Fix small UI issues

- in EVP_read_pw_string_min(), the return value from UI_add_* wasn't
  properly checked
- in UI_process(), |state| was never made NULL, which means an error
  when closing the session wouldn't be accurately reported.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3849)

(cherry picked from commit b96dba9e5ec7afc355be1eab915f69c8c0d51741)

diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 8a4297cf6eaa3d166a1fa6cd69e212a62b3928dc..52011307ade3f1b6a25af457a9ea3affddfa9a65 100644 (file)
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -49,7 +49,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
                            int verify)
 {
-    int ret;
+    int ret = -1;
     char buff[BUFSIZ];
     UI *ui;
 
@@ -57,16 +57,18 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
         prompt = prompt_string;
     ui = UI_new();
     if (ui == NULL)
-        return -1;
-    UI_add_input_string(ui, prompt, 0, buf, min,
-                        (len >= BUFSIZ) ? BUFSIZ - 1 : len);
-    if (verify)
-        UI_add_verify_string(ui, prompt, 0,
-                             buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
-                             buf);
+        return ret;
+    if (UI_add_input_string(ui, prompt, 0, buf, min,
+                            (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0
+        || (verify
+            && UI_add_verify_string(ui, prompt, 0, buff, min,
+                                    (len >= BUFSIZ) ? BUFSIZ - 1 : len,
+                                    buf) < 0))
+        goto end;
     ret = UI_process(ui);
-    UI_free(ui);
     OPENSSL_cleanse(buff, BUFSIZ);
+ end:
+    UI_free(ui);
     return ret;
 }
 #endif /* OPENSSL_NO_UI */

diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 24d30e15927f4240dc1186ea7477ea37adf469ea..464dac4237b8e7647b7ae8e454930ab92f606aae 100644 (file)
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -479,6 +479,8 @@ int UI_process(UI *ui)
             }
         }
     }
+
+    state = NULL;
  err:
     if (ui->meth->ui_close_session != NULL
         && ui->meth->ui_close_session(ui) <= 0) {