openssl_hexstr2buf_sep(): Prevent misleading 'malloc failure' errors on short input

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13614)
2020-12-07 18:25:10 +01:00 · 2020-12-07 18:25:10 +01:00 · 98ba251fe6
commit 98ba251fe6
parent 8ca661abd7
5 changed files with 11 additions and 2 deletions
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@ -21,6 +21,8 @@ static const ERR_STRING_DATA CRYPTO_str_reasons[] = {
    "conflicting names"},
    {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED),
    "fips mode not supported"},
+    {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_HEX_STRING_TOO_SHORT),
+    "hex string too short"},
    {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_ILLEGAL_HEX_DIGIT),
    "illegal hex digit"},
    {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INSUFFICIENT_DATA_SPACE),
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@ -2318,6 +2318,7 @@ CRMF_R_UNSUPPORTED_POPO_METHOD:116:unsupported popo method
 CRYPTO_R_BAD_ALGORITHM_NAME:117:bad algorithm name
 CRYPTO_R_CONFLICTING_NAMES:118:conflicting names
 CRYPTO_R_FIPS_MODE_NOT_SUPPORTED:101:fips mode not supported
+CRYPTO_R_HEX_STRING_TOO_SHORT:121:hex string too short
 CRYPTO_R_ILLEGAL_HEX_DIGIT:102:illegal hex digit
 CRYPTO_R_INSUFFICIENT_DATA_SPACE:106:insufficient data space
 CRYPTO_R_INSUFFICIENT_PARAM_SIZE:107:insufficient param size
--- a/crypto/o_str.c
+++ b/crypto/o_str.c
@ -187,7 +187,12 @@ unsigned char *openssl_hexstr2buf_sep(const char *str, long *buflen,
    unsigned char *buf;
    size_t buf_n, tmp_buflen;

-    buf_n = strlen(str) >> 1;
+    buf_n = strlen(str);
+    if (buf_n <= 1) {
+        ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_HEX_STRING_TOO_SHORT);
+        return NULL;
+    }
+    buf_n /= 2;
    if ((buf = OPENSSL_malloc(buf_n)) == NULL) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
        return NULL;
--- a/include/crypto/cryptoerr.h
+++ b/include/crypto/cryptoerr.h
@ -1,6 +1,6 @@
 /*
 * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
--- a/include/openssl/cryptoerr.h
+++ b/include/openssl/cryptoerr.h
@ -78,6 +78,7 @@
 # define CRYPTO_R_BAD_ALGORITHM_NAME                      117
 # define CRYPTO_R_CONFLICTING_NAMES                       118
 # define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED                 101
+# define CRYPTO_R_HEX_STRING_TOO_SHORT                    121
 # define CRYPTO_R_ILLEGAL_HEX_DIGIT                       102
 # define CRYPTO_R_INSUFFICIENT_DATA_SPACE                 106
 # define CRYPTO_R_INSUFFICIENT_PARAM_SIZE                 107