提交 2a82c7cf 编写于 作者: B Bodo Möller

Various bugfixes: Uses locking for some more of the stuff that is not

thread-safe (where thread-safe counterparts are not available on all
platforms), and don't memcpy to NULL-pointers
Submitted by: Anonymous
Reviewed by: Bodo Moeller

Also, clean up htons vs. ntohs confusions.
上级 d36bcdf5
......@@ -150,8 +150,12 @@ int BIO_get_port(const char *str, unsigned short *port_ptr)
*port_ptr=(unsigned short)i;
else
{
s=getservbyname(str,"tcp");
if (s == NULL)
CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
s=getservbyname(str,"tcp");
if(s != NULL)
*port_ptr=ntohs((unsigned short)s->s_port);
CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
if(s == NULL)
{
if (strcmp(str,"http") == 0)
*port_ptr=80;
......@@ -177,9 +181,7 @@ int BIO_get_port(const char *str, unsigned short *port_ptr)
ERR_add_error_data(3,"service='",str,"'");
return(0);
}
return(1);
}
*port_ptr=htons((unsigned short)s->s_port);
}
return(1);
}
......@@ -253,16 +255,18 @@ static struct hostent *ghbn_dup(struct hostent *a)
for (i=0; a->h_aliases[i] != NULL; i++)
;
i++;
ret->h_aliases=(char **)Malloc(sizeof(char *)*i);
memset(ret->h_aliases,0,sizeof(char *)*i);
if (ret == NULL) goto err;
ret->h_aliases = (char **)Malloc(i*sizeof(char *));
if (ret->h_aliases == NULL)
goto err;
memset(ret->h_aliases, 0, i*sizeof(char *));
for (i=0; a->h_addr_list[i] != NULL; i++)
;
i++;
ret->h_addr_list=(char **)Malloc(sizeof(char *)*i);
memset(ret->h_addr_list,0,sizeof(char *)*i);
if (ret->h_addr_list == NULL) goto err;
ret->h_addr_list=(char **)Malloc(i*sizeof(char *));
if (ret->h_addr_list == NULL)
goto err;
memset(ret->h_addr_list, 0, i*sizeof(char *));
j=strlen(a->h_name)+1;
if ((ret->h_name=Malloc(j)) == NULL) goto err;
......@@ -323,7 +327,7 @@ struct hostent *BIO_gethostbyname(const char *name)
/* return(gethostbyname(name)); */
CRYPTO_w_lock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
j=strlen(name);
if (j < 128)
{
......@@ -349,15 +353,25 @@ struct hostent *BIO_gethostbyname(const char *name)
BIO_ghbn_miss++;
ret=gethostbyname(name);
if (ret == NULL) return(NULL);
if (j > 128) return(ret); /* too big to cache */
if (ret == NULL)
goto end;
if (j > 128) /* too big to cache */
{
ret = NULL;
goto end;
}
/* else add to cache */
if (ghbn_cache[lowi].ent != NULL)
ghbn_free(ghbn_cache[lowi].ent);
ghbn_cache[lowi].name[0] = '\0';
if((ret=ghbn_cache[lowi].ent=ghbn_dup(ret)) == NULL)
{
BIOerr(BIO_F_BIO_GETHOSTBYNAME,ERR_R_MALLOC_FAILURE);
goto end;
}
strncpy(ghbn_cache[lowi].name,name,128);
ghbn_cache[lowi].ent=ghbn_dup(ret);
ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
}
else
......@@ -366,7 +380,8 @@ struct hostent *BIO_gethostbyname(const char *name)
ret= ghbn_cache[i].ent;
ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
}
CRYPTO_w_unlock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
end:
CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
return(ret);
}
......
......@@ -546,6 +546,7 @@ int BIO_printf(BIO *bio, ...);
#define BIO_F_BIO_ACCEPT 101
#define BIO_F_BIO_BER_GET_HEADER 102
#define BIO_F_BIO_CTRL 103
#define BIO_F_BIO_GETHOSTBYNAME 120
#define BIO_F_BIO_GETS 104
#define BIO_F_BIO_GET_ACCEPT_SOCKET 105
#define BIO_F_BIO_GET_HOST_IP 106
......
......@@ -69,6 +69,7 @@ static ERR_STRING_DATA BIO_str_functs[]=
{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"},
{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"},
{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"},
{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0), "BIO_gethostbyname"},
{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"},
{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"},
{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"},
......
......@@ -89,10 +89,12 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] =
"rand",
"debug_malloc",
"BIO",
"bio_gethostbyname",
"gethostbyname",
"getservbyname",
"readdir",
"RSA_blinding",
#if CRYPTO_NUM_LOCKS != 22
# error "Inconsistency between crypto.h and cryptlic.c"
#if CRYPTO_NUM_LOCKS != 24
# error "Inconsistency between crypto.h and cryptlib.c"
#endif
};
......
......@@ -103,9 +103,11 @@ extern "C" {
#define CRYPTO_LOCK_RAND 17
#define CRYPTO_LOCK_MALLOC 18
#define CRYPTO_LOCK_BIO 19
#define CRYPTO_LOCK_BIO_GETHOSTBYNAME 20
#define CRYPTO_LOCK_RSA_BLINDING 21
#define CRYPTO_NUM_LOCKS 22
#define CRYPTO_LOCK_GETHOSTBYNAME 20
#define CRYPTO_LOCK_GETSERVBYNAME 21
#define CRYPTO_LOCK_READDIR 22
#define CRYPTO_LOCK_RSA_BLINDING 23
#define CRYPTO_NUM_LOCKS 24
#define CRYPTO_LOCK 1
#define CRYPTO_UNLOCK 2
......
......@@ -673,14 +673,18 @@ err:
int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
const char *dir)
{
DIR *d=opendir(dir);
DIR *d;
struct dirent *dstruct;
int ret = 0;
CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
d = opendir(dir);
/* Note that a side effect is that the CAs will be sorted by name */
if(!d)
{
SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
return 0;
goto err;
}
while((dstruct=readdir(d)))
......@@ -690,15 +694,18 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
{
SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
return 0;
goto err;
}
sprintf(buf,"%s/%s",dir,dstruct->d_name);
if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
return 0;
goto err;
}
ret = 1;
return 1;
err:
CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
return ret;
}
#endif
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册