From: Jiasheng Jiang Date: Fri, 5 Jul 2024 18:05:35 +0000 (+0000) Subject: apps/rehash.c: Add the check for the EVP_MD_get_size() X-Git-Tag: openssl-3.4.0-alpha1~364 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45cada1339bacc81765b02367bdbaf878445081d;p=thirdparty%2Fopenssl.git apps/rehash.c: Add the check for the EVP_MD_get_size() Add the check for the return value of EVP_MD_get_size() to avoid invalid negative numbers and then explicitly cast from int to size_t. Add the check to prevent that EVP_MD_get_size() returns a value greater than EVP_MAX_MD_SIZE. Signed-off-by: Jiasheng Jiang Reviewed-by: Neil Horman Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24802) --- diff --git a/apps/rehash.c b/apps/rehash.c index 9862b9fba91..9a5be029d3f 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -140,7 +140,7 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename, } for (ep = bp->first_entry; ep; ep = ep->next) { - if (digest && memcmp(digest, ep->digest, evpmdsize) == 0) { + if (digest && memcmp(digest, ep->digest, (size_t)evpmdsize) == 0) { BIO_printf(bio_err, "%s: warning: skipping duplicate %s in %s\n", opt_getprog(), @@ -183,7 +183,7 @@ static int add_entry(enum Type type, unsigned int hash, const char *filename, if (need_symlink && !ep->need_symlink) { ep->need_symlink = 1; bp->num_needed++; - memcpy(ep->digest, digest, evpmdsize); + memcpy(ep->digest, digest, (size_t)evpmdsize); } return 0; } @@ -553,6 +553,9 @@ int rehash_main(int argc, char **argv) evpmd = EVP_sha1(); evpmdsize = EVP_MD_get_size(evpmd); + if (evpmdsize <= 0 || evpmdsize > EVP_MAX_MD_SIZE) + goto end; + if (*argv != NULL) { while (*argv != NULL) errs += do_dir(*argv++, h);