From: Ryan Tandy Date: Mon, 12 May 2014 01:57:34 +0000 (-0700) Subject: ITS#7851 tell lutil_b64_pton the correct target buffer size X-Git-Url: https://git.sur5r.net/?p=openldap;a=commitdiff_plain;h=9b3635827087d501486cb329d7753bf1a09caac2 ITS#7851 tell lutil_b64_pton the correct target buffer size --- diff --git a/contrib/slapd-modules/passwd/apr1.c b/contrib/slapd-modules/passwd/apr1.c index 856ef5e07f..0ddb01b7ca 100644 --- a/contrib/slapd-modules/passwd/apr1.c +++ b/contrib/slapd-modules/passwd/apr1.c @@ -119,21 +119,21 @@ static int chk_phk( { unsigned char digest[LUTIL_MD5_BYTES]; unsigned char *orig_pass; - int rc, n; + int rc; struct berval salt; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - n = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); - if (n <= sizeof(digest)) + if (decode_len <= sizeof(digest)) return LUTIL_PASSWD_ERR; /* base64 un-encode password hash */ - orig_pass = (unsigned char *) ber_memalloc((size_t) (n + 1)); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if (orig_pass == NULL) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if (rc <= (int) sizeof(digest)) { ber_memfree(orig_pass); diff --git a/contrib/slapd-modules/passwd/sha2/slapd-sha2.c b/contrib/slapd-modules/passwd/sha2/slapd-sha2.c index 2674bf945a..1ec79896eb 100644 --- a/contrib/slapd-modules/passwd/sha2/slapd-sha2.c +++ b/contrib/slapd-modules/passwd/sha2/slapd-sha2.c @@ -230,19 +230,19 @@ static int chk_ssha256( unsigned char SHAdigest[SHA256_DIGEST_LENGTH]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) { + if (decode_len <= sizeof(SHAdigest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if( rc <= sizeof(SHAdigest) ) { ber_memfree(orig_pass); @@ -274,19 +274,19 @@ static int chk_sha256( unsigned char SHAdigest[SHA256_DIGEST_LENGTH]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) { + if (decode_len < sizeof(SHAdigest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if( rc != sizeof(SHAdigest) ) { ber_memfree(orig_pass); @@ -318,19 +318,19 @@ static int chk_ssha384( unsigned char SHAdigest[SHA384_DIGEST_LENGTH]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) { + if (decode_len <= sizeof(SHAdigest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if( rc <= sizeof(SHAdigest) ) { ber_memfree(orig_pass); @@ -362,19 +362,19 @@ static int chk_sha384( unsigned char SHAdigest[SHA384_DIGEST_LENGTH]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) { + if (decode_len < sizeof(SHAdigest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if( rc != sizeof(SHAdigest) ) { ber_memfree(orig_pass); @@ -406,19 +406,19 @@ static int chk_ssha512( unsigned char SHAdigest[SHA512_DIGEST_LENGTH]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHAdigest)) { + if (decode_len <= sizeof(SHAdigest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if( rc <= sizeof(SHAdigest) ) { ber_memfree(orig_pass); @@ -450,19 +450,19 @@ static int chk_sha512( unsigned char SHAdigest[SHA512_DIGEST_LENGTH]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHAdigest)) { + if (decode_len < sizeof(SHAdigest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if( rc != sizeof(SHAdigest) ) { ber_memfree(orig_pass); diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c index 6f75d724af..383f32d8ff 100644 --- a/libraries/liblutil/passwd.c +++ b/libraries/liblutil/passwd.c @@ -493,19 +493,19 @@ static int chk_ssha1( unsigned char SHA1digest[LUTIL_SHA1_BYTES]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check -- must have some salt */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHA1digest)) { + if (decode_len <= sizeof(SHA1digest)) { return LUTIL_PASSWD_ERR; } /* decode base64 password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); /* safety check -- must have some salt */ if (rc <= (int)(sizeof(SHA1digest))) { @@ -538,19 +538,19 @@ static int chk_sha1( unsigned char SHA1digest[LUTIL_SHA1_BYTES]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(SHA1digest)) { + if (decode_len < sizeof(SHA1digest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if( rc != sizeof(SHA1digest) ) { ber_memfree(orig_pass); @@ -580,19 +580,19 @@ static int chk_smd5( unsigned char MD5digest[LUTIL_MD5_BYTES]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(MD5digest)) { + if (decode_len <= sizeof(MD5digest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if (rc <= (int)(sizeof(MD5digest))) { ber_memfree(orig_pass); @@ -625,19 +625,19 @@ static int chk_md5( unsigned char MD5digest[LUTIL_MD5_BYTES]; int rc; unsigned char *orig_pass = NULL; + size_t decode_len = LUTIL_BASE64_DECODE_LEN(passwd->bv_len); /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < sizeof(MD5digest)) { + if (decode_len < sizeof(MD5digest)) { return LUTIL_PASSWD_ERR; } /* base64 un-encode password */ - orig_pass = (unsigned char *) ber_memalloc( (size_t) ( - LUTIL_BASE64_DECODE_LEN(passwd->bv_len) + 1) ); + orig_pass = (unsigned char *) ber_memalloc(decode_len + 1); if( orig_pass == NULL ) return LUTIL_PASSWD_ERR; - rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); + rc = lutil_b64_pton(passwd->bv_val, orig_pass, decode_len); if ( rc != sizeof(MD5digest) ) { ber_memfree(orig_pass); return LUTIL_PASSWD_ERR;