wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-04 01:55:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

global fixup to check or explicitly ignore return values from failable library/system calls that weren't already being checked;

Browse Source 
add wolfCrypt error codes IO_FAILED_E "Input/output failure" and SYSLIB_FAILED_E "System/library call failed";

tests/api.c and tests/unit.c: flush stdout for error message in Fail() macro, add fflush(stdout) after printf()s, print success message at end of unit_test(), and send several error messages to stderr instead of stdout;

wolfcrypt/test/test.c: add fallthrough macro definition of printf() that pairs it with fflush(stdout);

unit.h: in definition of macro AssertPtr(), add PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");

sp_int.c: refactor several lingering instances of "if (0) { ... }" code pattern to #if 0 ... #endif.
This commit is contained in:
Daniel Pouzzner
2022-07-11 22:27:43 -05:00
parent e30899b676
commit ccc5952369
22 changed files with 827 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/crl.c
View File

@@ -174,13 +174,20 @@ void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
#ifdef HAVE_CRL_MONITOR
if (crl->tid != 0) {
WOLFSSL_MSG("stopping monitor thread");
if (StopMonitor(crl->mfd) == 0)
pthread_join(crl->tid, NULL);
if (StopMonitor(crl->mfd) == 0) {
int _pthread_ret = pthread_join(crl->tid, NULL);
if (_pthread_ret != 0)
WOLFSSL_MSG("stop monitor failed in pthread_join");
}
else {
WOLFSSL_MSG("stop monitor failed");
}
}
pthread_cond_destroy(&crl->cond);
{
int _pthread_ret = pthread_cond_destroy(&crl->cond);
if (_pthread_ret != 0)
WOLFSSL_MSG("pthread_cond_destroy failed in FreeCRL()");
}
#endif
wc_FreeMutex(&crl->crlLock);
if (dynamic) /* free self */
@@ -1116,8 +1123,10 @@ static void* DoMonitor(void* arg)
XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (wd > 0)
inotify_rm_watch(notifyFd, wd);
if (wd > 0) {
if (inotify_rm_watch(notifyFd, wd) < 0)
WOLFSSL_MSG("inotify_rm_watch #1 failed in DoMonitor");
}
(void)close(crl->mfd);
(void)close(notifyFd);
return NULL;
@@ -1171,8 +1180,10 @@ static void* DoMonitor(void* arg)
XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (wd > 0)
inotify_rm_watch(notifyFd, wd);
if (wd > 0) {
if (inotify_rm_watch(notifyFd, wd) < 0)
WOLFSSL_MSG("inotify_rm_watch #2 failed in DoMonitor");
}
(void)close(crl->mfd);
(void)close(notifyFd);

11
src/internal.c
View File

@@ -12196,8 +12196,15 @@ int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type)
for (; suffix < MAX_SUFFIX; suffix++) {
/* /folder-path/<hash>.(r)N[0..9] */
XSNPRINTF(filename, len, "%s/%08lx.%s%d", entry->dir_name,
hash, post, suffix);
if (XSNPRINTF(filename, len, "%s/%08lx.%s%d", entry->dir_name,
hash, post, suffix)
>= len)
{
WOLFSSL_MSG("buffer overrun in LoadCertByIssuer");
ret = BUFFER_E;
break;
}
if(wc_FileExists(filename) == 0/*0 file exists */) {
if (type == X509_LU_X509) {

