PR/42435 : Check pointers against NULL to avoid dereferencing themdiff -r1.46 -r1.47 src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
(stacktic)
--- src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c 2010/09/01 17:25:57 1.46
+++ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c 2010/10/31 19:45:53 1.47
| @@ -47,27 +47,27 @@ | @@ -47,27 +47,27 @@ | |||
| 47 | * limitations under the License. | 47 | * limitations under the License. | |
| 48 | */ | 48 | */ | |
| 49 | 49 | |||
| 50 | /** \file | 50 | /** \file | |
| 51 | */ | 51 | */ | |
| 52 | #include "config.h" | 52 | #include "config.h" | |
| 53 | 53 | |||
| 54 | #ifdef HAVE_SYS_CDEFS_H | 54 | #ifdef HAVE_SYS_CDEFS_H | |
| 55 | #include <sys/cdefs.h> | 55 | #include <sys/cdefs.h> | |
| 56 | #endif | 56 | #endif | |
| 57 | 57 | |||
| 58 | #if defined(__NetBSD__) | 58 | #if defined(__NetBSD__) | |
| 59 | __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); | 59 | __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); | |
| 60 | __RCSID("$NetBSD: keyring.c,v 1.46 2010/09/01 17:25:57 agc Exp $"); | 60 | __RCSID("$NetBSD: keyring.c,v 1.47 2010/10/31 19:45:53 stacktic Exp $"); | |
| 61 | #endif | 61 | #endif | |
| 62 | 62 | |||
| 63 | #ifdef HAVE_FCNTL_H | 63 | #ifdef HAVE_FCNTL_H | |
| 64 | #include <fcntl.h> | 64 | #include <fcntl.h> | |
| 65 | #endif | 65 | #endif | |
| 66 | 66 | |||
| 67 | #include <regex.h> | 67 | #include <regex.h> | |
| 68 | #include <stdlib.h> | 68 | #include <stdlib.h> | |
| 69 | #include <string.h> | 69 | #include <string.h> | |
| 70 | 70 | |||
| 71 | #ifdef HAVE_TERMIOS_H | 71 | #ifdef HAVE_TERMIOS_H | |
| 72 | #include <termios.h> | 72 | #include <termios.h> | |
| 73 | #endif | 73 | #endif | |
| @@ -892,27 +892,27 @@ getkeybyname(__ops_io_t *io, | @@ -892,27 +892,27 @@ getkeybyname(__ops_io_t *io, | |||
| 892 | const __ops_keyring_t *keyring, | 892 | const __ops_keyring_t *keyring, | |
| 893 | const char *name, | 893 | const char *name, | |
| 894 | unsigned *from) | 894 | unsigned *from) | |
| 895 | { | 895 | { | |
| 896 | const __ops_key_t *kp; | 896 | const __ops_key_t *kp; | |
| 897 | uint8_t **uidp; | 897 | uint8_t **uidp; | |
| 898 | unsigned i = 0; | 898 | unsigned i = 0; | |
| 899 | __ops_key_t *keyp; | 899 | __ops_key_t *keyp; | |
| 900 | unsigned savedstart; | 900 | unsigned savedstart; | |
| 901 | regex_t r; | 901 | regex_t r; | |
| 902 | uint8_t keyid[OPS_KEY_ID_SIZE + 1]; | 902 | uint8_t keyid[OPS_KEY_ID_SIZE + 1]; | |
| 903 | size_t len; | 903 | size_t len; | |
| 904 | 904 | |||
| 905 | if (!keyring) { | 905 | if (!keyring || !name || !from) { | |
| 906 | return NULL; | 906 | return NULL; | |
| 907 | } | 907 | } | |
| 908 | len = strlen(name); | 908 | len = strlen(name); | |
| 909 | if (__ops_get_debug_level(__FILE__)) { | 909 | if (__ops_get_debug_level(__FILE__)) { | |
| 910 | (void) fprintf(io->outs, "[%u] name '%s', len %zu\n", | 910 | (void) fprintf(io->outs, "[%u] name '%s', len %zu\n", | |
| 911 | *from, name, len); | 911 | *from, name, len); | |
| 912 | } | 912 | } | |
| 913 | /* first try name as a keyid */ | 913 | /* first try name as a keyid */ | |
| 914 | (void) memset(keyid, 0x0, sizeof(keyid)); | 914 | (void) memset(keyid, 0x0, sizeof(keyid)); | |
| 915 | str2keyid(name, keyid, sizeof(keyid)); | 915 | str2keyid(name, keyid, sizeof(keyid)); | |
| 916 | if (__ops_get_debug_level(__FILE__)) { | 916 | if (__ops_get_debug_level(__FILE__)) { | |
| 917 | hexdump(io->outs, "keyid", keyid, 4); | 917 | hexdump(io->outs, "keyid", keyid, 4); | |
| 918 | } | 918 | } |
--- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c 2010/10/19 00:00:00 1.77
