diff options
author | Jack Lloyd <[email protected]> | 2018-08-14 13:22:39 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-08-14 13:22:39 -0400 |
commit | e97d29807011f465acd24e4a31c61b8ceca51d06 (patch) | |
tree | c3406ca549b305351937f38cfd0ced257abc7f84 | |
parent | 6c014c61237db5aa1d85ccd08416adaa55aed31e (diff) |
Add some additional null pointer arg checks to FFI
-rw-r--r-- | src/lib/ffi/ffi_block.cpp | 9 | ||||
-rw-r--r-- | src/lib/ffi/ffi_hash.cpp | 15 | ||||
-rw-r--r-- | src/lib/ffi/ffi_pk_op.cpp | 64 | ||||
-rw-r--r-- | src/tests/test_ffi.cpp | 7 |
4 files changed, 66 insertions, 29 deletions
diff --git a/src/lib/ffi/ffi_block.cpp b/src/lib/ffi/ffi_block.cpp index 8e45fd1cc..bf5cd1b94 100644 --- a/src/lib/ffi/ffi_block.cpp +++ b/src/lib/ffi/ffi_block.cpp @@ -50,6 +50,8 @@ int botan_block_cipher_clear(botan_block_cipher_t bc) int botan_block_cipher_set_key(botan_block_cipher_t bc, const uint8_t key[], size_t len) { + if(key == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; return BOTAN_FFI_DO(Botan::BlockCipher, bc, b, { b.set_key(key, len); }); } @@ -68,6 +70,8 @@ int botan_block_cipher_encrypt_blocks(botan_block_cipher_t bc, uint8_t out[], size_t blocks) { + if(in == nullptr || out == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; return BOTAN_FFI_DO(Botan::BlockCipher, bc, b, { b.encrypt_n(in, out, blocks); }); } @@ -76,11 +80,16 @@ int botan_block_cipher_decrypt_blocks(botan_block_cipher_t bc, uint8_t out[], size_t blocks) { + if(in == nullptr || out == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; return BOTAN_FFI_DO(Botan::BlockCipher, bc, b, { b.decrypt_n(in, out, blocks); }); } int botan_block_cipher_name(botan_block_cipher_t cipher, char* name, size_t* name_len) { + if(name_len == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; + return BOTAN_FFI_DO(Botan::BlockCipher, cipher, bc, { return write_str_output(name, name_len, bc.name()); }); } diff --git a/src/lib/ffi/ffi_hash.cpp b/src/lib/ffi/ffi_hash.cpp index 601d97c52..b8ad4a85a 100644 --- a/src/lib/ffi/ffi_hash.cpp +++ b/src/lib/ffi/ffi_hash.cpp @@ -38,11 +38,15 @@ int botan_hash_destroy(botan_hash_t hash) int botan_hash_output_length(botan_hash_t hash, size_t* out) { + if(out == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { *out = h.output_length(); }); } int botan_hash_block_size(botan_hash_t hash, size_t* out) { + if(out == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { *out = h.hash_block_size(); }); } @@ -53,11 +57,19 @@ int botan_hash_clear(botan_hash_t hash) int botan_hash_update(botan_hash_t hash, const uint8_t* buf, size_t len) { + if(len == 0) + return 0; + + if(buf == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; + return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { h.update(buf, len); }); } int botan_hash_final(botan_hash_t hash, uint8_t out[]) { + if(out == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { h.final(out); }); } @@ -69,6 +81,9 @@ int botan_hash_copy_state(botan_hash_t* dest, const botan_hash_t source) int botan_hash_name(botan_hash_t hash, char* name, size_t* name_len) { + if(name_len == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; + return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { return write_str_output(name, name_len, h.name()); }); } diff --git a/src/lib/ffi/ffi_pk_op.cpp b/src/lib/ffi/ffi_pk_op.cpp index 4e548fff8..e6035fa7d 100644 --- a/src/lib/ffi/ffi_pk_op.cpp +++ b/src/lib/ffi/ffi_pk_op.cpp @@ -25,13 +25,14 @@ int botan_pk_op_encrypt_create(botan_pk_op_encrypt_t* op, const char* padding, uint32_t flags) { - return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { - BOTAN_ASSERT_NONNULL(op); + if(op == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; - *op = nullptr; + if(flags != 0) + return BOTAN_FFI_ERROR_BAD_FLAG; - if(flags != 0) - return BOTAN_FFI_ERROR_BAD_FLAG; + return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { + *op = nullptr; std::unique_ptr<Botan::PK_Encryptor> pk(new Botan::PK_Encryptor_EME(safe_get(key_obj), Botan::system_rng(), padding)); *op = new botan_pk_op_encrypt_struct(pk.release()); @@ -69,13 +70,14 @@ int botan_pk_op_decrypt_create(botan_pk_op_decrypt_t* op, const char* padding, uint32_t flags) { - return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { - BOTAN_ASSERT_NONNULL(op); + if(op == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; - *op = nullptr; + if(flags != 0) + return BOTAN_FFI_ERROR_BAD_FLAG; - if(flags != 0) - return BOTAN_FFI_ERROR_BAD_FLAG; + return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { + *op = nullptr; std::unique_ptr<Botan::PK_Decryptor> pk(new Botan::PK_Decryptor_EME(safe_get(key_obj), Botan::system_rng(), padding)); *op = new botan_pk_op_decrypt_struct(pk.release()); @@ -112,13 +114,14 @@ int botan_pk_op_sign_create(botan_pk_op_sign_t* op, const char* hash, uint32_t flags) { - return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { - BOTAN_ASSERT_NONNULL(op); + if(op == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; - *op = nullptr; + if(flags != 0) + return BOTAN_FFI_ERROR_BAD_FLAG; - if(flags != 0) - return BOTAN_FFI_ERROR_BAD_FLAG; + return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { + *op = nullptr; std::unique_ptr<Botan::PK_Signer> pk(new Botan::PK_Signer(safe_get(key_obj), Botan::system_rng(), hash)); *op = new botan_pk_op_sign_struct(pk.release()); @@ -131,9 +134,12 @@ int botan_pk_op_sign_destroy(botan_pk_op_sign_t op) return BOTAN_FFI_CHECKED_DELETE(op); } -int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t* olen) +int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t* sig_len) { - return BOTAN_FFI_DO(Botan::PK_Signer, op, o, { *olen = o.signature_length(); }); + if(sig_len == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; + + return BOTAN_FFI_DO(Botan::PK_Signer, op, o, { *sig_len = o.signature_length(); }); } int botan_pk_op_sign_update(botan_pk_op_sign_t op, const uint8_t in[], size_t in_len) @@ -153,12 +159,14 @@ int botan_pk_op_verify_create(botan_pk_op_verify_t* op, const char* hash, uint32_t flags) { - return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { - BOTAN_ASSERT_NONNULL(op); + if(op == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; - if(flags != 0) - return BOTAN_FFI_ERROR_BAD_FLAG; + if(flags != 0) + return BOTAN_FFI_ERROR_BAD_FLAG; + return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { + *op = nullptr; std::unique_ptr<Botan::PK_Verifier> pk(new Botan::PK_Verifier(safe_get(key_obj), hash)); *op = new botan_pk_op_verify_struct(pk.release()); return BOTAN_FFI_SUCCESS; @@ -192,14 +200,14 @@ int botan_pk_op_key_agreement_create(botan_pk_op_ka_t* op, const char* kdf, uint32_t flags) { - return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { - BOTAN_ASSERT_NONNULL(op); - - *op = nullptr; + if(op == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; - if(flags != 0) - return BOTAN_FFI_ERROR_BAD_FLAG; + if(flags != 0) + return BOTAN_FFI_ERROR_BAD_FLAG; + return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int { + *op = nullptr; std::unique_ptr<Botan::PK_Key_Agreement> pk(new Botan::PK_Key_Agreement(safe_get(key_obj), Botan::system_rng(), kdf)); *op = new botan_pk_op_ka_struct(pk.release()); return BOTAN_FFI_SUCCESS; @@ -224,6 +232,8 @@ int botan_pk_op_key_agreement_export_public(botan_privkey_t key, int botan_pk_op_key_agreement_size(botan_pk_op_ka_t op, size_t* out_len) { return BOTAN_FFI_DO(Botan::PK_Key_Agreement, op, o, { + if(out_len == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; *out_len = o.agreed_value_size(); }); } diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index 3cf41bcc6..8bcdbeffc 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -1008,8 +1008,11 @@ class FFI_Unit_Tests final : public Test TEST_FFI_OK(botan_block_cipher_clear, (cipher)); - TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_encrypt_blocks, (cipher, nullptr, nullptr, 0)); - TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_decrypt_blocks, (cipher, nullptr, nullptr, 0)); + TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_encrypt_blocks, (cipher, block.data(), block.data(), 1)); + TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_decrypt_blocks, (cipher, block.data(), block.data(), 1)); + + TEST_FFI_RC(BOTAN_FFI_ERROR_NULL_POINTER, botan_block_cipher_encrypt_blocks, (cipher, nullptr, nullptr, 0)); + TEST_FFI_RC(BOTAN_FFI_ERROR_NULL_POINTER, botan_block_cipher_decrypt_blocks, (cipher, nullptr, nullptr, 0)); TEST_FFI_RC(16, botan_block_cipher_block_size, (cipher)); |