From: Kenjiro Nakayama Date: Tue, 15 Apr 2025 22:24:40 +0000 (+0900) Subject: bio_b64.c: Replace OPENSSL_assert() calls with ossl_assert() X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=305bbc1837ff31389e8330f14446286695e105fa;p=thirdparty%2Fopenssl.git bio_b64.c: Replace OPENSSL_assert() calls with ossl_assert() Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27401) --- diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c index 98a8fa55256..7f15e21b52c 100644 --- a/crypto/evp/bio_b64.c +++ b/crypto/evp/bio_b64.c @@ -138,11 +138,17 @@ static int b64_read(BIO *b, char *out, int outl) /* First check if there are buffered bytes already decoded */ if (ctx->buf_len > 0) { - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } i = ctx->buf_len - ctx->buf_off; if (i > outl) i = outl; - OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf)); + if (!ossl_assert(ctx->buf_off + i < (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } memcpy(out, &(ctx->buf[ctx->buf_off]), i); ret = i; out += i; @@ -336,10 +342,18 @@ static int b64_write(BIO *b, const char *in, int inl) ctx->tmp_len = 0; EVP_EncodeInit(ctx->base64); } - - OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_off < (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } + if (!ossl_assert(ctx->buf_len <= (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } n = ctx->buf_len - ctx->buf_off; while (n > 0) { i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); @@ -347,10 +361,15 @@ static int b64_write(BIO *b, const char *in, int inl) BIO_copy_next_retry(b); return i; } - OPENSSL_assert(i <= n); ctx->buf_off += i; - OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_off <= (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } n -= i; } /* at this point all pending data has been written */ @@ -365,7 +384,10 @@ static int b64_write(BIO *b, const char *in, int inl) if ((BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) != 0) { if (ctx->tmp_len > 0) { - OPENSSL_assert(ctx->tmp_len <= 3); + if (!ossl_assert(ctx->tmp_len <= 3)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } n = 3 - ctx->tmp_len; /* * There's a theoretical possibility for this @@ -379,8 +401,14 @@ static int b64_write(BIO *b, const char *in, int inl) break; ctx->buf_len = EVP_EncodeBlock(ctx->buf, ctx->tmp, ctx->tmp_len); - OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_len <= (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } /* * Since we're now done using the temporary buffer, the * length should be 0'd @@ -396,16 +424,28 @@ static int b64_write(BIO *b, const char *in, int inl) n -= n % 3; ctx->buf_len = EVP_EncodeBlock(ctx->buf, (unsigned char *)in, n); - OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_len <= (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } ret += n; } } else { if (!EVP_EncodeUpdate(ctx->base64, ctx->buf, &ctx->buf_len, (unsigned char *)in, n)) return ret == 0 ? -1 : ret; - OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_len <= (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } ret += n; } inl -= n; @@ -419,11 +459,16 @@ static int b64_write(BIO *b, const char *in, int inl) BIO_copy_next_retry(b); return ret == 0 ? i : ret; } - OPENSSL_assert(i <= n); n -= i; ctx->buf_off += i; - OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_off <= (int)sizeof(ctx->buf))) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return ret == 0 ? -1 : ret; + } } ctx->buf_len = 0; ctx->buf_off = 0; @@ -457,7 +502,10 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) ret = BIO_ctrl(next, cmd, num, ptr); break; case BIO_CTRL_WPENDING: /* More to write in buffer */ - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } ret = ctx->buf_len - ctx->buf_off; if (ret == 0 && ctx->encode != B64_NONE && EVP_ENCODE_CTX_num(ctx->base64) != 0) @@ -466,7 +514,10 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) ret = BIO_ctrl(next, cmd, num, ptr); break; case BIO_CTRL_PENDING: /* More to read in buffer */ - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); + if (!ossl_assert(ctx->buf_len >= ctx->buf_off)) { + ERR_raise(ERR_LIB_BIO, ERR_R_INTERNAL_ERROR); + return -1; + } ret = ctx->buf_len - ctx->buf_off; if (ret <= 0) ret = BIO_ctrl(next, cmd, num, ptr);