Fix warnings about ignoring fgets return value

diff --git a/apps/ca.c b/apps/ca.c
index 7bd229139ecc05c40ee59294436a63e4dbb9d58a..7fc2d5766634116990ed7e19fd9d543fa9a5a9d5 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1249,7 +1249,12 @@ bad:
                                BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total);
                                (void)BIO_flush(bio_err);
                                buf[0][0]='\0';
-                               fgets(buf[0],10,stdin);
+                               if (!fgets(buf[0],10,stdin))
+                                       {
+                                       BIO_printf(bio_err,"CERTIFICATION CANCELED: I/O error\n"); 
+                                       ret=0;
+                                       goto err;
+                                       }
                                if ((buf[0][0] != 'y') && (buf[0][0] != 'Y'))
                                        {
                                        BIO_printf(bio_err,"CERTIFICATION CANCELED\n"); 
@@ -2101,7 +2106,12 @@ again2:
                BIO_printf(bio_err,"Sign the certificate? [y/n]:");
                (void)BIO_flush(bio_err);
                buf[0]='\0';
-               fgets(buf,sizeof(buf)-1,stdin);
+               if (!fgets(buf,sizeof(buf)-1,stdin))
+                       {
+                       BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED: I/O error\n");
+                       ok=0;
+                       goto err;
+                       }
                if (!((buf[0] == 'y') || (buf[0] == 'Y')))
                        {
                        BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n");

diff --git a/apps/enc.c b/apps/enc.c
index f4f9a4c4a4e58d0a044f8e07129b446a11213046..8f5e5b89359fe3dc4ba3470c0c7a82943e208a39 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -226,7 +226,12 @@ int MAIN(int argc, char **argv)
                                goto bad;
                                }
                        buf[0]='\0';
-                       fgets(buf,sizeof buf,infile);
+                       if (!fgets(buf,sizeof buf,infile))
+                               {
+                               BIO_printf(bio_err,"unable to read key from '%s'\n",
+                                       file);
+                               goto bad;
+                               }
                        fclose(infile);
                        i=strlen(buf);
                        if ((i > 0) &&

diff --git a/apps/openssl.c b/apps/openssl.c
index 7d2b476cf048ed93e743abe03969ba45f24b50d9..8e2d8dd569de402ccadcc2e9d74792d416ed59a4 100644 (file)
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -333,7 +333,8 @@ int main(int Argc, char *Argv[])
                        else    prompt="OpenSSL> ";
                        fputs(prompt,stdout);
                        fflush(stdout);
-                       fgets(p,n,stdin);
+                       if (!fgets(p,n,stdin))
+                               goto end;
                        if (p[0] == '\0') goto end;
                        i=strlen(p);
                        if (i <= 1) break;

diff --git a/apps/req.c b/apps/req.c
index 5ed08960c1dcf9fb128375fe083b49eba93bae3a..314197de839b5f0eba6f5893459f84b6db0e29f2 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -1538,7 +1538,8 @@ start:
                buf[0]='\0';
                if (!batch)
                        {
-                       fgets(buf,sizeof buf,stdin);
+                       if (!fgets(buf,sizeof buf,stdin))
+                               return 0;
                        }
                else
                        {
@@ -1596,7 +1597,8 @@ start:
                buf[0]='\0';
                if (!batch)
                        {
-                       fgets(buf,sizeof buf,stdin);
+                       if (!fgets(buf,sizeof buf,stdin))
+                               return 0;
                        }
                else
                        {

diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index ef930bf2476e9c4fae856697750709add1241933..06270f09cd425b910790bdebbd914772935ed896 100644 (file)
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -297,7 +297,7 @@ static int is_a_tty;
 
 /* Declare static functions */
 #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static void read_till_nl(FILE *);
+static int read_till_nl(FILE *);
 static void recsig(int);
 static void pushsig(void);
 static void popsig(void);
@@ -390,14 +390,16 @@ static int read_string(UI *ui, UI_STRING *uis)
 
 #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
 /* Internal functions to read a string without echoing */
-static void read_till_nl(FILE *in)
+static int read_till_nl(FILE *in)
        {
 #define SIZE 4
        char buf[SIZE+1];
 
        do      {
-               fgets(buf,SIZE,in);
+               if (!fgets(buf,SIZE,in))
+                       return 0;
                } while (strchr(buf,'\n') == NULL);
+       return 1;
        }
 
 static volatile sig_atomic_t intr_signal;
@@ -445,7 +447,8 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
                        *p='\0';
                }
        else
-               read_till_nl(tty_in);
+               if (!read_till_nl(tty_in))
+                       goto error;
        if (UI_set_result(ui, uis, result) >= 0)
                ok=1;
 

diff --git a/fips/fipsld b/fips/fipsld
index c71d4d95a5fba9ba1d6b9c42ebf07cf27b62d3ad..461f1effdd89fa357351c0550a14e7c46f52222e 100755 (executable)
--- a/fips/fipsld
+++ b/fips/fipsld
@@ -118,11 +118,14 @@ lib*|*.dll)       # must be linking a shared lib...
 
        # generate signature...
        SIG=`"${THERE}/fips/fips_premain_dso" "${TARGET}"`
+echo $TARGET: $SIG >>/tmp/fipsld.log
+incore $TARGET >>/tmp/fipsld.log 2>&1
        /bin/rm -f "${TARGET}"
        if [ -z "${SIG}" ]; then
           echo "unable to collect signature"; exit 1
        fi
 
+
        # recompile with signature...
        ${CC}   ${CANISTER_O_CMD:+"${CANISTER_O_CMD}"} \
                -DHMAC_SHA1_SIG=\"${SIG}\" "${PREMAIN_C}" \
@@ -157,6 +160,8 @@ lib*|*.dll) # must be linking a shared lib...
 
        # generate signature...
        SIG=`"${TARGET}"`
+echo $TARGET: $SIG >>/tmp/fipsld.log
+incore $TARGET >>/tmp/fipsld.log 2>&1
        /bin/rm -f "${TARGET}"
        if [ -z "${SIG}" ]; then
           echo "unable to collect signature"; exit 1