From 2349d7ba57c9327290df6f7bc18b7f0c3976ca9e Mon Sep 17 00:00:00 2001 From: PW Hu Date: Wed, 10 Nov 2021 12:39:54 +0800 Subject: [PATCH] Fix the return check of OBJ_obj2txt Also update OBJ_nid2obj.pod to document the possible return values. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17005) --- crypto/cms/cms_dh.c | 2 +- crypto/cms/cms_ec.c | 2 +- crypto/cms/cms_sd.c | 4 ++-- crypto/core_namemap.c | 2 +- crypto/crmf/crmf_pbm.c | 4 ++-- crypto/dh/dh_kdf.c | 2 +- doc/man3/OBJ_nid2obj.pod | 4 ++++ .../implementations/encode_decode/decode_spki2typespki.c | 2 +- test/algorithmid_test.c | 2 +- test/evp_fetch_prov_test.c | 8 ++++---- 10 files changed, 18 insertions(+), 14 deletions(-) diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c index fe6289b2050..f14546c7037 100644 --- a/crypto/cms/cms_dh.c +++ b/crypto/cms/cms_dh.c @@ -118,7 +118,7 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) if (kekctx == NULL) goto err; - if (!OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0)) + if (OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0) <= 0) goto err; kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery); diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c index 65018956a88..b07af92bad8 100644 --- a/crypto/cms/cms_ec.c +++ b/crypto/cms/cms_ec.c @@ -47,7 +47,7 @@ static EVP_PKEY *pkey_type2param(int ptype, const void *pval, pctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq); if (pctx == NULL || EVP_PKEY_paramgen_init(pctx) <= 0) goto err; - if (!OBJ_obj2txt(groupname, sizeof(groupname), poid, 0) + if (OBJ_obj2txt(groupname, sizeof(groupname), poid, 0) <= 0 || !EVP_PKEY_CTX_set_group_name(pctx, groupname)) { ERR_raise(ERR_LIB_CMS, CMS_R_DECODE_ERROR); goto err; diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 4fbe09ca5fe..34c021bba64 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -784,8 +784,8 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) const CMS_CTX *ctx = si->cms_ctx; char md_name[OSSL_MAX_NAME_SIZE]; - if (!OBJ_obj2txt(md_name, sizeof(md_name), - si->digestAlgorithm->algorithm, 0)) + if (OBJ_obj2txt(md_name, sizeof(md_name), + si->digestAlgorithm->algorithm, 0) <= 0) return 0; if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) { diff --git a/crypto/core_namemap.c b/crypto/core_namemap.c index 415df3d8394..e1da724bd2f 100644 --- a/crypto/core_namemap.c +++ b/crypto/core_namemap.c @@ -397,7 +397,7 @@ static void get_legacy_evp_names(int base_nid, int nid, const char *pem_name, if ((obj = OBJ_nid2obj(nid)) != NULL) { char txtoid[OSSL_MAX_NAME_SIZE]; - if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1)) + if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0) num = ossl_namemap_add_name(arg, num, txtoid); } } diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c index aba6b3a16fb..88a8480cf73 100644 --- a/crypto/crmf/crmf_pbm.c +++ b/crypto/crmf/crmf_pbm.c @@ -200,8 +200,8 @@ int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, mac_nid = OBJ_obj2nid(pbmp->mac->algorithm); if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, mac_nid, NULL, &hmac_md_nid, NULL) - || !OBJ_obj2txt(hmac_mdname, sizeof(hmac_mdname), - OBJ_nid2obj(hmac_md_nid), 0)) { + || OBJ_obj2txt(hmac_mdname, sizeof(hmac_mdname), + OBJ_nid2obj(hmac_md_nid), 0) <= 0) { ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_ALGORITHM); goto err; } diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c index 7a234b8fb15..419e7711d36 100644 --- a/crypto/dh/dh_kdf.c +++ b/crypto/dh/dh_kdf.c @@ -70,7 +70,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, const OSSL_PROVIDER *prov = EVP_MD_get0_provider(md); OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); - if (!OBJ_obj2txt(key_alg, sizeof(key_alg), key_oid, 0)) + if (OBJ_obj2txt(key_alg, sizeof(key_alg), key_oid, 0) <= 0) return 0; return ossl_dh_kdf_X9_42_asn1(out, outlen, Z, Zlen, key_alg, diff --git a/doc/man3/OBJ_nid2obj.pod b/doc/man3/OBJ_nid2obj.pod index 306b33c03dd..a728cbe7bf1 100644 --- a/doc/man3/OBJ_nid2obj.pod +++ b/doc/man3/OBJ_nid2obj.pod @@ -155,6 +155,10 @@ a NID or B on error. OBJ_add_sigid() returns 1 on success or 0 on error. +OBJ_obj2txt() returns the number of bytes written to I if I is big enough. +Otherwise, the result is truncated and the total amount of space required is returned. +It also returns -1 on error. + =head1 EXAMPLES Create an object for B: diff --git a/providers/implementations/encode_decode/decode_spki2typespki.c b/providers/implementations/encode_decode/decode_spki2typespki.c index 3a4c83e8b51..a5dbbb31adf 100644 --- a/providers/implementations/encode_decode/decode_spki2typespki.c +++ b/providers/implementations/encode_decode/decode_spki2typespki.c @@ -87,7 +87,7 @@ static int spki2typespki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, strcpy(dataname, "SM2"); else #endif - if (!OBJ_obj2txt(dataname, sizeof(dataname), oid, 0)) + if (OBJ_obj2txt(dataname, sizeof(dataname), oid, 0) <= 0) goto end; ossl_X509_PUBKEY_INTERNAL_free(xpub); diff --git a/test/algorithmid_test.c b/test/algorithmid_test.c index ce5fbffc223..0104425c1d4 100644 --- a/test/algorithmid_test.c +++ b/test/algorithmid_test.c @@ -48,7 +48,7 @@ static int test_spki_aid(X509_PUBKEY *pubkey, const char *filename) goto end; X509_ALGOR_get0(&oid, NULL, NULL, alg); - if (!TEST_true(OBJ_obj2txt(name, sizeof(name), oid, 0))) + if (!TEST_int_gt(OBJ_obj2txt(name, sizeof(name), oid, 0), 0)) goto end; /* diff --git a/test/evp_fetch_prov_test.c b/test/evp_fetch_prov_test.c index fc10bdad572..d237082bdcc 100644 --- a/test/evp_fetch_prov_test.c +++ b/test/evp_fetch_prov_test.c @@ -220,11 +220,11 @@ static int test_explicit_EVP_MD_fetch_by_X509_ALGOR(int idx) X509_ALGOR_get0(&obj, NULL, NULL, algor); switch (idx) { case 0: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 0))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 0), 0)) goto end; break; case 1: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 1))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 1), 0)) goto end; break; } @@ -336,11 +336,11 @@ static int test_explicit_EVP_CIPHER_fetch_by_X509_ALGOR(int idx) X509_ALGOR_get0(&obj, NULL, NULL, algor); switch (idx) { case 0: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 0))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 0), 0)) goto end; break; case 1: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 1))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 1), 0)) goto end; break; } -- 2.39.5