replace atoi(3) usage with strtonum(3); ok/tweaks tb@
authorop <op@openbsd.org>
Mon, 26 Aug 2024 22:01:28 +0000 (22:01 +0000)
committerop <op@openbsd.org>
Mon, 26 Aug 2024 22:01:28 +0000 (22:01 +0000)
lib/libcrypto/ec/ec_pmeth.c
lib/libcrypto/rsa/rsa_pmeth.c
lib/libcrypto/ts/ts_conf.c

index 16fc076..d422765 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_pmeth.c,v 1.21 2023/12/28 22:12:37 tb Exp $ */
+/* $OpenBSD: ec_pmeth.c,v 1.22 2024/08/26 22:01:28 op Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -57,6 +57,7 @@
  */
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include <openssl/asn1t.h>
@@ -445,10 +446,15 @@ pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
                }
                return EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md);
        } else if (strcmp(type, "ecdh_cofactor_mode") == 0) {
-               int co_mode;
-               co_mode = atoi(value);
-               return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, co_mode);
+               int cofactor_mode;
+               const char *errstr;
+
+               cofactor_mode = strtonum(value, -1, 1, &errstr);
+               if (errstr != NULL)
+                       return -2;
+               return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, cofactor_mode);
        }
+
        return -2;
 }
 
index 9be9079..a1bdeb3 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.40 2023/12/28 21:59:07 tb Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.41 2024/08/26 22:01:28 op Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -58,6 +58,7 @@
 
 #include <limits.h>
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include <openssl/opensslconf.h>
@@ -630,6 +631,8 @@ pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 static int
 pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
 {
+       const char *errstr;
+
        if (!value) {
                RSAerror(RSA_R_VALUE_MISSING);
                return 0;
@@ -664,13 +667,24 @@ pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
                        saltlen = RSA_PSS_SALTLEN_MAX;
                else if (!strcmp(value, "auto"))
                        saltlen = RSA_PSS_SALTLEN_AUTO;
-               else
-                       saltlen = atoi(value);
+               else {
+                       saltlen = strtonum(value, 0, INT_MAX, &errstr);
+                       if (errstr != NULL) {
+                               RSAerror(RSA_R_INVALID_PSS_SALTLEN);
+                               return -2;
+                       }
+               }
                return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen);
        }
 
        if (strcmp(type, "rsa_keygen_bits") == 0) {
-               int nbits = atoi(value);
+               int nbits;
+
+               nbits = strtonum(value, 0, INT_MAX, &errstr);
+               if (errstr != NULL) {
+                       RSAerror(RSA_R_INVALID_KEYBITS);
+                       return -2;
+               }
 
                return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits);
        }
@@ -702,7 +716,13 @@ pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
                            EVP_PKEY_CTRL_MD, value);
 
                if (strcmp(type, "rsa_pss_keygen_saltlen") == 0) {
-                       int saltlen = atoi(value);
+                       int saltlen;
+
+                       saltlen = strtonum(value, 0, INT_MAX, &errstr);
+                       if (errstr != NULL) {
+                               RSAerror(RSA_R_INVALID_PSS_SALTLEN);
+                               return -2;
+                       }
 
                        return EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, saltlen);
                }
index ef8569e..bd49923 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_conf.c,v 1.14 2024/03/26 00:39:22 beck Exp $ */
+/* $OpenBSD: ts_conf.c,v 1.15 2024/08/26 22:01:28 op Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -56,6 +56,8 @@
  *
  */
 
+#include <limits.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include <openssl/opensslconf.h>
@@ -394,6 +396,7 @@ TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx)
        int secs = 0, millis = 0, micros = 0;
        STACK_OF(CONF_VALUE) *list = NULL;
        char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
+       const char *errstr;
 
        if (accuracy && !(list = X509V3_parse_list(accuracy))) {
                TS_CONF_invalid(section, ENV_ACCURACY);
@@ -402,14 +405,33 @@ TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx)
        for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
                CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
                if (strcmp(val->name, ENV_VALUE_SECS) == 0) {
-                       if (val->value)
-                               secs = atoi(val->value);
+                       if (val->value) {
+                               secs = strtonum(val->value, 0, INT_MAX,
+                                   &errstr);
+                               if (errstr != NULL) {
+                                       TS_CONF_invalid(section,
+                                           ENV_VALUE_SECS);
+                                       goto err;
+                               }
+                       }
                } else if (strcmp(val->name, ENV_VALUE_MILLISECS) == 0) {
-                       if (val->value)
-                               millis = atoi(val->value);
+                       if (val->value) {
+                               millis = strtonum(val->value, 1, 999, &errstr);
+                               if (errstr != NULL) {
+                                       TS_CONF_invalid(section,
+                                           ENV_VALUE_MILLISECS);
+                                       goto err;
+                               }
+                       }
                } else if (strcmp(val->name, ENV_VALUE_MICROSECS) == 0) {
-                       if (val->value)
-                               micros = atoi(val->value);
+                       if (val->value) {
+                               micros = strtonum(val->value, 1, 999, &errstr);
+                               if (errstr != NULL) {
+                                       TS_CONF_invalid(section,
+                                           ENV_VALUE_MICROSECS);
+                                       goto err;
+                               }
+                       }
                } else {
                        TS_CONF_invalid(section, ENV_ACCURACY);
                        goto err;