From 9bdaa18357251f8452693baf3aed335a3013a5d7 Mon Sep 17 00:00:00 2001 From: tedu <> Date: Wed, 8 Jan 2014 06:14:57 +0000 Subject: [PATCH] calling HashFinal with a null digest should crash, not be silently ignored --- src/lib/libc/hash/md4.c | 10 +++---- src/lib/libc/hash/md5.c | 10 +++---- src/lib/libc/hash/rmd160.c | 8 ++--- src/lib/libc/hash/sha1.c | 12 ++++---- src/lib/libc/hash/sha2.c | 61 +++++++++++++++----------------------- 5 files changed, 40 insertions(+), 61 deletions(-) diff --git a/src/lib/libc/hash/md4.c b/src/lib/libc/hash/md4.c index a59ca7c2..7ea3cd07 100644 --- a/src/lib/libc/hash/md4.c +++ b/src/lib/libc/hash/md4.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md4.c,v 1.7 2005/08/08 08:05:35 espie Exp $ */ +/* $OpenBSD: md4.c,v 1.8 2014/01/08 06:14:56 tedu Exp $ */ /* * This code implements the MD4 message-digest algorithm. @@ -127,11 +127,9 @@ MD4Final(unsigned char digest[MD4_DIGEST_LENGTH], MD4_CTX *ctx) int i; MD4Pad(ctx); - if (digest != NULL) { - for (i = 0; i < 4; i++) - PUT_32BIT_LE(digest + i * 4, ctx->state[i]); - memset(ctx, 0, sizeof(*ctx)); - } + for (i = 0; i < 4; i++) + PUT_32BIT_LE(digest + i * 4, ctx->state[i]); + memset(ctx, 0, sizeof(*ctx)); } diff --git a/src/lib/libc/hash/md5.c b/src/lib/libc/hash/md5.c index e60bbd90..b7a4e5ef 100644 --- a/src/lib/libc/hash/md5.c +++ b/src/lib/libc/hash/md5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md5.c,v 1.8 2005/08/08 08:05:35 espie Exp $ */ +/* $OpenBSD: md5.c,v 1.9 2014/01/08 06:14:57 tedu Exp $ */ /* * This code implements the MD5 message-digest algorithm. @@ -126,11 +126,9 @@ MD5Final(unsigned char digest[MD5_DIGEST_LENGTH], MD5_CTX *ctx) int i; MD5Pad(ctx); - if (digest != NULL) { - for (i = 0; i < 4; i++) - PUT_32BIT_LE(digest + i * 4, ctx->state[i]); - memset(ctx, 0, sizeof(*ctx)); - } + for (i = 0; i < 4; i++) + PUT_32BIT_LE(digest + i * 4, ctx->state[i]); + memset(ctx, 0, sizeof(*ctx)); } diff --git a/src/lib/libc/hash/rmd160.c b/src/lib/libc/hash/rmd160.c index a2e8debb..d1047b87 100644 --- a/src/lib/libc/hash/rmd160.c +++ b/src/lib/libc/hash/rmd160.c @@ -151,11 +151,9 @@ RMD160Final(u_int8_t digest[RMD160_DIGEST_LENGTH], RMD160_CTX *ctx) int i; RMD160Pad(ctx); - if (digest != NULL) { - for (i = 0; i < 5; i++) - PUT_32BIT_LE(digest + i*4, ctx->state[i]); - memset(ctx, 0, sizeof (*ctx)); - } + for (i = 0; i < 5; i++) + PUT_32BIT_LE(digest + i*4, ctx->state[i]); + memset(ctx, 0, sizeof (*ctx)); } void diff --git a/src/lib/libc/hash/sha1.c b/src/lib/libc/hash/sha1.c index 5984cda3..4352215c 100644 --- a/src/lib/libc/hash/sha1.c +++ b/src/lib/libc/hash/sha1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha1.c,v 1.22 2012/08/27 21:05:43 miod Exp $ */ +/* $OpenBSD: sha1.c,v 1.23 2014/01/08 06:14:57 tedu Exp $ */ /* * SHA-1 in C @@ -165,11 +165,9 @@ SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context) u_int i; SHA1Pad(context); - if (digest) { - for (i = 0; i < SHA1_DIGEST_LENGTH; i++) { - digest[i] = (u_int8_t) - ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); - } - memset(context, 0, sizeof(*context)); + for (i = 0; i < SHA1_DIGEST_LENGTH; i++) { + digest[i] = (u_int8_t) + ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); } + memset(context, 0, sizeof(*context)); } diff --git a/src/lib/libc/hash/sha2.c b/src/lib/libc/hash/sha2.c index 12492a89..df13f0e6 100644 --- a/src/lib/libc/hash/sha2.c +++ b/src/lib/libc/hash/sha2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha2.c,v 1.16 2014/01/08 04:35:34 deraadt Exp $ */ +/* $OpenBSD: sha2.c,v 1.17 2014/01/08 06:14:57 tedu Exp $ */ /* * FILE: sha2.c @@ -302,19 +302,16 @@ SHA224Final(u_int8_t digest[SHA224_DIGEST_LENGTH], SHA2_CTX *context) { SHA224Pad(context); - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != NULL) { #if BYTE_ORDER == LITTLE_ENDIAN - int i; + int i; - /* Convert TO host byte order */ - for (i = 0; i < 7; i++) - BE_32_TO_8(digest + i * 4, context->state.st32[i]); + /* Convert TO host byte order */ + for (i = 0; i < 7; i++) + BE_32_TO_8(digest + i * 4, context->state.st32[i]); #else - memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH); + memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH); #endif - memset(context, 0, sizeof(*context)); - } + memset(context, 0, sizeof(*context)); } #endif /* !defined(SHA2_SMALL) */ @@ -580,19 +577,16 @@ SHA256Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA2_CTX *context) { SHA256Pad(context); - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != NULL) { #if BYTE_ORDER == LITTLE_ENDIAN - int i; + int i; - /* Convert TO host byte order */ - for (i = 0; i < 8; i++) - BE_32_TO_8(digest + i * 4, context->state.st32[i]); + /* Convert TO host byte order */ + for (i = 0; i < 8; i++) + BE_32_TO_8(digest + i * 4, context->state.st32[i]); #else - memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH); + memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH); #endif - memset(context, 0, sizeof(*context)); - } + memset(context, 0, sizeof(*context)); } @@ -859,19 +853,16 @@ SHA512Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA2_CTX *context) { SHA512Pad(context); - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != NULL) { #if BYTE_ORDER == LITTLE_ENDIAN - int i; + int i; - /* Convert TO host byte order */ - for (i = 0; i < 8; i++) - BE_64_TO_8(digest + i * 8, context->state.st64[i]); + /* Convert TO host byte order */ + for (i = 0; i < 8; i++) + BE_64_TO_8(digest + i * 8, context->state.st64[i]); #else - memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH); + memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH); #endif - memset(context, 0, sizeof(*context)); - } + memset(context, 0, sizeof(*context)); } #if !defined(SHA2_SMALL) @@ -895,19 +886,15 @@ SHA384Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context) { SHA384Pad(context); - /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != NULL) { #if BYTE_ORDER == LITTLE_ENDIAN - int i; + int i; - /* Convert TO host byte order */ - for (i = 0; i < 6; i++) - BE_64_TO_8(digest + i * 8, context->state.st64[i]); + /* Convert TO host byte order */ + for (i = 0; i < 6; i++) + BE_64_TO_8(digest + i * 8, context->state.st64[i]); #else - memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH); + memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH); #endif - } - /* Zero out state data */ memset(context, 0, sizeof(*context)); }