OSSL_STORE "file" scheme loader: check that a DOS device is correctly named

author Richard Levitte <levitte@openssl.org>

Sat, 15 Jul 2017 09:21:11 +0000 (11:21 +0200)

committer Richard Levitte <levitte@openssl.org>

Sat, 15 Jul 2017 16:53:07 +0000 (18:53 +0200)
author Richard Levitte <levitte@openssl.org>
Sat, 15 Jul 2017 09:21:11 +0000 (11:21 +0200)
committer Richard Levitte <levitte@openssl.org>
Sat, 15 Jul 2017 16:53:07 +0000 (18:53 +0200)
diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c

index 31ca2c6315d17e6009e7c05d0e75443a80389508..7cb145753ee7a2f82e8eeb45a16591e94af2450e 100644 (file)
--- a/crypto/store/loader_file.c
+++ b/crypto/store/loader_file.c
@@ -783,9 +783,13 @@ static OSSL_STORE_LOADER_CTX *file_open(const OSSL_STORE_LOADER *loader,
  #ifdef _WIN32
          /* Windows file: URIs with a drive letter start with a / */
          if (p[0] == '/' && p[2] == ':' && p[3] == '/') {
-            p++;
-            /* We know it's absolute, so no need to check */
-            path_data[path_data_n].check_absolute = 0;
+            char c = tolower(p[1]);
+
+            if (c >= 'a' && c <= 'z') {
+                p++;
+                /* We know it's absolute, so no need to check */
+                path_data[path_data_n].check_absolute = 0;
+            }
          }
  #endif
          path_data[path_data_n++].path = p;
author	Richard Levitte <levitte@openssl.org>
	Sat, 15 Jul 2017 09:21:11 +0000 (11:21 +0200)
committer	Richard Levitte <levitte@openssl.org>
	Sat, 15 Jul 2017 16:53:07 +0000 (18:53 +0200)