From 9eea2be6f142cf2f4db54eb14b078331ae2f29f0 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Tue, 6 Feb 2001 10:26:34 +0000 Subject: [PATCH] Avoid coredumps for CONF_get_...(NULL, ...) --- CHANGES | 9 +++++++ crypto/conf/conf_lib.c | 59 +++++++++++++++++++++++++++++------------- 2 files changed, 50 insertions(+), 18 deletions(-) diff --git a/CHANGES b/CHANGES index e3f2653945..997ca6101c 100644 --- a/CHANGES +++ b/CHANGES @@ -3,6 +3,15 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + *) In the NCONF_...-based implementations for CONF_... queries + (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using + a temporary CONF structure with the data component set to NULL + (which gives segmentation faults in lh_retrieve). + Instead, use NULL for the CONF pointer in CONF_get_string and + CONF_get_number (which may use environment variables) and directly + return NULL from CONF_get_section. + [Bodo Moeller] + *) Fix potential buffer overrun for EBCDIC. [Ulf Moeller] diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index 2005c87350..a071750249 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -131,40 +131,63 @@ LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline) STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section) { - CONF ctmp; + if (conf == NULL) + { + return NULL; + } + else + { + CONF ctmp; - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); + if (default_CONF_method == NULL) + default_CONF_method = NCONF_default(); - default_CONF_method->init(&ctmp); - ctmp.data = conf; - return NCONF_get_section(&ctmp, section); + default_CONF_method->init(&ctmp); + ctmp.data = conf; + return NCONF_get_section(&ctmp, section); + } } char *CONF_get_string(LHASH *conf,char *group,char *name) { - CONF ctmp; + if (conf == NULL) + { + return NCONF_get_string(NULL, group, name); + } + else + { + CONF ctmp; - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); + if (default_CONF_method == NULL) + default_CONF_method = NCONF_default(); - default_CONF_method->init(&ctmp); - ctmp.data = conf; - return NCONF_get_string(&ctmp, group, name); + default_CONF_method->init(&ctmp); + ctmp.data = conf; + return NCONF_get_string(&ctmp, group, name); + } } long CONF_get_number(LHASH *conf,char *group,char *name) { - CONF ctmp; int status; long result = 0; - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); + if (conf == NULL) + { + status = NCONF_get_number_e(NULL, group, name, &result); + } + else + { + CONF ctmp; + + if (default_CONF_method == NULL) + default_CONF_method = NCONF_default(); + + default_CONF_method->init(&ctmp); + ctmp.data = conf; + status = NCONF_get_number_e(&ctmp, group, name, &result); + } - default_CONF_method->init(&ctmp); - ctmp.data = conf; - status = NCONF_get_number_e(&ctmp, group, name, &result); if (status == 0) { /* This function does not believe in errors... */ -- 2.25.1