From f22a0783075002f4b7802f54b3903ff733410110 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 5 Jul 2017 10:26:25 +0200 Subject: [PATCH] Fix small UI issues - in EVP_read_pw_string_min(), the return value from UI_add_* wasn't properly checked - in UI_process(), |state| was never made NULL, which means an error when closing the session wouldn't be accurately reported. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/3849) (cherry picked from commit b96dba9e5ec7afc355be1eab915f69c8c0d51741) --- crypto/evp/evp_key.c | 20 +++++++++++--------- crypto/ui/ui_lib.c | 2 ++ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 5be9e336f9..cdffe1c8c4 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -97,7 +97,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, int verify) { - int ret; + int ret = -1; char buff[BUFSIZ]; UI *ui; @@ -105,16 +105,18 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, prompt = prompt_string; ui = UI_new(); if (ui == NULL) - return -1; - UI_add_input_string(ui, prompt, 0, buf, min, - (len >= BUFSIZ) ? BUFSIZ - 1 : len); - if (verify) - UI_add_verify_string(ui, prompt, 0, - buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len, - buf); + return ret; + if (UI_add_input_string(ui, prompt, 0, buf, min, + (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0 + || (verify + && UI_add_verify_string(ui, prompt, 0, buff, min, + (len >= BUFSIZ) ? BUFSIZ - 1 : len, + buf) < 0)) + goto end; ret = UI_process(ui); - UI_free(ui); OPENSSL_cleanse(buff, BUFSIZ); + end: + UI_free(ui); return ret; } diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c index 643ae59343..d06089b5c5 100644 --- a/crypto/ui/ui_lib.c +++ b/crypto/ui/ui_lib.c @@ -520,6 +520,8 @@ int UI_process(UI *ui) } } } + + state = NULL; err: if (ui->meth->ui_close_session != NULL && ui->meth->ui_close_session(ui) <= 0) -- 2.25.1