101
src/pk.c
View File

@@ -78,37 +78,72 @@ static int pk_bn_field_print_fp(XFILE fp, int indent, const char* field,
if (ret == 1) {
/* Print leading spaces, name and spaces before data. */
if (indent > 0) {
XFPRINTF(fp, "%*s", indent, "");
if (XFPRINTF(fp, "%*s", indent, "") < 0)
ret = 0;
}
XFPRINTF(fp, "%s:\n", field);
}
if (ret == 1) {
if (XFPRINTF(fp, "%s:\n", field) < 0)
ret = 0;
}
if (ret == 1) {
if (indent > 0) {
XFPRINTF(fp, "%*s", indent, "");
if (XFPRINTF(fp, "%*s", indent, "") < 0)
ret = 0;
}
XFPRINTF(fp, "%*s", HEX_INDENT, "");
}
if (ret == 1) {
if (XFPRINTF(fp, "%*s", HEX_INDENT, "") < 0)
ret = 0;
}
if (ret == 1) {
/* Print first byte - should always exist. */
if ((buf[i] != '\0') && (buf[i+1] != '\0')) {
XFPRINTF(fp, "%c", buf[i++]);
XFPRINTF(fp, "%c", buf[i++]);
if (XFPRINTF(fp, "%c", buf[i++]) < 0)
ret = 0;
else if (XFPRINTF(fp, "%c", buf[i++]) < 0)
ret = 0;
}
}
if (ret == 1) {
/* Print each hexadecimal character with byte separator. */
while ((buf[i] != '\0') && (buf[i+1] != '\0')) {
/* Byte separator every two nibbles - one byte. */
XFPRINTF(fp, ":");
if (XFPRINTF(fp, ":") < 0) {
ret = 0;
break;
}
/* New line after every 15 bytes - 30 nibbles. */
if (i % MAX_DIGITS_PER_LINE == 0) {
XFPRINTF(fp, "\n");
if (indent > 0) {
XFPRINTF(fp, "%*s", indent, "");
if (XFPRINTF(fp, "\n") < 0) {
ret = 0;
break;
}
if (indent > 0) {
if (XFPRINTF(fp, "%*s", indent, "") < 0) {
ret = 0;
break;
}
}
if (XFPRINTF(fp, "%*s", HEX_INDENT, "") < 0) {
ret = 0;
break;
}
XFPRINTF(fp, "%*s", HEX_INDENT, "");
}
/* Print two nibbles - one byte. */
XFPRINTF(fp, "%c", buf[i++]);
XFPRINTF(fp, "%c", buf[i++]);
if (XFPRINTF(fp, "%c", buf[i++]) < 0) {
ret = 0;
break;
}
if (XFPRINTF(fp, "%c", buf[i++]) < 0) {
ret = 0;
break;
}
}
/* Ensure on new line after data. */
XFPRINTF(fp, "\n");
if (XFPRINTF(fp, "\n") < 0) {
ret = 0;
}
}
/* Dispose of any allocated character array. */
@@ -1836,8 +1871,11 @@ int wolfSSL_RSA_print_fp(XFILE fp, WOLFSSL_RSA* rsa, int indent)
ret = 0;
}
else {
XFPRINTF(fp, "%*s", indent, "");
XFPRINTF(fp, "RSA Private-Key: (%d bit, 2 primes)\n", keySize);
if (XFPRINTF(fp, "%*s", indent, "") < 0)
ret = 0;
else if (XFPRINTF(fp, "RSA Private-Key: (%d bit, 2 primes)\n",
keySize) < 0)
ret = 0;
}
}
/* Print out any components available. */
@@ -4184,8 +4222,10 @@ int wolfSSL_DSA_print_fp(XFILE fp, WOLFSSL_DSA* dsa, int indent)
ret = 0;
}
else {
XFPRINTF(fp, "%*s", indent, "");
XFPRINTF(fp, "Private-Key: (%d bit)\n", pBits);
if (XFPRINTF(fp, "%*s", indent, "") < 0)
ret = 0;
else if (XFPRINTF(fp, "Private-Key: (%d bit)\n", pBits) < 0)
ret = 0;
}
}
if (ret == 1 && dsa->priv_key != NULL) {
@@ -7673,13 +7713,18 @@ int wolfSSL_EC_KEY_print_fp(XFILE fp, WOLFSSL_EC_KEY* key, int indent)
}
}
if (ret == 1) {
XFPRINTF(fp, "%*s", indent, "");
if (XFPRINTF(fp, "%*s", indent, "") < 0)
ret = 0;
}
if (ret == 1) {
if (key->priv_key != NULL && !wolfSSL_BN_is_zero(key->priv_key)) {
XFPRINTF(fp, "Private-Key: (%d bit)\n", bits);
if (XFPRINTF(fp, "Private-Key: (%d bit)\n", bits) < 0)
ret = 0;
priv = 1;
}
else {
XFPRINTF(fp, "Public-Key: (%d bit)\n", bits);
if (XFPRINTF(fp, "Public-Key: (%d bit)\n", bits) < 0)
ret = 0;
}
if (priv) {
@@ -7703,13 +7748,17 @@ int wolfSSL_EC_KEY_print_fp(XFILE fp, WOLFSSL_EC_KEY* key, int indent)
if (nid > 0) {
curve = wolfSSL_OBJ_nid2ln(nid);
if (curve != NULL) {
XFPRINTF(fp, "%*s", indent, "");
XFPRINTF(fp, "ASN1 OID: %s\n", curve);
if (XFPRINTF(fp, "%*s", indent, "") < 0)
ret = 0;
else if (XFPRINTF(fp, "ASN1 OID: %s\n", curve) < 0)
ret = 0;
}
nistName = wolfSSL_EC_curve_nid2nist(nid);
if (nistName != NULL) {
XFPRINTF(fp, "%*s", indent, "");
XFPRINTF(fp, "NIST CURVE: %s\n", nistName);
if (XFPRINTF(fp, "%*s", indent, "") < 0)
ret = 0;
else if (XFPRINTF(fp, "NIST CURVE: %s\n", nistName) < 0)
ret = 0;
}
}
}

