Check file name for not being NULL before opening it

Fixes openssl#24416

Reviewed-by: Tom Cosgrove <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from openssl#25458)

Author: Зишан Мирза

crypto/srp/srp_vfy.c

@@ -409,6 +409,11 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
 
     error_code = SRP_ERR_OPEN_FILE;
 
+    if (verifier_file == NULL) {
+        ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
+
     if (in == NULL || BIO_read_filename(in, verifier_file) <= 0)
         goto err;
 

crypto/x509/by_file.c

@@ -91,6 +91,11 @@ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
     int count = 0;
     X509 *x = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
+
     in = BIO_new(BIO_s_file());
 
     if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
@@ -168,6 +173,11 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
     int count = 0;
     X509_CRL *x = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
+
     in = BIO_new(BIO_s_file());
 
     if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {

doc/man3/BIO_s_file.pod

@@ -95,7 +95,8 @@ BIO_seek() returns 0 for success or negative values for failure.
 BIO_tell() returns the current file position or negative values for failure.
 
 BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and
-BIO_rw_filename() return 1 for success or <=0 for failure.
+BIO_rw_filename() return 1 for success or <=0 for failure. An error is also
+returned if the file does not exist.
 
 =head1 EXAMPLES
 

ssl/ssl_cert.c

@@ -748,6 +748,10 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file,
     LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp);
     OSSL_LIB_CTX *prev_libctx = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
     if (name_hash == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
         goto err;
@@ -874,6 +878,11 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
     int num = 0;
     LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp);
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
+
     if (name_hash == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
         goto err;

ssl/ssl_rsa.c

@@ -53,10 +53,15 @@ int SSL_use_certificate(SSL *ssl, X509 *x)
 int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
 {
     int j;
-    BIO *in;
+    BIO *in = NULL;
     int ret = 0;
     X509 *cert = NULL, *x = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
     in = BIO_new(BIO_s_file());
     if (in == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@@ -163,9 +168,14 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
 int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
 {
     int j, ret = 0;
-    BIO *in;
+    BIO *in = NULL;
     EVP_PKEY *pkey = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
     in = BIO_new(BIO_s_file());
     if (in == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@@ -296,10 +306,15 @@ static int ssl_set_cert(CERT *c, X509 *x, SSL_CTX *ctx)
 int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
 {
     int j = SSL_R_BAD_VALUE;
-    BIO *in;
+    BIO *in = NULL;
     int ret = 0;
     X509 *x = NULL, *cert = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
     in = BIO_new(BIO_s_file());
     if (in == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@@ -373,9 +388,14 @@ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
 {
     int j, ret = 0;
-    BIO *in;
+    BIO *in = NULL;
     EVP_PKEY *pkey = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
     in = BIO_new(BIO_s_file());
     if (in == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@@ -436,7 +456,7 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
  */
 static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
 {
-    BIO *in;
+    BIO *in = NULL;
     int ret = 0;
     X509 *x = NULL;
     pem_password_cb *passwd_callback;
@@ -462,6 +482,11 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file)
         passwd_callback_userdata = sc->default_passwd_callback_userdata;
     }
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
     in = BIO_new(BIO_s_file());
     if (in == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);

ssl/ssl_rsa_legacy.c

@@ -43,9 +43,14 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
 int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
 {
     int j, ret = 0;
-    BIO *in;
+    BIO *in = NULL;
     RSA *rsa = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
     in = BIO_new(BIO_s_file());
     if (in == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
@@ -125,9 +130,14 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
 {
     int j, ret = 0;
-    BIO *in;
+    BIO *in = NULL;
     RSA *rsa = NULL;
 
+    if (file == NULL) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
     in = BIO_new(BIO_s_file());
     if (in == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);