Fix BIO_printf format warnings

[oweals/openssl.git] / crypto / ct / ct_b64.c

diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c
index d6279d22981ecb46c9c42344f85aa0ab759580c9..cacec2fd8a54d4ff71c46a270d29347b9c28b1f7 100644 (file)
--- a/crypto/ct/ct_b64.c
+++ b/crypto/ct/ct_b64.c
@@ -1,7 +1,7 @@
 /*
  * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
  *
- * Licensed under the OpenSSL license (the "License").  You may not use
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
  * https://www.openssl.org/source/license.html
@@ -24,7 +24,7 @@
 static int ct_base64_decode(const char *in, unsigned char **out)
 {
     size_t inlen = strlen(in);
-    int outlen;
+    int outlen, i;
     unsigned char *outbuf = NULL;
 
     if (inlen == 0) {
@@ -45,6 +45,14 @@ static int ct_base64_decode(const char *in, unsigned char **out)
         goto err;
     }
 
+    /* Subtract padding bytes from |outlen|.  Any more than 2 is malformed. */
+    i = 0;
+    while (in[--inlen] == '=') {
+        --outlen;
+        if (++i > 2)
+            goto err;
+    }
+
     *out = outbuf;
     return outlen;
 err:
@@ -59,6 +67,7 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64,
 {
     SCT *sct = SCT_new();
     unsigned char *dec = NULL;
+    const unsigned char* p = NULL;
     int declen;
 
     if (sct == NULL) {
@@ -97,7 +106,9 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64,
         CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR);
         goto err;
     }
-    if (o2i_SCT_signature(sct, (const unsigned char **)&dec, declen) <= 0)
+
+    p = dec;
+    if (o2i_SCT_signature(sct, &p, declen) <= 0)
         goto err;
     OPENSSL_free(dec);
     dec = NULL;
@@ -115,17 +126,28 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64,
     return NULL;
 }
 
-CTLOG *CTLOG_new_from_base64(const char *pkey_base64, const char *name)
+/*
+ * Allocate, build and returns a new |ct_log| from input |pkey_base64|
+ * It returns 1 on success,
+ * 0 on decoding failure, or invalid parameter if any
+ * -1 on internal (malloc) failure
+ */
+int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, const char *name)
 {
     unsigned char *pkey_der = NULL;
-    int pkey_der_len = ct_base64_decode(pkey_base64, &pkey_der);
+    int pkey_der_len;
     const unsigned char *p;
     EVP_PKEY *pkey = NULL;
-    CTLOG *log = NULL;
 
-    if (pkey_der_len <= 0) {
+    if (ct_log == NULL) {
+        CTerr(CT_F_CTLOG_NEW_FROM_BASE64, ERR_R_PASSED_INVALID_ARGUMENT);
+        return 0;
+    }
+
+    pkey_der_len = ct_base64_decode(pkey_base64, &pkey_der);
+    if (pkey_der_len < 0) {
         CTerr(CT_F_CTLOG_NEW_FROM_BASE64, CT_R_LOG_CONF_INVALID_KEY);
-        return NULL;
+        return 0;
     }
 
     p = pkey_der;
@@ -133,14 +155,14 @@ CTLOG *CTLOG_new_from_base64(const char *pkey_base64, const char *name)
     OPENSSL_free(pkey_der);
     if (pkey == NULL) {
         CTerr(CT_F_CTLOG_NEW_FROM_BASE64, CT_R_LOG_CONF_INVALID_KEY);
-        return NULL;
+        return 0;
     }
 
-    log = CTLOG_new(pkey, name);
-    if (log == NULL) {
+    *ct_log = CTLOG_new(pkey, name);
+    if (*ct_log == NULL) {
         EVP_PKEY_free(pkey);
-        return NULL;
+        return 0;
     }
 
-    return log;
+    return 1;
 }