From: Pauli <ppzgs1@gmail.com>
Date: Mon, 31 Mar 2025 22:15:40 +0000 (+1100)
Subject: commands: fix parameter value output
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fad8c04dedb18379d3dd51db8cce05011e3ff008;p=thirdparty%2Fopenssl.git

commands: fix parameter value output

The parameter value output library routine was incorrect.  It used the
incorrect length when printing fetched parameter sizes.  It also printed
a string which was potentially not zero terminated.  Both of these are
addressed here.

Additionally, octet strings have their initial bytes printed in hex.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27221)
---

diff --git a/apps/lib/app_params.c b/apps/lib/app_params.c
index 95e1298ee92..25b1d4ed371 100644
--- a/apps/lib/app_params.c
+++ b/apps/lib/app_params.c
@@ -10,6 +10,9 @@
 #include "apps.h"
 #include "app_params.h"
 
+/* Maximum number of bytes that will be output for an octet string body */
+#define MAX_OCTET_STRING_OUTPUT_BYTES 24
+
 static int describe_param_type(char *buf, size_t bufsz, const OSSL_PARAM *param)
 {
     const char *type_mod = "";
@@ -94,6 +97,56 @@ int print_param_types(const char *thing, const OSSL_PARAM *pdefs, int indent)
     return 1;
 }
 
+/* Output the body of a UTF8 string which might not be zero terminated */
+static void print_param_utf8(const char **s_ptr, size_t len)
+{
+    const char *s;
+
+    if (s_ptr == NULL) {
+        BIO_puts(bio_out, " ptr null\n");
+        return;
+    }
+    if ((s = *s_ptr) == NULL) {
+        BIO_puts(bio_out, " null\n");
+        return;
+    }
+    BIO_puts(bio_out, "'");
+    if (len > 0)
+        BIO_write(bio_out, s, len);
+    BIO_puts(bio_out, "'\n");
+}
+
+/* Output the body of an OCTET string */
+static void print_param_octet(const unsigned char **bytes_ptr, size_t len)
+{
+    size_t i;
+    const char *tail = "\n";
+    const unsigned char *bytes;
+
+    BIO_printf(bio_out, "<%zu bytes>", len);
+    if (bytes_ptr == NULL) {
+        BIO_puts(bio_out, " ptr null\n");
+        return;
+    }
+    if ((bytes = *bytes_ptr) == NULL) {
+        BIO_puts(bio_out, " null\n");
+        return;
+    }
+    if (len == 0) {
+        BIO_puts(bio_out, "\n");
+        return;
+    }
+
+    if (len > MAX_OCTET_STRING_OUTPUT_BYTES) {
+        len = MAX_OCTET_STRING_OUTPUT_BYTES;
+        tail = "...\n";
+    }
+    BIO_puts(bio_out, " ");
+    for (i = 0; i < len; i++)
+        BIO_printf(bio_out, "%02x", bytes[i]);
+    BIO_puts(bio_out, tail);
+}
+
 void print_param_value(const OSSL_PARAM *p, int indent)
 {
     int64_t i;
@@ -114,18 +167,20 @@ void print_param_value(const OSSL_PARAM *p, int indent)
             BIO_printf(bio_out, "error getting value\n");
         break;
     case OSSL_PARAM_UTF8_PTR:
-        BIO_printf(bio_out, "'%s'\n", *(char **)(p->data));
+        print_param_utf8((const char **)p->data, p->return_size);
         break;
     case OSSL_PARAM_UTF8_STRING:
-        BIO_printf(bio_out, "'%s'\n", (char *)p->data);
+        print_param_utf8((const char **)&p->data, p->return_size);
         break;
     case OSSL_PARAM_OCTET_PTR:
+        print_param_octet((const unsigned char **)p->data, p->return_size);
+        break;
     case OSSL_PARAM_OCTET_STRING:
-        BIO_printf(bio_out, "<%zu bytes>\n", p->data_size);
+        print_param_octet((const unsigned char **)&p->data, p->return_size);
         break;
     default:
         BIO_printf(bio_out, "unknown type (%u) of %zu bytes\n",
-                   p->data_type, p->data_size);
+                   p->data_type, p->return_size);
         break;
     }
 }