48
src/ssl.c
View File

@@ -4426,7 +4426,8 @@ void wolfSSL_ERR_print_errors_fp(XFILE fp, int err)
WOLFSSL_ENTER("wolfSSL_ERR_print_errors_fp");
SetErrorString(err, data);
XFPRINTF(fp, "%s", data);
if (XFPRINTF(fp, "%s", data) < 0)
WOLFSSL_MSG("fprintf failed in wolfSSL_ERR_print_errors_fp");
}
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
@@ -16215,8 +16216,13 @@ cleanup:
ret = wc_PeekErrorNode(0, &file, &reason, &line);
if (ret >= 0) {
const char* r = wolfSSL_ERR_reason_error_string(0 - ret);
XSNPRINTF(buf, sizeof(buf), "error:%d:wolfSSL library:%s:%s:%d\n",
ret, r, file, line);
if (XSNPRINTF(buf, sizeof(buf),
"error:%d:wolfSSL library:%s:%s:%d\n",
ret, r, file, line)
>= (int)sizeof(buf))
{
WOLFSSL_MSG("Buffer overrun formatting error message");
}
wolfSSL_BIO_write(bio, buf, (int)XSTRLEN(buf));
wc_RemoveErrorNode(0);
}
@@ -19464,10 +19470,23 @@ char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method,
XMEMSET(tmp, 0, tmpSz);
for (i = 0; i < tmpSz && i < (s->length - 1); i++) {
XSNPRINTF(val, valSz - 1, "%02X:", str[i]);
if (XSNPRINTF(val, valSz, "%02X:", str[i])
>= valSz)
{
WOLFSSL_MSG("Buffer overrun");
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
XSTRNCAT(tmp, val, valSz);
}
XSNPRINTF(val, valSz - 1, "%02X", str[i]);
if (XSNPRINTF(val, valSz, "%02X", str[i])
>= valSz)
{
WOLFSSL_MSG("Buffer overrun");
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
XSTRNCAT(tmp, val, valSz);
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -36001,6 +36020,7 @@ char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM *bn)
int wolfSSL_BN_print_fp(XFILE fp, const WOLFSSL_BIGNUM *bn)
{
char *buf;
int ret;
WOLFSSL_ENTER("wolfSSL_BN_print_fp");
@@ -36015,10 +36035,14 @@ int wolfSSL_BN_print_fp(XFILE fp, const WOLFSSL_BIGNUM *bn)
return WOLFSSL_FAILURE;
}
XFPRINTF(fp, "%s", buf);
if (XFPRINTF(fp, "%s", buf) < 0)
ret = WOLFSSL_FAILURE;
else
ret = WOLFSSL_SUCCESS;
XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL);
return WOLFSSL_SUCCESS;
return ret;
}
#endif /* !NO_FILESYSTEM */
@@ -36191,7 +36215,12 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str,
return WOLFSSL_FAILURE;
}
XMEMSET(typebuf, 0, type_len);
XSNPRINTF((char*)typebuf, (size_t)type_len , "%s:", tag);
if (XSNPRINTF((char*)typebuf, (size_t)type_len , "%s:", tag)
>= (int)type_len)
{
WOLFSSL_MSG("Buffer overrun.");
return WOLFSSL_FAILURE;
}
type_len--;
}
@@ -37928,7 +37957,8 @@ int wolfSSL_RAND_write_file(const char* fname)
bytes = 0;
}
else {
XFWRITE(buf, 1, bytes, f);
size_t bytes_written = XFWRITE(buf, 1, bytes, f);
bytes = (int)bytes_written;
XFCLOSE(f);
}
}

319
src/x509.c
View File

@@ -1193,8 +1193,10 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
{
char isCa[] = "TRUE";
char notCa[] = "FALSE";
XSNPRINTF(tmp, sz, "%*sCA:%s", indent, "",
obj->ca ? isCa : notCa);
if (XSNPRINTF(tmp, sz, "%*sCA:%s", indent, "",
obj->ca ? isCa : notCa)
>= sz)
return rc;
break;
}
case ALT_NAMES_OID:
@@ -1221,11 +1223,17 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
WOLFSSL_MSG("Memory error");
return rc;
}
if (sk->next)
XSNPRINTF(val, len, "%*s%s,", indent, "", str->strData);
else
XSNPRINTF(val, len, "%*s%s", indent, "", str->strData);
if (sk->next) {
if (XSNPRINTF(val, len, "%*s%s,",
indent, "", str->strData)
>= len)
return rc;
} else {
if (XSNPRINTF(val, len, "%*s%s",
indent, "", str->strData)
>= len)
return rc;
}
XSTRNCAT(tmp, val, len);
XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
@@ -1238,7 +1246,9 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
{
char* asn1str;
asn1str = wolfSSL_i2s_ASN1_STRING(NULL, str);
XSNPRINTF(tmp, sz, "%*s%s", indent, "", asn1str);
if (XSNPRINTF(tmp, sz, "%*s%s", indent, "", asn1str)
>= sz)
return rc;
XFREE(asn1str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
break;
}
@@ -1250,7 +1260,9 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
break;
default:
XSNPRINTF(tmp, sz, "%*s%s", indent, "", str->strData);
if (XSNPRINTF(tmp, sz, "%*s%s", indent, "", str->strData)
>= sz)
return rc;
}
if (wolfSSL_BIO_write(out, tmp, (int)XSTRLEN(tmp)) == (int)XSTRLEN(tmp)) {
@@ -3051,7 +3063,10 @@ char* wolfSSL_X509_get_name_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)
WOLFSSL_MSG("Memory error");
return NULL;
}
XSNPRINTF(str, strSz, "%s=%s, ", sn, buf);
if (XSNPRINTF(str, strSz, "%s=%s, ", sn, buf) >= strSz) {
WOLFSSL_MSG("buffer overrun");
return NULL;
}
}
else {
/* Copy last name entry
@@ -3064,7 +3079,10 @@ char* wolfSSL_X509_get_name_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)
WOLFSSL_MSG("Memory error");
return NULL;
}
XSNPRINTF(str, strSz, "%s=%s", sn, buf);
if (XSNPRINTF(str, strSz, "%s=%s", sn, buf) >= strSz) {
WOLFSSL_MSG("buffer overrun");
return NULL;
}
}
/* Copy string to tmpBuf */
XSTRNCAT(tmpBuf, str, strSz);
@@ -5478,7 +5496,13 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
(int)XSTRLEN(" Version:")) <= 0) {
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp), " %d (0x%x)\n", version, (byte)version-1);
if (XSNPRINTF(tmp, sizeof(tmp), " %d (0x%x)\n",
version, (byte)version-1)
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return WOLFSSL_FAILURE;
}
@@ -5503,7 +5527,12 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
/* if serial can fit into byte than print on the same line */
if (sz <= (int)sizeof(byte)) {
char tmp[17];
XSNPRINTF(tmp, sizeof(tmp), " %d (0x%x)\n", serial[0],serial[0]);
if (XSNPRINTF(tmp, sizeof(tmp), " %d (0x%x)\n", serial[0],serial[0])
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return WOLFSSL_FAILURE;
}
@@ -5522,11 +5551,21 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
}
tmp[0] = '\0';
for (i = 0; i < sz - 1 && (3 * i) < tmpSz - valSz; i++) {
XSNPRINTF(val, sizeof(val) - 1, "%02x:", serial[i]);
if (XSNPRINTF(val, sizeof(val), "%02x:", serial[i])
>= (int)sizeof(val))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
val[3] = '\0'; /* make sure is null terminated */
XSTRNCAT(tmp, val, valSz);
}
XSNPRINTF(val, sizeof(val) - 1, "%02x\n", serial[i]);
if (XSNPRINTF(val, sizeof(val), "%02x\n", serial[i])
>= (int)sizeof(val))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
val[3] = '\0'; /* make sure is null terminated */
XSTRNCAT(tmp, val, valSz);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
@@ -5748,9 +5787,14 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
#endif
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1, "%s%s: (%d bit)\n%s\n",
if (XSNPRINTF(tmp, sizeof(tmp), "%s%s: (%d bit)\n%s\n",
" ", "Public-Key", 8 * sz,
" Modulus:");
" Modulus:")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp,
(int)XSTRLEN(tmp)) <= 0) {
@@ -5762,7 +5806,12 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
}
/* print out modulus */
XSNPRINTF(tmp, sizeof(tmp) - 1," ");
if (XSNPRINTF(tmp, sizeof(tmp), " ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
tmp[sizeof(tmp) - 1] = '\0';
if (mp_leading_bit(&rsa->n)) {
lbit = 1;
@@ -5783,10 +5832,15 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
mp_to_unsigned_bin(&rsa->n, rawKey);
for (idx = 0; idx < (word32)rawLen; idx++) {
char val[5];
int valSz = 5;
int valSz = (int)sizeof(val);
if ((idx == 0) && !lbit) {
XSNPRINTF(val, valSz - 1, "%02x", rawKey[idx]);
if (XSNPRINTF(val, valSz, "%02x", rawKey[idx])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
else if ((idx != 0) && (((idx + lbit) % 15) == 0)) {
tmp[sizeof(tmp) - 1] = '\0';
@@ -5800,12 +5854,27 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
#endif
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
":\n ");
XSNPRINTF(val, valSz - 1, "%02x", rawKey[idx]);
if (XSNPRINTF(tmp, sizeof(tmp),
":\n ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (XSNPRINTF(val, valSz, "%02x", rawKey[idx])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
else {
XSNPRINTF(val, valSz - 1, ":%02x", rawKey[idx]);
if (XSNPRINTF(val, valSz, ":%02x", rawKey[idx])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
XSTRNCAT(tmp, val, valSz);
}
@@ -5856,8 +5925,13 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
idx = ByteReverseWord32(idx);
#endif
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
"\n Exponent: %u (0x%x)\n",idx, idx);
if (XSNPRINTF(tmp, sizeof(tmp),
"\n Exponent: %u (0x%x)\n",idx, idx)
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, tmp,
(int)XSTRLEN(tmp)) <= 0) {
XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -5915,10 +5989,15 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
#endif
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1, "%s%s: (%d bit)\n%s\n",
if (XSNPRINTF(tmp, sizeof(tmp), "%s%s: (%d bit)\n%s\n",
" ", "Public-Key",
8 * wc_ecc_size(ecc),
" pub:");
" pub:")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp,
(int)XSTRLEN(tmp)) <= 0) {
@@ -5928,7 +6007,12 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
#endif
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1," ");
if (XSNPRINTF(tmp, sizeof(tmp)," ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
{
word32 derSz;
byte* der;
@@ -5959,7 +6043,12 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
int valSz = 5;
if (i == 0) {
XSNPRINTF(val, valSz - 1, "%02x", der[i]);
