diff options
author | Wan-Teh Chang <wtc@google.com> | 2015-08-26 14:00:27 -0700 |
---|---|---|
committer | Wan-Teh Chang <wtc@google.com> | 2015-08-26 14:00:27 -0700 |
commit | fef5ef6233694c2fb41a782dcaef1925d09560d8 (patch) | |
tree | db3c6a6bc337264d0e38278ee065f43029dc0047 /cmd/signtool | |
parent | c0c80b296afec25a99b19bd0c6478db76912292f (diff) | |
download | nss-hg-fef5ef6233694c2fb41a782dcaef1925d09560d8.tar.gz |
Bug 1182667: Check the return value of fgets() in GetSubjectFromUser().
r=mt.
Diffstat (limited to 'cmd/signtool')
-rw-r--r-- | cmd/signtool/certgen.c | 31 |
1 files changed, 24 insertions, 7 deletions
diff --git a/cmd/signtool/certgen.c b/cmd/signtool/certgen.c index 0f7c596dd..5a645049c 100644 --- a/cmd/signtool/certgen.c +++ b/cmd/signtool/certgen.c @@ -73,6 +73,9 @@ GenerateCert(char *nickname, int keysize, char *token) LL_L2UI(serial, PR_Now()); subject = GetSubjectFromUser(serial); + if (!subject) { + FatalError("Unable to get subject from user"); + } cert = GenerateSelfSignedObjectSigningCert(nickname, db, subject, serial, keysize, token); @@ -122,7 +125,9 @@ GetSubjectFromUser(unsigned long serial) #else PR_fprintf(PR_STDOUT, "certificate common name: "); #endif - fgets(buf, STDIN_BUF_SIZE, stdin); + if (!fgets(buf, STDIN_BUF_SIZE, stdin)) { + return NULL; + } cp = chop(buf); if (*cp == '\0') { sprintf(common_name_buf, "%s (%lu)", DEFAULT_COMMON_NAME, @@ -144,7 +149,9 @@ GetSubjectFromUser(unsigned long serial) #else PR_fprintf(PR_STDOUT, "organization: "); #endif - fgets(buf, STDIN_BUF_SIZE, stdin); + if (!fgets(buf, STDIN_BUF_SIZE, stdin)) { + return NULL; + } cp = chop(buf); if (*cp != '\0') { org = PORT_ZAlloc(strlen(cp) + 5); @@ -163,7 +170,9 @@ GetSubjectFromUser(unsigned long serial) #else PR_fprintf(PR_STDOUT, "organization unit: "); #endif - fgets(buf, STDIN_BUF_SIZE, stdin); + if (!fgets(buf, STDIN_BUF_SIZE, stdin)) { + return NULL; + } cp = chop(buf); if (*cp != '\0') { orgunit = PORT_ZAlloc(strlen(cp) + 6); @@ -181,7 +190,9 @@ GetSubjectFromUser(unsigned long serial) #else PR_fprintf(PR_STDOUT, "state or province: "); #endif - fgets(buf, STDIN_BUF_SIZE, stdin); + if (!fgets(buf, STDIN_BUF_SIZE, stdin)) { + return NULL; + } cp = chop(buf); if (*cp != '\0') { state = PORT_ZAlloc(strlen(cp) + 6); @@ -199,7 +210,9 @@ GetSubjectFromUser(unsigned long serial) #else PR_fprintf(PR_STDOUT, "country (must be exactly 2 characters): "); #endif - fgets(buf, STDIN_BUF_SIZE, stdin); + if (!fgets(buf, STDIN_BUF_SIZE, stdin)) { + return NULL; + } cp = chop(cp); if (strlen(cp) != 2) { *cp = '\0'; /* country code must be 2 chars */ @@ -220,7 +233,9 @@ GetSubjectFromUser(unsigned long serial) #else PR_fprintf(PR_STDOUT, "username: "); #endif - fgets(buf, STDIN_BUF_SIZE, stdin); + if (!fgets(buf, STDIN_BUF_SIZE, stdin)) { + return NULL; + } cp = chop(buf); if (*cp != '\0') { uid = PORT_ZAlloc(strlen(cp) + 7); @@ -238,7 +253,9 @@ GetSubjectFromUser(unsigned long serial) #else PR_fprintf(PR_STDOUT, "email address: "); #endif - fgets(buf, STDIN_BUF_SIZE, stdin); + if (!fgets(buf, STDIN_BUF_SIZE, stdin)) { + return NULL; + } cp = chop(buf); if (*cp != '\0') { email = PORT_ZAlloc(strlen(cp) + 5); |