[pkg-opensc-commit] [libp11] 12/51: Fixed PIN buffer sizes

Eric Dorland eric at moszumanska.debian.org
Wed Dec 7 17:51:30 UTC 2016 

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository libp11.

commit f49af1f70606897c0a3f02a8a73ead049df01822
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date:   Fri Oct 7 23:25:44 2016 +0200

    Fixed PIN buffer sizes
    
    OpenSSL UI needs an additional byte for the terminating '\0'.
---
 src/eng_back.c | 24 ++++++++++++------------
 src/p11_key.c  |  5 +++--
 2 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/src/eng_back.c b/src/eng_back.c
index 434b522..2fe18f4 100644
--- a/src/eng_back.c
+++ b/src/eng_back.c
@@ -105,10 +105,10 @@ static int get_pin(ENGINE_CTX *ctx, UI_METHOD *ui_method, void *callback_data)
 		UI_add_user_data(ui, callback_data);
 
 	destroy_pin(ctx);
-	ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH * sizeof(char));
+	ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH+1);
 	if (ctx->pin == NULL)
 		return 0;
-	memset(ctx->pin, 0, MAX_PIN_LENGTH * sizeof(char));
+	memset(ctx->pin, 0, MAX_PIN_LENGTH+1);
 	ctx->pin_length = MAX_PIN_LENGTH;
 	if (!UI_add_input_string(ui, "PKCS#11 token PIN: ",
 			UI_INPUT_FLAG_DEFAULT_PWD, ctx->pin, 1, MAX_PIN_LENGTH)) {
@@ -296,8 +296,8 @@ static X509 *pkcs11_load_cert(ENGINE_CTX *ctx, const char *s_slot_cert_id)
 	unsigned char cert_id[MAX_VALUE_LEN / 2];
 	size_t cert_id_len = sizeof(cert_id);
 	char *cert_label = NULL;
-	char tmp_pin[MAX_PIN_LENGTH];
-	size_t tmp_pin_len = sizeof(tmp_pin);
+	char tmp_pin[MAX_PIN_LENGTH+1];
+	size_t tmp_pin_len = MAX_PIN_LENGTH;
 	int slot_nr = -1;
 	char flags[64];
 
@@ -311,12 +311,12 @@ static X509 *pkcs11_load_cert(ENGINE_CTX *ctx, const char *s_slot_cert_id)
 				tmp_pin, &tmp_pin_len, &cert_label);
 			if (n && tmp_pin_len > 0 && tmp_pin[0] != 0) {
 				destroy_pin(ctx);
-				ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH * sizeof(char));
+				ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH+1);
 				if (ctx->pin != NULL) {
 					memcpy(ctx->pin, tmp_pin, tmp_pin_len);
 					ctx->pin_length = tmp_pin_len;
 				}
-				memset(ctx->pin, 0, MAX_PIN_LENGTH * sizeof(char));
+				memset(ctx->pin, 0, MAX_PIN_LENGTH+1);
 			}
 
 			if (!n) {
@@ -522,13 +522,13 @@ static int pkcs11_login(ENGINE_CTX *ctx, PKCS11_SLOT *slot, PKCS11_TOKEN *tok,
 			 * assigned (i.e, cached by get_pin) */
 			destroy_pin(ctx);
 		} else if (ctx->pin == NULL) {
-			ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH * sizeof(char));
+			ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH+1);
 			ctx->pin_length = MAX_PIN_LENGTH;
 			if (ctx->pin == NULL) {
 				fprintf(stderr, "Could not allocate memory for PIN");
 				return 0;
 			}
-			memset(ctx->pin, 0, MAX_PIN_LENGTH * sizeof(char));
+			memset(ctx->pin, 0, MAX_PIN_LENGTH+1);
 			if (!get_pin(ctx, ui_method, callback_data)) {
 				destroy_pin(ctx);
 				fprintf(stderr, "No pin code was entered");
@@ -574,8 +574,8 @@ static EVP_PKEY *pkcs11_load_key(ENGINE_CTX *ctx, const char *s_slot_key_id,
 	size_t key_id_len = sizeof(key_id);
 	char *key_label = NULL;
 	int slot_nr = -1;
-	char tmp_pin[MAX_PIN_LENGTH];
-	size_t tmp_pin_len = sizeof(tmp_pin);
+	char tmp_pin[MAX_PIN_LENGTH+1];
+	size_t tmp_pin_len = MAX_PIN_LENGTH;
 	char flags[64];
 	int already_logged_in = 0;
 
@@ -594,9 +594,9 @@ static EVP_PKEY *pkcs11_load_key(ENGINE_CTX *ctx, const char *s_slot_key_id,
 
 			if (n && tmp_pin_len > 0 && tmp_pin[0] != 0) {
 				destroy_pin(ctx);
-				ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH * sizeof(char));
+				ctx->pin = OPENSSL_malloc(MAX_PIN_LENGTH+1);
 				if (ctx->pin != NULL) {
-					memset(ctx->pin, 0, MAX_PIN_LENGTH * sizeof(char));
+					memset(ctx->pin, 0, MAX_PIN_LENGTH+1);
 					memcpy(ctx->pin, tmp_pin, tmp_pin_len);
 					ctx->pin_length = tmp_pin_len;
 				}
diff --git a/src/p11_key.c b/src/p11_key.c
index e8339fb..dd45aed 100644
--- a/src/p11_key.c
+++ b/src/p11_key.c
@@ -343,7 +343,7 @@ int pkcs11_authenticate(PKCS11_KEY *key)
 	PKCS11_SLOT *slot = TOKEN2SLOT(token);
 	PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
 	PKCS11_CTX *ctx = SLOT2CTX(slot);
-	char pin[MAX_PIN_LENGTH];
+	char pin[MAX_PIN_LENGTH+1];
 	UI *ui;
 	int rv;
 
@@ -360,6 +360,7 @@ int pkcs11_authenticate(PKCS11_KEY *key)
 		return PKCS11_UI_FAILED;
 	if (kpriv->ui_user_data != NULL)
 		UI_add_user_data(ui, kpriv->ui_user_data);
+	memset(pin, 0, MAX_PIN_LENGTH+1);
 	if (!UI_add_input_string(ui, "PKCS#11 key PIN: ",
 			UI_INPUT_FLAG_DEFAULT_PWD, pin, 1, MAX_PIN_LENGTH)) {
 		UI_free(ui);
@@ -375,7 +376,7 @@ int pkcs11_authenticate(PKCS11_KEY *key)
 	rv = CRYPTOKI_call(ctx,
 		C_Login(spriv->session, CKU_CONTEXT_SPECIFIC,
 			(CK_UTF8CHAR *)pin, strlen(pin)));
-	OPENSSL_cleanse(pin, MAX_PIN_LENGTH);
+	OPENSSL_cleanse(pin, MAX_PIN_LENGTH+1);
 	return rv == CKR_USER_ALREADY_LOGGED_IN ? 0 : rv;
 }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git

More information about the pkg-opensc-commit mailing list