Skip to content

Commit

Permalink
bug 1538980 - null-terminate ascii input in SECU_ReadDERFromFile so s…
Browse files Browse the repository at this point in the history 
…trstr is safe to call r=jcj,kjacobs

Differential Revision: https://phabricator.services.mozilla.com/D61931

--HG--
extra : moz-landing-system : lando
  • Loading branch information
@mozkeeler
mozkeeler committed Feb 11, 2020
1 parent 23ea0a4 commit df7777a
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 14 deletions.
22 changes: 11 additions & 11 deletions cmd/lib/secutil.c
View file
Expand Up @@ -494,23 +494,30 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii,
if (ascii) {
/* First convert ascii to binary */
SECItem filedata;
char *asc, *body;

/* Read in ascii data */
rv = SECU_FileToItem(&filedata, inFile);
if (rv != SECSuccess)
return rv;
asc = (char *)filedata.data;
if (!asc) {
if (!filedata.data) {
fprintf(stderr, "unable to read data from input file\n");
return SECFailure;
}
/* need one additional byte for zero terminator */
rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
if (rv != SECSuccess) {
PORT_Free(filedata.data);
return rv;
}
char *asc = (char *)filedata.data;
asc[filedata.len - 1] = '\0';

if (warnOnPrivateKeyInAsciiFile && strstr(asc, "PRIVATE KEY")) {
fprintf(stderr, "Warning: ignoring private key. Consider to use "
"pk12util.\n");
}

char *body;
/* check for headers and trailers and remove them */
if ((body = strstr(asc, "-----BEGIN")) != NULL) {
char *trailer = NULL;
Expand All @@ -528,14 +535,7 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii,
return SECFailure;
}
} else {
/* need one additional byte for zero terminator */
rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
if (rv != SECSuccess) {
PORT_Free(filedata.data);
return rv;
}
body = (char *)filedata.data;
body[filedata.len - 1] = '\0';
body = asc;
}

/* Convert to binary */
Expand Down
16 changes: 13 additions & 3 deletions lib/libpkix/pkix_pl_nss/module/pkix_pl_colcertstore.c
View file
Expand Up @@ -55,16 +55,26 @@ SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
if (ascii) {
/* First convert ascii to binary */
SECItem filedata;
char *asc, *body;

/* Read in ascii data */
rv = SECU_FileToItem(&filedata, inFile);
asc = (char *)filedata.data;
if (!asc) {
if (rv != SECSuccess) {
return rv;
}
if (!filedata.data) {
fprintf(stderr, "unable to read data from input file\n");
return SECFailure;
}
/* need one additional byte for zero terminator */
rv = SECITEM_ReallocItemV2(NULL, &filedata, filedata.len + 1);
if (rv != SECSuccess) {
PORT_Free(filedata.data);
return rv;
}
char *asc = (char *)filedata.data;
asc[filedata.len - 1] = '\0';

char *body;
/* check for headers and trailers and remove them */
if ((body = strstr(asc, "-----BEGIN")) != NULL) {
char *trailer = NULL;
Expand Down

0 comments on commit df7777a

Please sign in to comment.