+++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c 2010/10/31 19:45:53 1.78
| @@ -24,27 +24,27 @@ | @@ -24,27 +24,27 @@ | |||
| 24 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | 24 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
| 25 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | 25 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
| 26 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | 26 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
| 27 | * POSSIBILITY OF SUCH DAMAGE. | 27 | * POSSIBILITY OF SUCH DAMAGE. | |
| 28 | */ | 28 | */ | |
| 29 | #include "config.h" | 29 | #include "config.h" | |
| 30 | 30 | |||
| 31 | #ifdef HAVE_SYS_CDEFS_H | 31 | #ifdef HAVE_SYS_CDEFS_H | |
| 32 | #include <sys/cdefs.h> | 32 | #include <sys/cdefs.h> | |
| 33 | #endif | 33 | #endif | |
| 34 | 34 | |||
| 35 | #if defined(__NetBSD__) | 35 | #if defined(__NetBSD__) | |
| 36 | __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); | 36 | __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); | |
| 37 | __RCSID("$NetBSD: netpgp.c,v 1.77 2010/10/19 00:00:00 agc Exp $"); | 37 | __RCSID("$NetBSD: netpgp.c,v 1.78 2010/10/31 19:45:53 stacktic Exp $"); | |
| 38 | #endif | 38 | #endif | |
| 39 | 39 | |||
| 40 | #include <sys/types.h> | 40 | #include <sys/types.h> | |
| 41 | #include <sys/stat.h> | 41 | #include <sys/stat.h> | |
| 42 | #include <sys/param.h> | 42 | #include <sys/param.h> | |
| 43 | #include <sys/mman.h> | 43 | #include <sys/mman.h> | |
| 44 | 44 | |||
| 45 | #ifdef HAVE_SYS_RESOURCE_H | 45 | #ifdef HAVE_SYS_RESOURCE_H | |
| 46 | #include <sys/resource.h> | 46 | #include <sys/resource.h> | |
| 47 | #endif | 47 | #endif | |
| 48 | 48 | |||
| 49 | #ifdef HAVE_FCNTL_H | 49 | #ifdef HAVE_FCNTL_H | |
| 50 | #include <fcntl.h> | 50 | #include <fcntl.h> | |
| @@ -413,26 +413,28 @@ get_birthtime(char *s) | @@ -413,26 +413,28 @@ get_birthtime(char *s) | |||
| 413 | } | 413 | } | |
| 414 | return (uint64_t)strtoll(s, NULL, 10); | 414 | return (uint64_t)strtoll(s, NULL, 10); | |
| 415 | } | 415 | } | |
| 416 | 416 | |||
| 417 | /* resolve the userid */ | 417 | /* resolve the userid */ | |
| 418 | static const __ops_key_t * | 418 | static const __ops_key_t * | |
| 419 | resolve_userid(netpgp_t *netpgp, const __ops_keyring_t *keyring, const char *userid) | 419 | resolve_userid(netpgp_t *netpgp, const __ops_keyring_t *keyring, const char *userid) | |
| 420 | { | 420 | { | |
| 421 | const __ops_key_t *key; | 421 | const __ops_key_t *key; | |
| 422 | __ops_io_t *io; | 422 | __ops_io_t *io; | |
| 423 | 423 | |||
| 424 | if (userid == NULL) { | 424 | if (userid == NULL) { | |
| 425 | userid = netpgp_getvar(netpgp, "userid"); | 425 | userid = netpgp_getvar(netpgp, "userid"); | |
| 426 | if (userid == NULL) | |||
| 427 | return NULL; | |||
| 426 | } else if (userid[0] == '0' && userid[1] == 'x') { | 428 | } else if (userid[0] == '0' && userid[1] == 'x') { | |
| 427 | userid += 2; | 429 | userid += 2; | |
| 428 | } | 430 | } | |
| 429 | io = netpgp->io; | 431 | io = netpgp->io; | |
| 430 | if ((key = __ops_getkeybyname(io, keyring, userid)) == NULL) { | 432 | if ((key = __ops_getkeybyname(io, keyring, userid)) == NULL) { | |
| 431 | (void) fprintf(io->errs, "Can't find key '%s'\n", userid); | 433 | (void) fprintf(io->errs, "Can't find key '%s'\n", userid); | |
| 432 | } | 434 | } | |
| 433 | return key; | 435 | return key; | |
| 434 | } | 436 | } | |
| 435 | 437 | |||
| 436 | /* append a key to a keyring */ | 438 | /* append a key to a keyring */ | |
| 437 | static int | 439 | static int | |
| 438 | appendkey(__ops_io_t *io, __ops_key_t *key, char *ringfile) | 440 | appendkey(__ops_io_t *io, __ops_key_t *key, char *ringfile) |