aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-08-14 13:22:39 -0400
committerJack Lloyd <[email protected]>2018-08-14 13:22:39 -0400
commite97d29807011f465acd24e4a31c61b8ceca51d06 (patch)
treec3406ca549b305351937f38cfd0ced257abc7f84
parent6c014c61237db5aa1d85ccd08416adaa55aed31e (diff)
Add some additional null pointer arg checks to FFI
-rw-r--r--src/lib/ffi/ffi_block.cpp9
-rw-r--r--src/lib/ffi/ffi_hash.cpp15
-rw-r--r--src/lib/ffi/ffi_pk_op.cpp64
-rw-r--r--src/tests/test_ffi.cpp7
4 files changed, 66 insertions, 29 deletions
diff --git a/src/lib/ffi/ffi_block.cpp b/src/lib/ffi/ffi_block.cpp
index 8e45fd1cc..bf5cd1b94 100644
--- a/src/lib/ffi/ffi_block.cpp
+++ b/src/lib/ffi/ffi_block.cpp
@@ -50,6 +50,8 @@ int botan_block_cipher_clear(botan_block_cipher_t bc)
int botan_block_cipher_set_key(botan_block_cipher_t bc,
const uint8_t key[], size_t len)
{
+ if(key == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
return BOTAN_FFI_DO(Botan::BlockCipher, bc, b, { b.set_key(key, len); });
}
@@ -68,6 +70,8 @@ int botan_block_cipher_encrypt_blocks(botan_block_cipher_t bc,
uint8_t out[],
size_t blocks)
{
+ if(in == nullptr || out == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
return BOTAN_FFI_DO(Botan::BlockCipher, bc, b, { b.encrypt_n(in, out, blocks); });
}
@@ -76,11 +80,16 @@ int botan_block_cipher_decrypt_blocks(botan_block_cipher_t bc,
uint8_t out[],
size_t blocks)
{
+ if(in == nullptr || out == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
return BOTAN_FFI_DO(Botan::BlockCipher, bc, b, { b.decrypt_n(in, out, blocks); });
}
int botan_block_cipher_name(botan_block_cipher_t cipher, char* name, size_t* name_len)
{
+ if(name_len == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
+
return BOTAN_FFI_DO(Botan::BlockCipher, cipher, bc, {
return write_str_output(name, name_len, bc.name()); });
}
diff --git a/src/lib/ffi/ffi_hash.cpp b/src/lib/ffi/ffi_hash.cpp
index 601d97c52..b8ad4a85a 100644
--- a/src/lib/ffi/ffi_hash.cpp
+++ b/src/lib/ffi/ffi_hash.cpp
@@ -38,11 +38,15 @@ int botan_hash_destroy(botan_hash_t hash)
int botan_hash_output_length(botan_hash_t hash, size_t* out)
{
+ if(out == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { *out = h.output_length(); });
}
int botan_hash_block_size(botan_hash_t hash, size_t* out)
{
+ if(out == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { *out = h.hash_block_size(); });
}
@@ -53,11 +57,19 @@ int botan_hash_clear(botan_hash_t hash)
int botan_hash_update(botan_hash_t hash, const uint8_t* buf, size_t len)
{
+ if(len == 0)
+ return 0;
+
+ if(buf == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
+
return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { h.update(buf, len); });
}
int botan_hash_final(botan_hash_t hash, uint8_t out[])
{
+ if(out == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { h.final(out); });
}
@@ -69,6 +81,9 @@ int botan_hash_copy_state(botan_hash_t* dest, const botan_hash_t source)
int botan_hash_name(botan_hash_t hash, char* name, size_t* name_len)
{
+ if(name_len == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
+
return BOTAN_FFI_DO(Botan::HashFunction, hash, h, {
return write_str_output(name, name_len, h.name()); });
}
diff --git a/src/lib/ffi/ffi_pk_op.cpp b/src/lib/ffi/ffi_pk_op.cpp
index 4e548fff8..e6035fa7d 100644
--- a/src/lib/ffi/ffi_pk_op.cpp
+++ b/src/lib/ffi/ffi_pk_op.cpp
@@ -25,13 +25,14 @@ int botan_pk_op_encrypt_create(botan_pk_op_encrypt_t* op,
const char* padding,
uint32_t flags)
{
- return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
- BOTAN_ASSERT_NONNULL(op);
+ if(op == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
- *op = nullptr;
+ if(flags != 0)
+ return BOTAN_FFI_ERROR_BAD_FLAG;
- if(flags != 0)
- return BOTAN_FFI_ERROR_BAD_FLAG;
+ return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
+ *op = nullptr;
std::unique_ptr<Botan::PK_Encryptor> pk(new Botan::PK_Encryptor_EME(safe_get(key_obj), Botan::system_rng(), padding));
*op = new botan_pk_op_encrypt_struct(pk.release());
@@ -69,13 +70,14 @@ int botan_pk_op_decrypt_create(botan_pk_op_decrypt_t* op,
const char* padding,
uint32_t flags)
{
- return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
- BOTAN_ASSERT_NONNULL(op);
