diff --git a/src/ocsp.c b/src/ocsp.c index 7863f5672..6326ade08 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -652,7 +652,8 @@ OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio, i = XFTELL(bio->file); if (i < 0) return NULL; - XFSEEK(bio->file, 0, SEEK_END); + if(XFSEEK(bio->file, 0, SEEK_END) != 0) + return NULL; l = XFTELL(bio->file); if (l < 0) return NULL; diff --git a/src/sniffer.c b/src/sniffer.c index 2feec52f9..96c633fe5 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -1166,7 +1166,7 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz, file = XFOPEN(keyFile, "rb"); if (file == XBADFILE) return -1; - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) return -1; fileSz = XFTELL(file); XREWIND(file); diff --git a/src/ssl.c b/src/ssl.c index 0aa2dc6f3..cd97cacaa 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5693,7 +5693,8 @@ int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, int type, file = XFOPEN(fname, "rb"); if (file == XBADFILE) return WOLFSSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); + if (XFSEEK(file, 0, XSEEK_END) != 0) + return WOLFSSL_BAD_FILE; sz = XFTELL(file); XREWIND(file); @@ -5829,7 +5830,8 @@ int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname, WOLFSSL_ENTER("wolfSSL_CertManagerVerify"); if (file == XBADFILE) return WOLFSSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + return WOLFSSL_BAD_FILE; sz = XFTELL(file); XREWIND(file); @@ -6283,7 +6285,8 @@ static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl, file = XFOPEN(fname, "rb"); if (file == XBADFILE) return WOLFSSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + return WOLFSSL_BAD_FILE;; sz = XFTELL(file); XREWIND(file); @@ -8302,7 +8305,8 @@ int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname) return WOLFSSL_BAD_FILE; } - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + return WOLFSSL_BAD_FILE; memSz = (int)XFTELL(file); XREWIND(file); @@ -15094,7 +15098,8 @@ WOLFSSL_X509* wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file) byte* fileBuffer = NULL; long sz = 0; - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + return NULL; sz = XFTELL(file); XREWIND(file); @@ -15145,7 +15150,11 @@ WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format) if (file == XBADFILE) return NULL; - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0){ + XFCLOSE(file); + return NULL; + } + sz = XFTELL(file); XREWIND(file); @@ -17450,7 +17459,8 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup, if (fp == NULL) return BAD_FUNC_ARG; - XFSEEK(fp, 0, XSEEK_END); + if(XFSEEK(fp, 0, XSEEK_END) != 0) + return WOLFSSL_BAD_FILE; sz = XFTELL(fp); XREWIND(fp); @@ -18405,7 +18415,8 @@ static void *wolfSSL_d2i_X509_fp_ex(XFILE file, void **x509, int type) { long sz = 0; - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + return NULL; sz = XFTELL(file); XREWIND(file); @@ -21510,7 +21521,8 @@ int wolfSSL_cmp_peer_cert_to_file(WOLFSSL* ssl, const char *fname) if (file == XBADFILE) return WOLFSSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + return WOLFSSL_BAD_FILE;; sz = XFTELL(file); XREWIND(file); @@ -31133,9 +31145,11 @@ WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bio, WOLFSSL_DH **x, } else if (bio->type == WOLFSSL_BIO_FILE) { /* Read whole file into a new buffer. */ - XFSEEK(bio->file, 0, SEEK_END); + if(XFSEEK(bio->file, 0, SEEK_END) != 0) + goto end; sz = XFTELL(bio->file); - XFSEEK(bio->file, 0, SEEK_SET); + if(XFSEEK(bio->file, 0, SEEK_SET) != 0) + goto end; if (sz <= 0L) goto end; mem = (unsigned char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_PEM); diff --git a/tests/api.c b/tests/api.c index 4fd5c2903..4797051fd 100644 --- a/tests/api.c +++ b/tests/api.c @@ -15974,7 +15974,7 @@ static void test_wolfSSL_PEM_PrivateKey(void) file = XFOPEN(fname, "rb"); AssertTrue((file != XBADFILE)); - XFSEEK(file, 0, XSEEK_END); + AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0); sz = XFTELL(file); XREWIND(file); AssertNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); @@ -16004,7 +16004,7 @@ static void test_wolfSSL_PEM_PrivateKey(void) file = XFOPEN(fname, "rb"); AssertTrue((file != XBADFILE)); - XFSEEK(file, 0, XSEEK_END); + AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0); sz = XFTELL(file); XREWIND(file); AssertNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)); @@ -18245,7 +18245,7 @@ static void test_wolfSSL_d2i_PrivateKeys_bio(void) file = XFOPEN(fname, "rb"); AssertTrue((file != XBADFILE)); - XFSEEK(file, 0, XSEEK_END); + AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0); sz = XFTELL(file); XREWIND(file); AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE)); @@ -18273,7 +18273,7 @@ static void test_wolfSSL_d2i_PrivateKeys_bio(void) file = XFOPEN(fname, "rb"); AssertTrue((file != XBADFILE)); - XFSEEK(file, 0, XSEEK_END); + AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0); sz = XFTELL(file); XREWIND(file); AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE)); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 836943638..bd132ae6b 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -8404,7 +8404,8 @@ int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) ret = BUFFER_E; } else { - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + ret = BUFFER_E; sz = XFTELL(file); XREWIND(file); @@ -8477,7 +8478,8 @@ int wc_PemPubKeyToDer(const char* fileName, ret = BUFFER_E; } else { - XFSEEK(file, 0, XSEEK_END); + if(XFSEEK(file, 0, XSEEK_END) != 0) + ret = BUFFER_E; sz = XFTELL(file); XREWIND(file);