Skip to content

Commit 7391f9d

Browse files
committed
Make valid_dh_group_names() more robust
Avoids the possibility of a NULL-dereference if the DH groups are ever empty. Also cleans up the test to make it easier to spot when the expected value differs from the received value. Signed-off-by: Stephen Gallagher <[email protected]>
1 parent dea921d commit 7391f9d

File tree

2 files changed

+37
-19
lines changed

2 files changed

+37
-19
lines changed

src/dhparams.c

Lines changed: 25 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
*/
3232

3333
#include <assert.h>
34+
#include <stdbool.h>
3435
#include <string.h>
3536

3637
#include <openssl/evp.h>
@@ -84,13 +85,23 @@ char *
8485
valid_dh_group_names (TALLOC_CTX *mem_ctx)
8586
{
8687
size_t i;
87-
char *names = NULL;
8888
TALLOC_CTX *tmp_ctx = talloc_new (NULL);
89+
char *names = NULL;
90+
bool first = true;
8991

9092
i = 0;
9193
while (dh_fips_groups[i])
9294
{
93-
names = talloc_asprintf_append (names, "%s, ", dh_fips_groups[i]);
95+
if (first)
96+
{
97+
names = talloc_strdup (tmp_ctx, dh_fips_groups[i]);
98+
first = false;
99+
}
100+
else
101+
{
102+
names = talloc_asprintf_append (names, ", %s", dh_fips_groups[i]);
103+
}
104+
94105
if (!names)
95106
goto done;
96107

@@ -100,18 +111,24 @@ valid_dh_group_names (TALLOC_CTX *mem_ctx)
100111
i = 0;
101112
while (dh_nonfips_groups[i])
102113
{
103-
names = talloc_asprintf_append (names, "%s, ", dh_nonfips_groups[i]);
114+
if (first)
115+
{
116+
/* This should never be reached, since dh_fips_groups should always
117+
* have at least one entry, but for safety we will include it.
118+
*/
119+
names = talloc_strdup (tmp_ctx, dh_nonfips_groups[i]);
120+
first = false;
121+
}
122+
else
123+
{
124+
names = talloc_asprintf_append (names, ", %s", dh_nonfips_groups[i]);
125+
}
104126
if (!names)
105127
goto done;
106128

107129
i++;
108130
}
109131

110-
/* Truncate the last ", " */
111-
names = talloc_strndup (names, names, strlen (names) - 2);
112-
if (!names)
113-
goto done;
114-
115132
talloc_steal (mem_ctx, names);
116133

117134
done:

test/named_dhparams_test.c

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -47,29 +47,30 @@ test_group_name_list (void)
4747
int ret;
4848
TALLOC_CTX *tmp_ctx = talloc_new (NULL);
4949
char *names = valid_dh_group_names (tmp_ctx);
50+
char *expected = NULL;
5051
if (!names)
5152
{
5253
ret = EINVAL;
5354
goto done;
5455
}
5556

5657
#if OPENSSL_VERSION_NUMBER < 0x30000000L
57-
if (strcmp (names,
58-
"ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192") != 0)
59-
{
60-
ret = EINVAL;
61-
goto done;
62-
}
58+
expected = talloc_strdup (
59+
tmp_ctx, "ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192");
6360
#else
64-
if (strcmp (names,
65-
"ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192, "
66-
"modp_2048, modp_3072, modp_4096, modp_6144, modp_8192, "
67-
"modp_1536, dh_1024_160, dh_2048_224, dh_2048_256") != 0)
61+
expected =
62+
talloc_strdup (tmp_ctx,
63+
"ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192, "
64+
"modp_2048, modp_3072, modp_4096, modp_6144, modp_8192, "
65+
"modp_1536, dh_1024_160, dh_2048_224, dh_2048_256");
66+
#endif
67+
if (strcmp (names, expected) != 0)
6868
{
69+
fprintf (stderr, "Expected: [%s]\n", expected);
70+
fprintf (stderr, "Recieved: [%s]\n", names);
6971
ret = EINVAL;
7072
goto done;
7173
}
72-
#endif
7374

7475

7576
ret = EOK;

0 commit comments

Comments
 (0)