* UI_METHOD processor. It differs from UI_UTIL_read_pw() like this:
*
* 1. It constructs a prompt on its own, based on |prompt_info|.
- * 2. It allocates a buffer for verification on its own.
+ * 2. It allocates a buffer for password and verification on its own
+ * to compensate for NUL terminator in UI password strings.
* 3. It raises errors.
* 4. It reports back the length of the prompted pass phrase.
*/
const char *prompt_info, int verify,
const UI_METHOD *ui_method, void *ui_data)
{
- char *prompt = NULL, *vpass = NULL;
- int prompt_idx = -1, verify_idx = -1;
+ char *prompt = NULL, *ipass = NULL, *vpass = NULL;
+ int prompt_idx = -1, verify_idx = -1, res;
UI *ui = NULL;
int ret = 0;
goto end;
}
+ /* Get a buffer for verification prompt */
+ ipass = OPENSSL_zalloc(pass_size + 1);
+ if (ipass == NULL) {
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+
prompt_idx = UI_add_input_string(ui, prompt,
UI_INPUT_FLAG_DEFAULT_PWD,
- pass, 0, pass_size - 1) - 1;
+ ipass, 0, pass_size) - 1;
if (prompt_idx < 0) {
ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
goto end;
if (verify) {
/* Get a buffer for verification prompt */
- vpass = OPENSSL_zalloc(pass_size);
+ vpass = OPENSSL_zalloc(pass_size + 1);
if (vpass == NULL) {
ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
goto end;
}
verify_idx = UI_add_verify_string(ui, prompt,
UI_INPUT_FLAG_DEFAULT_PWD,
- vpass, 0, pass_size - 1,
- pass) - 1;
+ vpass, 0, pass_size,
+ ipass) - 1;
if (verify_idx < 0) {
ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
goto end;
ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
break;
default:
- *pass_len = (size_t)UI_get_result_length(ui, prompt_idx);
+ res = UI_get_result_length(ui, prompt_idx);
+ if (res < 0) {
+ ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
+ break;
+ }
+ *pass_len = (size_t)res;
+ memcpy(pass, ipass, *pass_len);
ret = 1;
break;
}
end:
- OPENSSL_free(vpass);
+ OPENSSL_clear_free(vpass, pass_size + 1);
+ OPENSSL_clear_free(ipass, pass_size + 1);
OPENSSL_free(prompt);
UI_free(ui);
return ret;