various kdfs: Always reset buflen after clearing the buffer

author Tomas Mraz <tomas@openssl.org>

Tue, 30 Nov 2021 10:52:10 +0000 (11:52 +0100)

committer Tomas Mraz <tomas@openssl.org>

Wed, 1 Dec 2021 11:32:13 +0000 (12:32 +0100)
author Tomas Mraz <tomas@openssl.org>
Tue, 30 Nov 2021 10:52:10 +0000 (11:52 +0100)
committer Tomas Mraz <tomas@openssl.org>
Wed, 1 Dec 2021 11:32:13 +0000 (12:32 +0100)
diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c

index f8d4baa5684c405b181fb4ca271e6f396bdc481e..2c887f0eb9939407d13657c1abe6cf242bd39ed1 100644 (file)
--- a/providers/implementations/kdfs/krb5kdf.c
+++ b/providers/implementations/kdfs/krb5kdf.c
@@ -98,6 +98,7 @@ static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len,
  {
      OPENSSL_clear_free(*dst, *dst_len);
      *dst = NULL;
+    *dst_len = 0;
      return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
  }
  
diff --git a/providers/implementations/kdfs/pbkdf1.c b/providers/implementations/kdfs/pbkdf1.c

index af715efc91ffa87e81c7ed6d9e6c78cb7b63c43c..1a042bac9f52d005c16429cade02689666c16ea9 100644 (file)
--- a/providers/implementations/kdfs/pbkdf1.c
+++ b/providers/implementations/kdfs/pbkdf1.c
@@ -134,13 +134,15 @@ static int kdf_pbkdf1_set_membuf(unsigned char **buffer, size_t *buflen,
                               const OSSL_PARAM *p)
  {
      OPENSSL_clear_free(*buffer, *buflen);
+    *buffer = NULL;
+    *buflen = 0;
+
      if (p->data_size == 0) {
          if ((*buffer = OPENSSL_malloc(1)) == NULL) {
              ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
              return 0;
          }
      } else if (p->data != NULL) {
-        *buffer = NULL;
          if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
              return 0;
      }
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c

index fe247028ea968e2ee08ebd56b2d850948df98f2b..2a0ae63acc32b359cc0d7ca931f82922a33a3caa 100644 (file)
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -126,13 +126,15 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen,
                               const OSSL_PARAM *p)
  {
      OPENSSL_clear_free(*buffer, *buflen);
+    *buffer = NULL;
+    *buflen = 0;
+
      if (p->data_size == 0) {
          if ((*buffer = OPENSSL_malloc(1)) == NULL) {
              ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
              return 0;
          }
      } else if (p->data != NULL) {
-        *buffer = NULL;
          if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
              return 0;
      }
diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c

index 2037b458c8bfb7c02745a09df434d977043ddabd..3218daa781e9e9e58997b2e9a0e3cde9f4d1ba0c 100644 (file)
--- a/providers/implementations/kdfs/pkcs12kdf.c
+++ b/providers/implementations/kdfs/pkcs12kdf.c
@@ -182,13 +182,15 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen,
                               const OSSL_PARAM *p)
  {
      OPENSSL_clear_free(*buffer, *buflen);
+    *buffer = NULL;
+    *buflen = 0;
+
      if (p->data_size == 0) {
          if ((*buffer = OPENSSL_malloc(1)) == NULL) {
              ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
              return 0;
          }
      } else if (p->data != NULL) {
-        *buffer = NULL;
          if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
              return 0;
      }
diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c

index 2bbea0c7ccfc19fd92a5785c93658cfcae5bfb0a..a7072f785f0877ae8002bc41d0a0dfd0b24360e6 100644 (file)
--- a/providers/implementations/kdfs/scrypt.c
+++ b/providers/implementations/kdfs/scrypt.c
@@ -108,13 +108,15 @@ static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen,
                               const OSSL_PARAM *p)
  {
      OPENSSL_clear_free(*buffer, *buflen);
+    *buffer = NULL;
+    *buflen = 0;
+
      if (p->data_size == 0) {
          if ((*buffer = OPENSSL_malloc(1)) == NULL) {
              ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
              return 0;
          }
      } else if (p->data != NULL) {
-        *buffer = NULL;
          if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen))
              return 0;
      }
diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c

index 93a7a64fb5d5ce77feb9e04d081f3f8ad9370376..be23c2143d3c7602992994afae0f22207deb3fe9 100644 (file)
--- a/providers/implementations/kdfs/sshkdf.c
+++ b/providers/implementations/kdfs/sshkdf.c
@@ -91,6 +91,7 @@ static int sshkdf_set_membuf(unsigned char **dst, size_t *dst_len,
  {
      OPENSSL_clear_free(*dst, *dst_len);
      *dst = NULL;
+    *dst_len = 0;
      return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
  }
author	Tomas Mraz <tomas@openssl.org>
	Tue, 30 Nov 2021 10:52:10 +0000 (11:52 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Wed, 1 Dec 2021 11:32:13 +0000 (12:32 +0100)
providers/implementations/kdfs/krb5kdf.c		patch \| blob \| blame \| history
providers/implementations/kdfs/pbkdf1.c		patch \| blob \| blame \| history
providers/implementations/kdfs/pbkdf2.c		patch \| blob \| blame \| history
providers/implementations/kdfs/pkcs12kdf.c		patch \| blob \| blame \| history
providers/implementations/kdfs/scrypt.c		patch \| blob \| blame \| history
providers/implementations/kdfs/sshkdf.c		patch \| blob \| blame \| history