From b96dba9e5ec7afc355be1eab915f69c8c0d51741 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 5 Jul 2017 10:26:25 +0200 Subject: [PATCH] Fix small UI issues - in EVP_read_pw_string_min(), the return value from UI_add_* wasn't properly checked - in UI_process(), |state| was never made NULL, which means an error when closing the session wouldn't be accurately reported. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/3849) --- crypto/evp/evp_key.c | 20 +++++++++++--------- crypto/ui/ui_lib.c | 2 ++ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 0d63e4f5bf..670276d1dc 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -48,7 +48,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) { - int ret; + int ret = -1; char buff[BUFSIZ]; UI *ui; @@ -56,16 +56,18 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, prompt = prompt_string; ui = UI_new(); if (ui == NULL) - return -1; - UI_add_input_string(ui, prompt, 0, buf, min, - (len >= BUFSIZ) ? BUFSIZ - 1 : len); - if (verify) - UI_add_verify_string(ui, prompt, 0, - buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len, - buf); + return ret; + if (UI_add_input_string(ui, prompt, 0, buf, min, + (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0 + || (verify + && UI_add_verify_string(ui, prompt, 0, buff, min, + (len >= BUFSIZ) ? BUFSIZ - 1 : len, + buf) < 0)) + goto end; ret = UI_process(ui); - UI_free(ui); OPENSSL_cleanse(buff, BUFSIZ); + end: + UI_free(ui); return ret; } diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c index 4469a436c2..5b3eaff121 100644 --- a/crypto/ui/ui_lib.c +++ b/crypto/ui/ui_lib.c @@ -515,6 +515,8 @@ int UI_process(UI *ui) } } } + + state = NULL; err: if (ui->meth->ui_close_session != NULL && ui->meth->ui_close_session(ui) <= 0) { -- 2.34.1