PATCH: SEGV for invalid args to "openssl pkeyutl"

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

PATCH: SEGV for invalid args to "openssl pkeyutl"

Damien Miller
Hi,

"openssl pkeyutl -peerform" will SEGV due to dereferencing the NULL
termination of the argv array, here's a fix:

Index: pkeyutl.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/apps/pkeyutl.c,v
retrieving revision 1.1.1.2
diff -u -p -r1.1.1.2 pkeyutl.c
--- pkeyutl.c 1 Oct 2010 22:54:01 -0000 1.1.1.2
+++ pkeyutl.c 13 Oct 2010 21:27:07 -0000
@@ -119,17 +119,17 @@ int MAIN(int argc, char **argv)
  if (!strcmp(*argv,"-in"))
  {
  if (--argc < 1) badarg = 1;
-                        infile= *(++argv);
+                        else infile= *(++argv);
  }
  else if (!strcmp(*argv,"-out"))
  {
  if (--argc < 1) badarg = 1;
- outfile= *(++argv);
+ else outfile= *(++argv);
  }
  else if (!strcmp(*argv,"-sigfile"))
  {
  if (--argc < 1) badarg = 1;
- sigfile= *(++argv);
+ else sigfile= *(++argv);
  }
  else if(!strcmp(*argv, "-inkey"))
  {
@@ -159,17 +159,17 @@ int MAIN(int argc, char **argv)
  else if (!strcmp(*argv,"-passin"))
  {
  if (--argc < 1) badarg = 1;
- passargin= *(++argv);
+ else passargin= *(++argv);
  }
  else if (strcmp(*argv,"-peerform") == 0)
  {
  if (--argc < 1) badarg = 1;
- peerform=str2fmt(*(++argv));
+ else peerform=str2fmt(*(++argv));
  }
  else if (strcmp(*argv,"-keyform") == 0)
  {
  if (--argc < 1) badarg = 1;
- keyform=str2fmt(*(++argv));
+ else keyform=str2fmt(*(++argv));
  }
 #ifndef OPENSSL_NO_ENGINE
  else if(!strcmp(*argv, "-engine"))
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]