From d5961b22fb4c28cb8e9fdbbb01c4be53b9f6cc55 Mon Sep 17 00:00:00 2001 From: EasySec Date: Tue, 10 Oct 2017 07:53:21 +1000 Subject: set_hex() behaviour change Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/4488) --- apps/enc.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) (limited to 'apps/enc.c') diff --git a/apps/enc.c b/apps/enc.c index 9c85ee58b6..4b861640bf 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -29,7 +29,7 @@ #define SIZE (512) #define BSIZE (8*1024) -static int set_hex(char *in, unsigned char *out, int size); +static int set_hex(const char *in, unsigned char *out, int size); static void show_ciphers(const OBJ_NAME *name, void *bio_); struct doall_enc_ciphers { @@ -461,7 +461,7 @@ int enc_main(int argc, char **argv) int siz = EVP_CIPHER_iv_length(cipher); if (siz == 0) { BIO_printf(bio_err, "warning: iv not use by this cipher\n"); - } else if (!set_hex(hiv, iv, sizeof iv)) { + } else if (!set_hex(hiv, iv, siz)) { BIO_printf(bio_err, "invalid hex iv value\n"); goto end; } @@ -601,22 +601,23 @@ static void show_ciphers(const OBJ_NAME *name, void *arg) BIO_printf(dec->bio, " "); } -static int set_hex(char *in, unsigned char *out, int size) +static int set_hex(const char *in, unsigned char *out, int size) { int i, n; unsigned char j; + i = size * 2; n = strlen(in); - if (n > (size * 2)) { - BIO_printf(bio_err, "hex string is too long\n"); - return 0; + if (n > i) { + BIO_printf(bio_err, "hex string is too long, ignoring excess\n"); + n = i; /* ignore exceeding part */ + } else if (n < i) { + BIO_printf(bio_err, "hex string is too short, padding with zero bytes to length\n"); } + memset(out, 0, size); for (i = 0; i < n; i++) { - j = (unsigned char)*in; - *(in++) = '\0'; - if (j == 0) - break; + j = (unsigned char)*in++; if (!isxdigit(j)) { BIO_printf(bio_err, "non-hex digit\n"); return 0; -- cgit v1.2.1