apps/dgst.c: allocate a new signature buffer

... if the fixed-size buffer is too small. Fixes #9732 Reviewed-by: N Matt Caswell <matt@openssl.org> Reviewed-by: N Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/10276) (cherry picked from commit 7c2d95d47ccb3797f0da6bd4446747c6eee07b87)

apps/dgst.c: allocate a new signature buffer
... if the fixed-size buffer is too small. Fixes #9732 Reviewed-by: N Matt Caswell <matt@openssl.org> Reviewed-by: N Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/10276) (cherry picked from commit 7c2d95d47ccb3797f0da6bd4446747c6eee07b87)
43a8f91f · Pavel Karagodin · Patrick Steuer · 9cebf0d1 · 43a8f91f
隐藏空白更改
内联并排

Showing with 24 addition and 10 deletion

apps/dgst.c apps/dgst.c +24 -10

未找到文件。
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -501,15 +501,16 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          const char *sig_name, const char *md_name,
          const char *file)
 {
-    size_t len;
-    int i, backslash = 0;
+    size_t len = BUFSIZE;
+    int i, backslash = 0, ret = 1;
+    unsigned char *sigbuf = NULL;

    while (BIO_pending(bp) || !BIO_eof(bp)) {
        i = BIO_read(bp, (char *)buf, BUFSIZE);
        if (i < 0) {
            BIO_printf(bio_err, "Read Error in %s\n", file);
            ERR_print_errors(bio_err);
-            return 1;
+            goto end;
        }
        if (i == 0)
            break;
@@ -522,28 +523,35 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
            BIO_printf(out, "Verified OK\n");
        } else if (i == 0) {
            BIO_printf(out, "Verification Failure\n");
-            return 1;
+            goto end;
        } else {
            BIO_printf(bio_err, "Error Verifying Data\n");
            ERR_print_errors(bio_err);
-            return 1;
+            goto end;
        }
-        return 0;
+        ret = 0;
+        goto end;
    }
    if (key != NULL) {
        EVP_MD_CTX *ctx;
+        int pkey_len;
        BIO_get_md_ctx(bp, &ctx);
-        len = BUFSIZE;
+        pkey_len = EVP_PKEY_size(key);
+        if (pkey_len > BUFSIZE) {
+            len = pkey_len;
+            sigbuf = app_malloc(len, "Signature buffer");
+            buf = sigbuf;
+        }
        if (!EVP_DigestSignFinal(ctx, buf, &len)) {
            BIO_printf(bio_err, "Error Signing Data\n");
            ERR_print_errors(bio_err);
-            return 1;
+            goto end;
        }
    } else {
        len = BIO_gets(bp, (char *)buf, BUFSIZE);
        if ((int)len < 0) {
            ERR_print_errors(bio_err);
-            return 1;
+            goto end;
        }
    }

@@ -578,5 +586,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
        }
        BIO_printf(out, "\n");
    }
-    return 0;
+
+    ret = 0;
+ end:
+    if (sigbuf != NULL)
+        OPENSSL_clear_free(sigbuf, len);
+
+    return ret;
 }