-
-
Notifications
You must be signed in to change notification settings - Fork 9.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added check for the return value of the RAND_bytes() function #21706
Conversation
apps/speed.c
Outdated
if (RAND_bytes(out, 16) > 0) { | ||
len += 16; | ||
aad[11] = (unsigned char)(len >> 8); | ||
aad[12] = (unsigned char)(len); | ||
pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD, | ||
EVP_AEAD_TLS1_AAD_LEN, aad); | ||
ciph_success = EVP_Cipher(ctx, out, inp, len + pad); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead, I would use app_bail_out() in case of RAND_bytes() failure. However it is not clear to me why the RAND_bytes() call is there at all - the out buffer should be overwritten by the EVP_Cipher call anyway.
@mattcaswell any idea why the RAND_bytes() call is there?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, I don't see an obvious reason for it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In that case I wouldn't bother checking the return value, just explicitly cast to (void) as we do not want to change what is the speed command measuring to keep the results stable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, I wonder if it's meant to be setting inp
rather than out
, since - unless OPENSSL_malloc()
initialises the memory it returns - it doesn't look like inp
is being initialised here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Possibly
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What should we do about this issue?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use app_bail_out if RAND_bytes() fails instead. And also change the output parameter of RAND_bytes() to inp
.
Changed the output parameter of RAND_bytes() to inp.
apps/speed.c
Outdated
len += 16; | ||
aad[11] = (unsigned char)(len >> 8); | ||
aad[12] = (unsigned char)(len); | ||
pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD, | ||
EVP_AEAD_TLS1_AAD_LEN, aad); | ||
EVP_AEAD_TLS1_AAD_LEN, aad); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please don't fix the indentation here, it was already correct as per our coding style.
This pull request is ready to merge |
Squashed and merged to master, 3.1 and 3.0 branches. Thank you for your contribution. |
Call app_bail_out if RAND_bytes() fails. Also changed the output parameter of RAND_bytes() to inp as writing to encrypted output buffer does not make sense. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #21706) (cherry picked from commit 8d120ae)
Call app_bail_out if RAND_bytes() fails. Also changed the output parameter of RAND_bytes() to inp as writing to encrypted output buffer does not make sense. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #21706)
Call app_bail_out if RAND_bytes() fails. Also changed the output parameter of RAND_bytes() to inp as writing to encrypted output buffer does not make sense. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #21706) (cherry picked from commit 8d120ae)
Call app_bail_out if RAND_bytes() fails. Also changed the output parameter of RAND_bytes() to inp as writing to encrypted output buffer does not make sense. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#21706) Signed-off-by: fly2x <fly2x@hitls.org>
Call app_bail_out if RAND_bytes() fails. Also changed the output parameter of RAND_bytes() to inp as writing to encrypted output buffer does not make sense. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#21706) (cherry picked from commit 8d120ae) Signed-off-by: fly2x <fly2x@hitls.org>
Call app_bail_out if RAND_bytes() fails. Also changed the output parameter of RAND_bytes() to inp as writing to encrypted output buffer does not make sense. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl/openssl#21706) (cherry picked from commit 8d120ae) Signed-off-by: fly2x <fly2x@hitls.org>
The return value of the
RAND_bytes()
function is not checked. At the same time, the function might return0
without changing the value of theout
variable passed to it. This variable will be used later on, so a check for the function's return value has been added.Perhaps this would be more correct: