diff options
author | Rich Salz <rsalz@akamai.com> | 2016-01-11 20:40:38 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-01-12 01:00:31 -0500 |
commit | bd4850df648bee9d8e0595b7e1147266e6f55a3e (patch) | |
tree | 4a62e47c26c25cd7b55418cf7fb3b9c7ba9fc45f /apps/enc.c | |
parent | 2bec39eb86986349d2538fffc821f2e1106cee14 (diff) | |
download | openssl-bd4850df648bee9d8e0595b7e1147266e6f55a3e.tar.gz |
RT4227: Range-check in apps.
Implement range-checking in all counts in apps. Turns out only a couple
of cases were missing. And make the range-checking code more strict.
Replace almost all opt_ulong() calls with opt_long()
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'apps/enc.c')
-rw-r--r-- | apps/enc.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/apps/enc.c b/apps/enc.c index 58d2550d21..17cc8e8742 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -58,6 +58,7 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <limits.h> #include "apps.h" #include <openssl/bio.h> #include <openssl/err.h> @@ -142,7 +143,7 @@ int enc_main(int argc, char **argv) int ret = 1, inl, nopad = 0; unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; unsigned char *buff = NULL, salt[PKCS5_SALT_LEN]; - unsigned long n; + long n; #ifdef ZLIB int do_zlib = 0; BIO *bzl = NULL; @@ -236,7 +237,8 @@ int enc_main(int argc, char **argv) k = i >= 1 && p[i] == 'k'; if (k) p[i] = '\0'; - if (!opt_ulong(opt_arg(), &n)) + if (!opt_long(opt_arg(), &n) + || n < 0 || (k && n >= LONG_MAX / 1024)) goto opthelp; if (k) n *= 1024; |