Commit df7777ac authored by Dana Keeler's avatar Dana Keeler

bug 1538980 - null-terminate ascii input in SECU_ReadDERFromFile so strstr is...

bug 1538980 - null-terminate ascii input in SECU_ReadDERFromFile so strstr is safe to call r=jcj,kjacobs

Differential Revision: https://phabricator.services.mozilla.com/D61931

--HG--
extra : moz-landing-system : lando
parent 23ea0a45
......@@ -494,23 +494,30 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii,
if (ascii) {
/* First convert ascii to binary */
SECItem filedata;
char *asc, *body;
/* Read in ascii data */
rv = SECU_FileToItem(&filedata, inFile);
if (rv != SECSuccess)
return rv;
asc = (char *)filedata.data;
if (!asc) {
if (!filedata.data) {
fprintf(stderr, "unable to read data from input file\n");
return SECFailure;
}
/* need one additional byte for zero terminator */
rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
if (rv != SECSuccess) {
PORT_Free(filedata.data);
return rv;
}
char *asc = (char *)filedata.data;
asc[filedata.len - 1] = '\0';
if (warnOnPrivateKeyInAsciiFile && strstr(asc, "PRIVATE KEY")) {
fprintf(stderr, "Warning: ignoring private key. Consider to use "
"pk12util.\n");
}
char *body;
/* check for headers and trailers and remove them */
if ((body = strstr(asc, "-----BEGIN")) != NULL) {
char *trailer = NULL;
......@@ -528,14 +535,7 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii,
return SECFailure;
}
} else {
/* need one additional byte for zero terminator */
rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
if (rv != SECSuccess) {
PORT_Free(filedata.data);
return rv;
}
body = (char *)filedata.data;
body[filedata.len - 1] = '\0';
body = asc;
}
/* Convert to binary */
......
......@@ -55,16 +55,26 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
if (ascii) {
/* First convert ascii to binary */
SECItem filedata;
char *asc, *body;
/* Read in ascii data */
rv = SECU_FileToItem(&filedata, inFile);
asc = (char *)filedata.data;
if (!asc) {
if (rv != SECSuccess) {
return rv;
}
if (!filedata.data) {
fprintf(stderr, "unable to read data from input file\n");
return SECFailure;
}
/* need one additional byte for zero terminator */
rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
if (rv != SECSuccess) {
PORT_Free(filedata.data);
return rv;
}
char *asc = (char *)filedata.data;
asc[filedata.len - 1] = '\0';
char *body;
/* check for headers and trailers and remove them */
if ((body = strstr(asc, "-----BEGIN")) != NULL) {
char *trailer = NULL;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment