BIO range checking.

Add length limits to avoid problems with sprintf, strcpy and strcat.  This replaces recently removed code but also guards some previously missing function calls (for DOS & Windows).

Reworked the BIO_dump_indent_cb code to reduce temporary storage.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3870)

1 files changed, 23 insertions, 23 deletions

diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index 49d8f09bc5..e7bbc317a3 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -85,17 +85,17 @@ BIO *BIO_new_file(const char *filename, const char *mode)
             BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
         else
             BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
-        return (NULL);
+        return NULL;
     }
     if ((ret = BIO_new(BIO_s_file())) == NULL) {
         fclose(file);
-        return (NULL);
+        return NULL;
     }
 
     BIO_clear_flags(ret, BIO_FLAGS_UPLINK); /* we did fopen -> we disengage
                                              * UPLINK */
     BIO_set_fp(ret, file, fp_flags);
-    return (ret);
+    return ret;
 }
 
 BIO *BIO_new_fp(FILE *stream, int close_flag)
@@ -103,17 +103,17 @@ BIO *BIO_new_fp(FILE *stream, int close_flag)
     BIO *ret;
 
     if ((ret = BIO_new(BIO_s_file())) == NULL)
-        return (NULL);
+        return NULL;
 
     /* redundant flag, left for documentation purposes */
     BIO_set_flags(ret, BIO_FLAGS_UPLINK);
     BIO_set_fp(ret, stream, close_flag);
-    return (ret);
+    return ret;
 }
 
 const BIO_METHOD *BIO_s_file(void)
 {
-    return (&methods_filep);
+    return &methods_filep;
 }
 
 static int file_new(BIO *bi)
@@ -122,13 +122,13 @@ static int file_new(BIO *bi)
     bi->num = 0;
     bi->ptr = NULL;
     bi->flags = BIO_FLAGS_UPLINK; /* default to UPLINK */
-    return (1);
+    return 1;
 }
 
 static int file_free(BIO *a)
 {
     if (a == NULL)
-        return (0);
+        return 0;
     if (a->shutdown) {
         if ((a->init) && (a->ptr != NULL)) {
             if (a->flags & BIO_FLAGS_UPLINK)
@@ -140,7 +140,7 @@ static int file_free(BIO *a)
         }
         a->init = 0;
     }
-    return (1);
+    return 1;
 }
 
 static int file_read(BIO *b, char *out, int outl)
@@ -160,7 +160,7 @@ static int file_read(BIO *b, char *out, int outl)
             ret = -1;
         }
     }
-    return (ret);
+    return ret;
 }
 
 static int file_write(BIO *b, const char *in, int inl)
@@ -181,7 +181,7 @@ static int file_write(BIO *b, const char *in, int inl)
          * implementations (VMS)
          */
     }
-    return (ret);
+    return ret;
 }
 
 static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
@@ -271,15 +271,15 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
         b->shutdown = (int)num & BIO_CLOSE;
         if (num & BIO_FP_APPEND) {
             if (num & BIO_FP_READ)
-                strcpy(p, "a+");
+                OPENSSL_strlcpy(p, "a+", sizeof(p));
             else
-                strcpy(p, "a");
+                OPENSSL_strlcpy(p, "a", sizeof(p));
         } else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
-            strcpy(p, "r+");
+            OPENSSL_strlcpy(p, "r+", sizeof(p));
         else if (num & BIO_FP_WRITE)
-            strcpy(p, "w");
+            OPENSSL_strlcpy(p, "w", sizeof(p));
         else if (num & BIO_FP_READ)
-            strcpy(p, "r");
+            OPENSSL_strlcpy(p, "r", sizeof(p));
         else {
             BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
             ret = 0;
@@ -287,9 +287,9 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
         }
 #  if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32_CYGWIN)
         if (!(num & BIO_FP_TEXT))
-            strcat(p, "b");
+            OPENSSL_strlcat(p, "b", sizeof(p));
         else
-            strcat(p, "t");
+            OPENSSL_strlcat(p, "t", sizeof(p));
 #  endif
         fp = openssl_fopen(ptr, p);
         if (fp == NULL) {
@@ -339,7 +339,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
         ret = 0;
         break;
     }
-    return (ret);
+    return ret;
 }
 
 static int file_gets(BIO *bp, char *buf, int size)
@@ -357,7 +357,7 @@ static int file_gets(BIO *bp, char *buf, int size)
     if (buf[0] != '\0')
         ret = strlen(buf);
  err:
-    return (ret);
+    return ret;
 }
 
 static int file_puts(BIO *bp, const char *str)
@@ -366,7 +366,7 @@ static int file_puts(BIO *bp, const char *str)
 
     n = strlen(str);
     ret = file_write(bp, str, n);
-    return (ret);
+    return ret;
 }
 
 #else
@@ -419,7 +419,7 @@ static const BIO_METHOD methods_filep = {
 
 const BIO_METHOD *BIO_s_file(void)
 {
-    return (&methods_filep);
+    return &methods_filep;
 }
 
 BIO *BIO_new_file(const char *filename, const char *mode)