+ if(op == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
- *op = nullptr;
+ if(flags != 0)
+ return BOTAN_FFI_ERROR_BAD_FLAG;
- if(flags != 0)
- return BOTAN_FFI_ERROR_BAD_FLAG;
+ return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
+ *op = nullptr;
std::unique_ptr<Botan::PK_Decryptor> pk(new Botan::PK_Decryptor_EME(safe_get(key_obj), Botan::system_rng(), padding));
*op = new botan_pk_op_decrypt_struct(pk.release());
@@ -112,13 +114,14 @@ int botan_pk_op_sign_create(botan_pk_op_sign_t* op,
const char* hash,
uint32_t flags)
{
- return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
- BOTAN_ASSERT_NONNULL(op);
+ if(op == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
- *op = nullptr;
+ if(flags != 0)
+ return BOTAN_FFI_ERROR_BAD_FLAG;
- if(flags != 0)
- return BOTAN_FFI_ERROR_BAD_FLAG;
+ return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
+ *op = nullptr;
std::unique_ptr<Botan::PK_Signer> pk(new Botan::PK_Signer(safe_get(key_obj), Botan::system_rng(), hash));
*op = new botan_pk_op_sign_struct(pk.release());
@@ -131,9 +134,12 @@ int botan_pk_op_sign_destroy(botan_pk_op_sign_t op)
return BOTAN_FFI_CHECKED_DELETE(op);
}
-int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t* olen)
+int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t* sig_len)
{
- return BOTAN_FFI_DO(Botan::PK_Signer, op, o, { *olen = o.signature_length(); });
+ if(sig_len == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
+
+ return BOTAN_FFI_DO(Botan::PK_Signer, op, o, { *sig_len = o.signature_length(); });
}
int botan_pk_op_sign_update(botan_pk_op_sign_t op, const uint8_t in[], size_t in_len)
@@ -153,12 +159,14 @@ int botan_pk_op_verify_create(botan_pk_op_verify_t* op,
const char* hash,
uint32_t flags)
{
- return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
- BOTAN_ASSERT_NONNULL(op);
+ if(op == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
- if(flags != 0)
- return BOTAN_FFI_ERROR_BAD_FLAG;
+ if(flags != 0)
+ return BOTAN_FFI_ERROR_BAD_FLAG;
+ return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
+ *op = nullptr;
std::unique_ptr<Botan::PK_Verifier> pk(new Botan::PK_Verifier(safe_get(key_obj), hash));
*op = new botan_pk_op_verify_struct(pk.release());
return BOTAN_FFI_SUCCESS;
@@ -192,14 +200,14 @@ int botan_pk_op_key_agreement_create(botan_pk_op_ka_t* op,
const char* kdf,
uint32_t flags)
{
- return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
- BOTAN_ASSERT_NONNULL(op);
-
- *op = nullptr;
+ if(op == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
- if(flags != 0)
- return BOTAN_FFI_ERROR_BAD_FLAG;
+ if(flags != 0)
+ return BOTAN_FFI_ERROR_BAD_FLAG;
+ return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() -> int {
+ *op = nullptr;
std::unique_ptr<Botan::PK_Key_Agreement> pk(new Botan::PK_Key_Agreement(safe_get(key_obj), Botan::system_rng(), kdf));
*op = new botan_pk_op_ka_struct(pk.release());
return BOTAN_FFI_SUCCESS;
@@ -224,6 +232,8 @@ int botan_pk_op_key_agreement_export_public(botan_privkey_t key,
int botan_pk_op_key_agreement_size(botan_pk_op_ka_t op, size_t* out_len)
{
return BOTAN_FFI_DO(Botan::PK_Key_Agreement, op, o, {
+ if(out_len == nullptr)
+ return BOTAN_FFI_ERROR_NULL_POINTER;
*out_len = o.agreed_value_size();
});
}
diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp
index 3cf41bcc6..8bcdbeffc 100644
--- a/src/tests/test_ffi.cpp
+++ b/src/tests/test_ffi.cpp
@@ -1008,8 +1008,11 @@ class FFI_Unit_Tests final : public Test
TEST_FFI_OK(botan_block_cipher_clear, (cipher));
- TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_encrypt_blocks, (cipher, nullptr, nullptr, 0));
- TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_decrypt_blocks, (cipher, nullptr, nullptr, 0));
+ TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_encrypt_blocks, (cipher, block.data(), block.data(), 1));
+ TEST_FFI_RC(BOTAN_FFI_ERROR_KEY_NOT_SET, botan_block_cipher_decrypt_blocks, (cipher, block.data(), block.data(), 1));
+
+ TEST_FFI_RC(BOTAN_FFI_ERROR_NULL_POINTER, botan_block_cipher_encrypt_blocks, (cipher, nullptr, nullptr, 0));
+ TEST_FFI_RC(BOTAN_FFI_ERROR_NULL_POINTER, botan_block_cipher_decrypt_blocks, (cipher, nullptr, nullptr, 0));
TEST_FFI_RC(16, botan_block_cipher_block_size, (cipher));