if (XSNPRINTF(val, valSz, "%02x", der[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
else if ((i % 15) == 0) {
tmp[sizeof(tmp) - 1] = '\0';
@@ -5973,12 +6062,27 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
":\n ");
XSNPRINTF(val, valSz - 1, "%02x", der[i]);
if (XSNPRINTF(tmp, sizeof(tmp),
":\n ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (XSNPRINTF(val, valSz, "%02x", der[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
else {
XSNPRINTF(val, valSz - 1, ":%02x", der[i]);
if (XSNPRINTF(val, valSz, ":%02x", der[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
XSTRNCAT(tmp, val, valSz);
}
@@ -6000,9 +6104,14 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
XFREE(der, x509->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
XSNPRINTF(tmp, sizeof(tmp) - 1, "\n%s%s: %s\n",
if (XSNPRINTF(tmp, sizeof(tmp), "\n%s%s: %s\n",
" ", "ASN1 OID",
ecc->dp->name);
ecc->dp->name)
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, tmp,
(int)XSTRLEN(tmp)) <= 0) {
wc_ecc_free(ecc);
@@ -6038,8 +6147,13 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
char val[5];
int valSz = 5;
XSNPRINTF(tmp, sizeof(tmp),
" X509v3 Subject Key Identifier: ");
if (XSNPRINTF(tmp, sizeof(tmp),
" X509v3 Subject Key Identifier: ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (x509->subjKeyIdCrit) {
XSTRNCAT(tmp, "critical", sizeof(tmp) - XSTRLEN(tmp) - 1);
}
@@ -6050,12 +6164,27 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
}
XMEMSET(tmp, 0, sizeof(tmp));
XSNPRINTF(tmp, sizeof(tmp) - 1, " ");
if (XSNPRINTF(tmp, sizeof(tmp), " ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
for (i = 0; i < sizeof(tmp) && i < (x509->subjKeyIdSz - 1); i++) {
XSNPRINTF(val, valSz - 1, "%02X:", x509->subjKeyId[i]);
if (XSNPRINTF(val, valSz, "%02X:", x509->subjKeyId[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
XSTRNCAT(tmp, val, valSz);
}
XSNPRINTF(val, valSz - 1, "%02X\n", x509->subjKeyId[i]);
if (XSNPRINTF(val, valSz, "%02X\n", x509->subjKeyId[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
XSTRNCAT(tmp, val, valSz);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return WOLFSSL_FAILURE;
@@ -6071,8 +6200,13 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
int valSz = 5;
int len = 0;
XSNPRINTF(tmp, sizeof(tmp),
" X509v3 Authority Key Identifier: ");
if (XSNPRINTF(tmp, sizeof(tmp),
" X509v3 Authority Key Identifier: ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (x509->authKeyIdCrit) {
XSTRNCAT(tmp, "critical", sizeof(tmp) - XSTRLEN(tmp) - 1);
}
@@ -6083,7 +6217,12 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
}
XMEMSET(tmp, 0, sizeof(tmp));
XSNPRINTF(tmp, sizeof(tmp) - 1, " keyid");
if (XSNPRINTF(tmp, sizeof(tmp), " keyid")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
for (i = 0; i < x509->authKeyIdSz; i++) {
/* check if buffer is almost full */
if (XSTRLEN(tmp) >= sizeof(tmp) - valSz) {
@@ -6092,7 +6231,12 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
}
tmp[0] = '\0';
}
XSNPRINTF(val, valSz - 1, ":%02X", x509->authKeyId[i]);
if (XSNPRINTF(val, valSz, ":%02X", x509->authKeyId[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
XSTRNCAT(tmp, val, valSz);
}
len = (int)XSTRLEN("\n");
@@ -6106,8 +6250,13 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
