diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2016-06-18 15:46:13 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2016-07-15 14:09:05 +0100 |
| commit | d166ed8c11e10e9fdaeac182effb9dd318843924 (patch) | |
| tree | fd47ffb1f5d42b121b04d14c1a8f6bdc659637f6 /apps/passwd.c | |
| parent | 1fc431ba57d12189a9bdacd3999ea2a7b91458d8 (diff) | |
| download | openssl-new-d166ed8c11e10e9fdaeac182effb9dd318843924.tar.gz | |
check return values for EVP_Digest*() APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'apps/passwd.c')
| -rw-r--r-- | apps/passwd.c | 85 |
1 files changed, 53 insertions, 32 deletions
diff --git a/apps/passwd.c b/apps/passwd.c index e2825219c9..8404d8cc7a 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -287,7 +287,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) char *salt_out; int n; unsigned int i; - EVP_MD_CTX *md, *md2; + EVP_MD_CTX *md = NULL, *md2 = NULL; size_t passwd_len, salt_len; passwd_len = strlen(passwd); @@ -303,49 +303,65 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) assert(salt_len <= 8); md = EVP_MD_CTX_new(); - if (md == NULL) - return NULL; - EVP_DigestInit_ex(md, EVP_md5(), NULL); - EVP_DigestUpdate(md, passwd, passwd_len); - EVP_DigestUpdate(md, "$", 1); - EVP_DigestUpdate(md, magic, strlen(magic)); - EVP_DigestUpdate(md, "$", 1); - EVP_DigestUpdate(md, salt_out, salt_len); + if (md == NULL + || !EVP_DigestInit_ex(md, EVP_md5(), NULL) + || !EVP_DigestUpdate(md, passwd, passwd_len) + || !EVP_DigestUpdate(md, "$", 1) + || !EVP_DigestUpdate(md, magic, strlen(magic)) + || !EVP_DigestUpdate(md, "$", 1) + || !EVP_DigestUpdate(md, salt_out, salt_len)) md2 = EVP_MD_CTX_new(); - if (md2 == NULL) - return NULL; - EVP_DigestInit_ex(md2, EVP_md5(), NULL); - EVP_DigestUpdate(md2, passwd, passwd_len); - EVP_DigestUpdate(md2, salt_out, salt_len); - EVP_DigestUpdate(md2, passwd, passwd_len); - EVP_DigestFinal_ex(md2, buf, NULL); - - for (i = passwd_len; i > sizeof buf; i -= sizeof buf) - EVP_DigestUpdate(md, buf, sizeof buf); - EVP_DigestUpdate(md, buf, i); + if (md2 == NULL + || !EVP_DigestInit_ex(md2, EVP_md5(), NULL) + || !EVP_DigestUpdate(md2, passwd, passwd_len) + || !EVP_DigestUpdate(md2, salt_out, salt_len) + || !EVP_DigestUpdate(md2, passwd, passwd_len) + || !EVP_DigestFinal_ex(md2, buf, NULL)) + goto err; + + for (i = passwd_len; i > sizeof buf; i -= sizeof buf) { + if (!EVP_DigestUpdate(md, buf, sizeof buf)) + goto err; + } + if (!EVP_DigestUpdate(md, buf, i)) + goto err; n = passwd_len; while (n) { - EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1); + if (!EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1)) + goto err; n >>= 1; } - EVP_DigestFinal_ex(md, buf, NULL); + if (!EVP_DigestFinal_ex(md, buf, NULL)) + return NULL; for (i = 0; i < 1000; i++) { - EVP_DigestInit_ex(md2, EVP_md5(), NULL); - EVP_DigestUpdate(md2, (i & 1) ? (unsigned const char *)passwd : buf, - (i & 1) ? passwd_len : sizeof buf); - if (i % 3) - EVP_DigestUpdate(md2, salt_out, salt_len); - if (i % 7) - EVP_DigestUpdate(md2, passwd, passwd_len); - EVP_DigestUpdate(md2, (i & 1) ? buf : (unsigned const char *)passwd, - (i & 1) ? sizeof buf : passwd_len); - EVP_DigestFinal_ex(md2, buf, NULL); + if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL)) + goto err; + if (!EVP_DigestUpdate(md2, + (i & 1) ? (unsigned const char *)passwd : buf, + (i & 1) ? passwd_len : sizeof buf)) + goto err; + if (i % 3) { + if (!EVP_DigestUpdate(md2, salt_out, salt_len)) + goto err; + } + if (i % 7) { + if (!EVP_DigestUpdate(md2, passwd, passwd_len)) + goto err; + } + if (!EVP_DigestUpdate(md2, + (i & 1) ? buf : (unsigned const char *)passwd, + (i & 1) ? sizeof buf : passwd_len)) + goto err; + if (!EVP_DigestFinal_ex(md2, buf, NULL)) + goto err; } EVP_MD_CTX_free(md2); EVP_MD_CTX_free(md); + md2 = NULL; + md = NULL; { /* transform buf into output string */ @@ -386,6 +402,11 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) } return out_buf; + + err: + EVP_MD_CTX_free(md2); + EVP_MD_CTX_free(md); + return NULL; } # endif |