mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 12:23:32 +01:00
Add more EINVAL errno setting on key read failures
Teor found these. This is for part of #16582.
This commit is contained in:
parent
5e8edba3d8
commit
3c28d95ca7
@ -381,10 +381,13 @@ ed25519_seckey_read_from_file(ed25519_secret_key_t *seckey_out,
|
||||
len = crypto_read_tagged_contents_from_file(filename, "ed25519v1-secret",
|
||||
tag_out, seckey_out->seckey,
|
||||
sizeof(seckey_out->seckey));
|
||||
if (len != sizeof(seckey_out->seckey))
|
||||
return -1;
|
||||
if (len == sizeof(seckey_out->seckey)) {
|
||||
return 0;
|
||||
} else if (len >= 0) {
|
||||
errno = EINVAL;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return -1;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -417,10 +420,13 @@ ed25519_pubkey_read_from_file(ed25519_public_key_t *pubkey_out,
|
||||
len = crypto_read_tagged_contents_from_file(filename, "ed25519v1-public",
|
||||
tag_out, pubkey_out->pubkey,
|
||||
sizeof(pubkey_out->pubkey));
|
||||
if (len != sizeof(pubkey_out->pubkey))
|
||||
return -1;
|
||||
if (len == sizeof(pubkey_out->pubkey)) {
|
||||
return 0;
|
||||
} else if (len >= 0) {
|
||||
errno = EINVAL;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return -1;
|
||||
}
|
||||
|
||||
/** Release all storage held for <b>kp</b>. */
|
||||
|
@ -1997,8 +1997,10 @@ read_all(tor_socket_t fd, char *buf, size_t count, int isSocket)
|
||||
size_t numread = 0;
|
||||
ssize_t result;
|
||||
|
||||
if (count > SIZE_T_CEILING || count > SSIZE_MAX)
|
||||
if (count > SIZE_T_CEILING || count > SSIZE_MAX) {
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
|
||||
while (numread != count) {
|
||||
if (isSocket)
|
||||
@ -2558,8 +2560,10 @@ read_file_to_str_until_eof(int fd, size_t max_bytes_to_read, size_t *sz_out)
|
||||
char *string = NULL;
|
||||
size_t string_max = 0;
|
||||
|
||||
if (max_bytes_to_read+1 >= SIZE_T_CEILING)
|
||||
if (max_bytes_to_read+1 >= SIZE_T_CEILING) {
|
||||
errno = EINVAL;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
do {
|
||||
/* XXXX This "add 1K" approach is a little goofy; if we care about
|
||||
@ -2655,6 +2659,7 @@ read_file_to_str(const char *filename, int flags, struct stat *stat_out)
|
||||
|
||||
if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING) {
|
||||
close(fd);
|
||||
errno = EINVAL;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
@ -34,14 +34,18 @@ read_encrypted_secret_key(ed25519_secret_key_t *out,
|
||||
r = 0;
|
||||
goto done;
|
||||
}
|
||||
if (strcmp(tag, ENC_KEY_TAG))
|
||||
if (strcmp(tag, ENC_KEY_TAG)) {
|
||||
saved_errno = EINVAL;
|
||||
goto done;
|
||||
}
|
||||
|
||||
while (1) {
|
||||
ssize_t pwlen =
|
||||
tor_getpass("Enter pasphrase for master key:", pwbuf, sizeof(pwbuf));
|
||||
if (pwlen < 0)
|
||||
if (pwlen < 0) {
|
||||
saved_errno = EINVAL;
|
||||
goto done;
|
||||
}
|
||||
|
||||
const int r = crypto_unpwbox(&secret, &secret_len,
|
||||
encrypted_key, encrypted_len,
|
||||
|
Loading…
Reference in New Issue
Block a user