-/* $OpenBSD: ec_pmeth.c,v 1.21 2023/12/28 22:12:37 tb Exp $ */
+/* $OpenBSD: ec_pmeth.c,v 1.22 2024/08/26 22:01:28 op Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
*/
#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#include <openssl/asn1t.h>
}
return EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md);
} else if (strcmp(type, "ecdh_cofactor_mode") == 0) {
- int co_mode;
- co_mode = atoi(value);
- return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, co_mode);
+ int cofactor_mode;
+ const char *errstr;
+
+ cofactor_mode = strtonum(value, -1, 1, &errstr);
+ if (errstr != NULL)
+ return -2;
+ return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, cofactor_mode);
}
+
return -2;
}
-/* $OpenBSD: rsa_pmeth.c,v 1.40 2023/12/28 21:59:07 tb Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.41 2024/08/26 22:01:28 op Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <limits.h>
#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#include <openssl/opensslconf.h>
static int
pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
{
+ const char *errstr;
+
if (!value) {
RSAerror(RSA_R_VALUE_MISSING);
return 0;
saltlen = RSA_PSS_SALTLEN_MAX;
else if (!strcmp(value, "auto"))
saltlen = RSA_PSS_SALTLEN_AUTO;
- else
- saltlen = atoi(value);
+ else {
+ saltlen = strtonum(value, 0, INT_MAX, &errstr);
+ if (errstr != NULL) {
+ RSAerror(RSA_R_INVALID_PSS_SALTLEN);
+ return -2;
+ }
+ }
return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen);
}
if (strcmp(type, "rsa_keygen_bits") == 0) {
- int nbits = atoi(value);
+ int nbits;
+
+ nbits = strtonum(value, 0, INT_MAX, &errstr);
+ if (errstr != NULL) {
+ RSAerror(RSA_R_INVALID_KEYBITS);
+ return -2;
+ }
return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits);
}
EVP_PKEY_CTRL_MD, value);
if (strcmp(type, "rsa_pss_keygen_saltlen") == 0) {
- int saltlen = atoi(value);
+ int saltlen;
+
+ saltlen = strtonum(value, 0, INT_MAX, &errstr);
+ if (errstr != NULL) {
+ RSAerror(RSA_R_INVALID_PSS_SALTLEN);
+ return -2;
+ }
return EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, saltlen);
}
-/* $OpenBSD: ts_conf.c,v 1.14 2024/03/26 00:39:22 beck Exp $ */
+/* $OpenBSD: ts_conf.c,v 1.15 2024/08/26 22:01:28 op Exp $ */
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
* project 2002.
*/
*
*/
+#include <limits.h>
+#include <stdlib.h>
#include <string.h>
#include <openssl/opensslconf.h>
int secs = 0, millis = 0, micros = 0;
STACK_OF(CONF_VALUE) *list = NULL;
char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
+ const char *errstr;
if (accuracy && !(list = X509V3_parse_list(accuracy))) {
TS_CONF_invalid(section, ENV_ACCURACY);
for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
if (strcmp(val->name, ENV_VALUE_SECS) == 0) {
- if (val->value)
- secs = atoi(val->value);
+ if (val->value) {
+ secs = strtonum(val->value, 0, INT_MAX,
+ &errstr);
+ if (errstr != NULL) {
+ TS_CONF_invalid(section,
+ ENV_VALUE_SECS);
+ goto err;
+ }
+ }
} else if (strcmp(val->name, ENV_VALUE_MILLISECS) == 0) {
- if (val->value)
- millis = atoi(val->value);
+ if (val->value) {
+ millis = strtonum(val->value, 1, 999, &errstr);
+ if (errstr != NULL) {
+ TS_CONF_invalid(section,
+ ENV_VALUE_MILLISECS);
+ goto err;
+ }
+ }
} else if (strcmp(val->name, ENV_VALUE_MICROSECS) == 0) {
- if (val->value)
- micros = atoi(val->value);
+ if (val->value) {
+ micros = strtonum(val->value, 1, 999, &errstr);
+ if (errstr != NULL) {
+ TS_CONF_invalid(section,
+ ENV_VALUE_MICROSECS);
+ goto err;
+ }
+ }
} else {
TS_CONF_invalid(section, ENV_ACCURACY);
goto err;