Browse Source

calling HashFinal with a null digest should crash, not be silently ignored

OPENBSD_5_5
tedu 11 years ago
parent
commit
9bdaa18357
5 changed files with 40 additions and 61 deletions
  1. +4
    -6
      src/lib/libc/hash/md4.c
  2. +4
    -6
      src/lib/libc/hash/md5.c
  3. +3
    -5
      src/lib/libc/hash/rmd160.c
  4. +5
    -7
      src/lib/libc/hash/sha1.c
  5. +24
    -37
      src/lib/libc/hash/sha2.c

+ 4
- 6
src/lib/libc/hash/md4.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: md4.c,v 1.7 2005/08/08 08:05:35 espie Exp $ */
/* $OpenBSD: md4.c,v 1.8 2014/01/08 06:14:56 tedu Exp $ */
/* /*
* This code implements the MD4 message-digest algorithm. * This code implements the MD4 message-digest algorithm.
@ -127,11 +127,9 @@ MD4Final(unsigned char digest[MD4_DIGEST_LENGTH], MD4_CTX *ctx)
int i; int i;
MD4Pad(ctx); MD4Pad(ctx);
if (digest != NULL) {
for (i = 0; i < 4; i++)
PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
memset(ctx, 0, sizeof(*ctx));
}
for (i = 0; i < 4; i++)
PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
memset(ctx, 0, sizeof(*ctx));
} }


+ 4
- 6
src/lib/libc/hash/md5.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: md5.c,v 1.8 2005/08/08 08:05:35 espie Exp $ */
/* $OpenBSD: md5.c,v 1.9 2014/01/08 06:14:57 tedu Exp $ */
/* /*
* This code implements the MD5 message-digest algorithm. * This code implements the MD5 message-digest algorithm.
@ -126,11 +126,9 @@ MD5Final(unsigned char digest[MD5_DIGEST_LENGTH], MD5_CTX *ctx)
int i; int i;
MD5Pad(ctx); MD5Pad(ctx);
if (digest != NULL) {
for (i = 0; i < 4; i++)
PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
memset(ctx, 0, sizeof(*ctx));
}
for (i = 0; i < 4; i++)
PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
memset(ctx, 0, sizeof(*ctx));
} }


+ 3
- 5
src/lib/libc/hash/rmd160.c View File

@ -151,11 +151,9 @@ RMD160Final(u_int8_t digest[RMD160_DIGEST_LENGTH], RMD160_CTX *ctx)
int i; int i;
RMD160Pad(ctx); RMD160Pad(ctx);
if (digest != NULL) {
for (i = 0; i < 5; i++)
PUT_32BIT_LE(digest + i*4, ctx->state[i]);
memset(ctx, 0, sizeof (*ctx));
}
for (i = 0; i < 5; i++)
PUT_32BIT_LE(digest + i*4, ctx->state[i]);
memset(ctx, 0, sizeof (*ctx));
} }
void void


+ 5
- 7
src/lib/libc/hash/sha1.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: sha1.c,v 1.22 2012/08/27 21:05:43 miod Exp $ */
/* $OpenBSD: sha1.c,v 1.23 2014/01/08 06:14:57 tedu Exp $ */
/* /*
* SHA-1 in C * SHA-1 in C
@ -165,11 +165,9 @@ SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
u_int i; u_int i;
SHA1Pad(context); SHA1Pad(context);
if (digest) {
for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
digest[i] = (u_int8_t)
((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
}
memset(context, 0, sizeof(*context));
for (i = 0; i < SHA1_DIGEST_LENGTH; i++) {
digest[i] = (u_int8_t)
((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
} }
memset(context, 0, sizeof(*context));
} }

+ 24
- 37
src/lib/libc/hash/sha2.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: sha2.c,v 1.16 2014/01/08 04:35:34 deraadt Exp $ */
/* $OpenBSD: sha2.c,v 1.17 2014/01/08 06:14:57 tedu Exp $ */
/* /*
* FILE: sha2.c * FILE: sha2.c
@ -302,19 +302,16 @@ SHA224Final(u_int8_t digest[SHA224_DIGEST_LENGTH], SHA2_CTX *context)
{ {
SHA224Pad(context); SHA224Pad(context);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
#if BYTE_ORDER == LITTLE_ENDIAN #if BYTE_ORDER == LITTLE_ENDIAN
int i;
int i;
/* Convert TO host byte order */
for (i = 0; i < 7; i++)
BE_32_TO_8(digest + i * 4, context->state.st32[i]);
/* Convert TO host byte order */
for (i = 0; i < 7; i++)
BE_32_TO_8(digest + i * 4, context->state.st32[i]);
#else #else
memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH);
memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH);
#endif #endif
memset(context, 0, sizeof(*context));
}
memset(context, 0, sizeof(*context));
} }
#endif /* !defined(SHA2_SMALL) */ #endif /* !defined(SHA2_SMALL) */
@ -580,19 +577,16 @@ SHA256Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA2_CTX *context)
{ {
SHA256Pad(context); SHA256Pad(context);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
#if BYTE_ORDER == LITTLE_ENDIAN #if BYTE_ORDER == LITTLE_ENDIAN
int i;
int i;
/* Convert TO host byte order */
for (i = 0; i < 8; i++)
BE_32_TO_8(digest + i * 4, context->state.st32[i]);
/* Convert TO host byte order */
for (i = 0; i < 8; i++)
BE_32_TO_8(digest + i * 4, context->state.st32[i]);
#else #else
memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH);
memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH);
#endif #endif
memset(context, 0, sizeof(*context));
}
memset(context, 0, sizeof(*context));
} }
@ -859,19 +853,16 @@ SHA512Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA2_CTX *context)
{ {
SHA512Pad(context); SHA512Pad(context);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
#if BYTE_ORDER == LITTLE_ENDIAN #if BYTE_ORDER == LITTLE_ENDIAN
int i;
int i;
/* Convert TO host byte order */
for (i = 0; i < 8; i++)
BE_64_TO_8(digest + i * 8, context->state.st64[i]);
/* Convert TO host byte order */
for (i = 0; i < 8; i++)
BE_64_TO_8(digest + i * 8, context->state.st64[i]);
#else #else
memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH);
memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH);
#endif #endif
memset(context, 0, sizeof(*context));
}
memset(context, 0, sizeof(*context));
} }
#if !defined(SHA2_SMALL) #if !defined(SHA2_SMALL)
@ -895,19 +886,15 @@ SHA384Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context)
{ {
SHA384Pad(context); SHA384Pad(context);
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
#if BYTE_ORDER == LITTLE_ENDIAN #if BYTE_ORDER == LITTLE_ENDIAN
int i;
int i;
/* Convert TO host byte order */
for (i = 0; i < 6; i++)
BE_64_TO_8(digest + i * 8, context->state.st64[i]);
/* Convert TO host byte order */
for (i = 0; i < 6; i++)
BE_64_TO_8(digest + i * 8, context->state.st64[i]);
#else #else
memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH);
memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH);
#endif #endif
}
/* Zero out state data */ /* Zero out state data */
memset(context, 0, sizeof(*context)); memset(context, 0, sizeof(*context));
} }


Loading…
Cancel
Save