. + */ if (is_hex) { for (i = 0; ('0' <= s[i] && s[i] <= '9') || ('A' <= s[i] && s[i] <= 'F')