ossl-params: check length returned by strlen()

In param_build.c, the functions OSSL_PARAM_BLD_push_utf8_string() and
OSSL_PARAM_BLD_push_utf8_ptr() use strlen() to compute the length of
the string when bsize is zero.  However, the size_t returned by
strlen() might be too large (it is stored in an intermediate "int"),
so check for that.

There are analogous functions in params.c, but they do not use an
intermediate "int" to store the size_t returned by strlen().  So there
is some inconsistency between the implementations.

Credit to Viktor D and Tomas M for spotting these missing checks.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22967)

(cherry picked from commit d4d6694aa710c9970410a6836070daa6486a0ac0)

diff --git a/crypto/param_build.c b/crypto/param_build.c
index 4fc6c0319fa65ac76ca5f412bf62265cfd90a0d7..acbb01928d5fa24c2836b0778d73f0203015f937 100644 (file)
--- a/crypto/param_build.c
+++ b/crypto/param_build.c
@@ -241,9 +241,9 @@ int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
     OSSL_PARAM_BLD_DEF *pd;
     int secure;
 
-    if (bsize == 0) {
+    if (bsize == 0)
         bsize = strlen(buf);
-    } else if (bsize > INT_MAX) {
+    if (bsize > INT_MAX) {
         ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
         return 0;
     }
@@ -260,9 +260,9 @@ int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
 {
     OSSL_PARAM_BLD_DEF *pd;
 
-    if (bsize == 0) {
+    if (bsize == 0)
         bsize = strlen(buf);
-    } else if (bsize > INT_MAX) {
+    if (bsize > INT_MAX) {
         ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
         return 0;
     }