From 3262300a2c2351c6706f37b89fef015430988a31 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 13 Feb 2021 06:49:05 +0100 Subject: [PATCH] Adjust the few places where the string length was confused Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/14168) --- providers/fips/self_test.c | 3 +-- providers/implementations/rands/drbg_ctr.c | 10 ++++++---- test/evp_kdf_test.c | 19 ++++++++----------- 3 files changed, 15 insertions(+), 17 deletions(-) diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index aa9bbc770ea..1848686ae3e 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -182,8 +182,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex if (ctx == NULL) goto err; - *p++ = OSSL_PARAM_construct_utf8_string("digest", DIGEST_NAME, - strlen(DIGEST_NAME) + 1); + *p++ = OSSL_PARAM_construct_utf8_string("digest", DIGEST_NAME, 0); *p++ = OSSL_PARAM_construct_octet_string("key", fixed_key, sizeof(fixed_key)); *p = OSSL_PARAM_construct_end(); diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index 127d85a2cc8..e10b4378b54 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -685,19 +685,21 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if ((p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_CIPHER)) != NULL) { const char *base = (const char *)p->data; + size_t ctr_str_len = sizeof("CTR") - 1; + size_t ecb_str_len = sizeof("ECB") - 1; if (p->data_type != OSSL_PARAM_UTF8_STRING - || p->data_size < 3) + || p->data_size < ctr_str_len) return 0; - if (strcasecmp("CTR", base + p->data_size - sizeof("CTR")) != 0) { + if (strcasecmp("CTR", base + p->data_size - ctr_str_len) != 0) { ERR_raise(ERR_LIB_PROV, PROV_R_REQUIRE_CTR_MODE_CIPHER); return 0; } - if ((ecb = OPENSSL_strdup(base)) == NULL) { + if ((ecb = OPENSSL_strndup(base, p->data_size)) == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; } - strcpy(ecb + p->data_size - sizeof("ECB"), "ECB"); + strcpy(ecb + p->data_size - ecb_str_len, "ECB"); EVP_CIPHER_free(ctr->cipher_ecb); EVP_CIPHER_free(ctr->cipher_ctr); ctr->cipher_ctr = EVP_CIPHER_fetch(libctx, base, propquery); diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c index 621351f1875..cb387bc71d2 100644 --- a/test/evp_kdf_test.c +++ b/test/evp_kdf_test.c @@ -638,7 +638,7 @@ static int test_kdf_ss_hash(void) }; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, - (char *)"sha224", sizeof("sha224")); + (char *)"sha224", 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z)); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, other, sizeof(other)); @@ -692,7 +692,7 @@ static int test_kdf_x963(void) }; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, - (char *)"sha512", sizeof("sha512")); + (char *)"sha512", 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z)); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, shared, sizeof(shared)); @@ -1135,10 +1135,9 @@ static int test_kdf_ss_hmac(void) }; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, - (char *)OSSL_MAC_NAME_HMAC, - sizeof(OSSL_MAC_NAME_HMAC)); + (char *)OSSL_MAC_NAME_HMAC, 0); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, - (char *)"sha256", sizeof("sha256")); + (char *)"sha256", 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z)); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, other, sizeof(other)); @@ -1182,8 +1181,7 @@ static int test_kdf_ss_kmac(void) }; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, - (char *)OSSL_MAC_NAME_KMAC128, - sizeof(OSSL_MAC_NAME_KMAC128)); + (char *)OSSL_MAC_NAME_KMAC128, 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, z, sizeof(z)); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, other, sizeof(other)); @@ -1239,7 +1237,7 @@ static int test_kdf_sshkdf(void) }; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, - (char *)"sha256", sizeof("sha256")); + (char *)"sha256", 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key, sizeof(key)); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_XCGHASH, @@ -1247,7 +1245,7 @@ static int test_kdf_sshkdf(void) *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sessid, sizeof(sessid)); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE, - kdftype, sizeof(kdftype)); + kdftype, 0); *p = OSSL_PARAM_construct_end(); ret = @@ -1368,8 +1366,7 @@ static int test_kdf_krb5kdf(void) }; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, - (char *)"AES-128-CBC", - sizeof("AES-128-CBC")); + (char *)"AES-128-CBC", 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key, sizeof(key)); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_CONSTANT, -- 2.47.2