if (x509->basicConstSet) {
char tmp[100];
XSNPRINTF(tmp, sizeof(tmp),
"\n X509v3 Basic Constraints: ");
if (XSNPRINTF(tmp, sizeof(tmp),
"\n X509v3 Basic Constraints: ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (x509->basicConstCrit) {
XSTRNCAT(tmp, "critical", sizeof(tmp) - XSTRLEN(tmp) - 1);
}
@@ -6118,9 +6267,14 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
}
XMEMSET(tmp, 0, sizeof(tmp));
XSNPRINTF(tmp, sizeof(tmp),
if (XSNPRINTF(tmp, sizeof(tmp),
" CA:%s\n",
(x509->isCa)? "TRUE": "FALSE");
(x509->isCa)? "TRUE": "FALSE")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return WOLFSSL_FAILURE;
}
@@ -6143,7 +6297,12 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
(int)XSTRLEN(" Signature Algorithm: ")) <= 0) {
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,"%s\n", GetSigName(sigOid));
if (XSNPRINTF(tmp, sizeof(tmp),"%s\n", GetSigName(sigOid))
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
tmp[sizeof(tmp) - 1] = '\0';
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
return WOLFSSL_FAILURE;
@@ -6159,14 +6318,24 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1," ");
if (XSNPRINTF(tmp, sizeof(tmp)," ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
tmp[sizeof(tmp) - 1] = '\0';
for (i = 0; i < sigSz; i++) {
char val[5];
int valSz = 5;
if (i == 0) {
XSNPRINTF(val, valSz - 1, "%02x", sig[i]);
if (XSNPRINTF(val, valSz, "%02x", sig[i])
>= valSz - 1)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
else if (((i % 18) == 0)) {
tmp[sizeof(tmp) - 1] = '\0';
@@ -6175,12 +6344,27 @@ int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
":\n ");
XSNPRINTF(val, valSz - 1, "%02x", sig[i]);
if (XSNPRINTF(tmp, sizeof(tmp),
":\n ")
>= (int)sizeof(tmp))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
if (XSNPRINTF(val, valSz, "%02x", sig[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
else {
XSNPRINTF(val, valSz - 1, ":%02x", sig[i]);
if (XSNPRINTF(val, valSz, ":%02x", sig[i])
>= valSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
}
XSTRNCAT(tmp, val, valSz);
}
@@ -6278,8 +6462,13 @@ int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp,
for (i = 0; i < length; ++i) {
char hex_digits[4];
#ifdef XSNPRINTF
XSNPRINTF(hex_digits, sizeof(hex_digits), "%c%02X", i>0 ? ':' : ' ',
(unsigned int)sigalg->algorithm->obj[idx+i]);
if (XSNPRINTF(hex_digits, sizeof(hex_digits), "%c%02X", i>0 ? ':' : ' ',
(unsigned int)sigalg->algorithm->obj[idx+i])
>= (int)sizeof(hex_digits))
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
#else
XSPRINTF(hex_digits, "%c%02X", i>0 ? ':' : ' ',
(unsigned int)sigalg->algorithm->obj[idx+i]);
@@ -11422,11 +11611,21 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
}
if (i < count - 1) {
XSNPRINTF(tmp, tmpSz, "%s=%s,", buf, nameStr);
if (XSNPRINTF(tmp, tmpSz, "%s=%s,", buf, nameStr)
>= tmpSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
tmpSz = len + nameStrSz + 2; /* 2 for '=', comma */
}
else {
XSNPRINTF(tmp, tmpSz, "%s=%s", buf, nameStr);
if (XSNPRINTF(tmp, tmpSz, "%s=%s", buf, nameStr)
>= tmpSz)
{
WOLFSSL_MSG("buffer overrun");
return WOLFSSL_FAILURE;
}
tmpSz = len + nameStrSz + 1; /* 1 for '=' */
if (bio->type != WOLFSSL_BIO_FILE)
++tmpSz; /* include the terminating null when not writing to a