Hi,
In this patch, I've tried to spot fgets calls which return value was
not checked.
Also, there's no need to remove 1 byte in the given buffer size (for
the last NUL char I guess), fgets already deals with that.
Best regards,
Charles Longeau
Index: apps/ca.c
===================================================================
RCS file: /home/chl/mirrors/cvs.openssl.org/openssl/apps/ca.c,v
retrieving revision 1.157
diff -u -p -r1.157 ca.c
--- apps/ca.c 4 Apr 2007 14:35:56 -0000 1.157
+++ apps/ca.c 6 Sep 2007 17:22:47 -0000
@@ -1256,7 +1256,12 @@ bad:
BIO_printf(bio_err,"\n%d out of %d certificate
requests certified, commit? [y/n]",total_done,total);
(void)BIO_flush(bio_err);
buf[0][0]='\0';
- fgets(buf[0],10,stdin);
+ if (fgets(buf[0],10,stdin) == NULL)
+ {
+ BIO_printf(bio_err,"fgets error\n");
+ ret=1;
+ goto err;
+ }
if ((buf[0][0] != 'y') && (buf[0][0] != 'Y'))
{
BIO_printf(bio_err,"CERTIFICATION
CANCELED\n");
@@ -2106,7 +2111,12 @@ again2:
BIO_printf(bio_err,"Sign the certificate? [y/n]:");
(void)BIO_flush(bio_err);
buf[0]='\0';
- fgets(buf,sizeof(buf)-1,stdin);
+ if (fgets(buf,sizeof(buf),stdin) == NULL)
+ {
+ BIO_printf(bio_err,"fgets error\n");
+ ok=0;
+ goto err;
+ }
if (!((buf[0] == 'y') || (buf[0] == 'Y')))
{
BIO_printf(bio_err,"CERTIFICATE WILL NOT BE
CERTIFIED\n");
Index: apps/enc.c
===================================================================
RCS file: /home/chl/mirrors/cvs.openssl.org/openssl/apps/enc.c,v
retrieving revision 1.48
diff -u -p -r1.48 enc.c
--- apps/enc.c 31 Jul 2007 09:42:47 -0000 1.48
+++ apps/enc.c 6 Sep 2007 17:31:38 -0000
@@ -225,7 +225,11 @@ int MAIN(int argc, char **argv)
goto bad;
}
buf[0]='\0';
- fgets(buf,sizeof buf,infile);
+ if (fgets(buf,sizeof buf,infile) == NULL)
+ {
+ BIO_printf(bio_err,"fgets\n");
+ goto bad;
+ }
fclose(infile);
i=strlen(buf);
if ((i > 0) &&
Index: apps/openssl.c
===================================================================
RCS file: /home/chl/mirrors/cvs.openssl.org/openssl/apps/openssl.c,v
retrieving revision 1.61
diff -u -p -r1.61 openssl.c
--- apps/openssl.c 9 Jul 2006 00:53:43 -0000 1.61
+++ apps/openssl.c 6 Sep 2007 17:32:28 -0000
@@ -322,7 +322,11 @@ int main(int Argc, char *Argv[])
else prompt="OpenSSL> ";
fputs(prompt,stdout);
fflush(stdout);
- fgets(p,n,stdin);
+ if (fgets(p,n,stdin) == NULL)
+ {
+ ret=1;
+ goto end;
+ }
if (p[0] == '\0') goto end;
i=strlen(p);
if (i <= 1) break;
Index: apps/req.c
===================================================================
RCS file: /home/chl/mirrors/cvs.openssl.org/openssl/apps/req.c,v
retrieving revision 1.136
diff -u -p -r1.136 req.c
--- apps/req.c 12 Aug 2007 17:44:27 -0000 1.136
+++ apps/req.c 6 Sep 2007 17:34:16 -0000
@@ -1442,7 +1442,11 @@ start:
buf[0]='\0';
if (!batch)
{
- fgets(buf,sizeof buf,stdin);
+ if (fgets(buf,sizeof buf,stdin) == NULL)
+ {
+ BIO_printf(bio_err,"fgets\n");
+ return(0);
+ }
}
else
{
@@ -1500,7 +1504,11 @@ start:
buf[0]='\0';
if (!batch)
{
- fgets(buf,sizeof buf,stdin);
+ if (fgets(buf,sizeof buf,stdin) == NULL)
+ {
+ BIO_printf(bio_err,"fgets\n");
+ return(0);
+ }
}
else
{
Index: crypto/bio/bss_file.c
===================================================================
RCS file: /home/chl/mirrors/cvs.openssl.org/openssl/crypto/bio/bss_file.c,v
retrieving revision 1.30
diff -u -p -r1.30 bss_file.c
--- crypto/bio/bss_file.c 29 Jan 2006 23:12:08 -0000 1.30
+++ crypto/bio/bss_file.c 6 Sep 2007 17:46:03 -0000
@@ -401,7 +401,8 @@ static int MS_CALLBACK file_gets(BIO *bp
if (bp->flags&BIO_FLAGS_UPLINK)
UP_fgets(buf,size,bp->ptr);
else
- fgets(buf,size,(FILE *)bp->ptr);
+ if (fgets(buf,size,(FILE *)bp->ptr) == NULL)
+ return(0);
if (buf[0] != '\0')
ret=strlen(buf);
return(ret);
Index: crypto/des/des.c
===================================================================
RCS file: /home/chl/mirrors/cvs.openssl.org/openssl/crypto/des/des.c,v
retrieving revision 1.21
diff -u -p -r1.21 des.c
--- crypto/des/des.c 28 Nov 2002 08:03:31 -0000 1.21
+++ crypto/des/des.c 6 Sep 2007 17:50:31 -0000
@@ -764,7 +764,11 @@ int uufread(unsigned char *out, int size
for (;;)
{
b[0]='\0';
- fgets((char *)b,300,fp);
+ if (fgets((char *)b,300,fp) == NULL)
+ {
+ fprintf(stderr,"fgets\n");
+ return(-1);
+ }
if (b[0] == '\0')
{
fprintf(stderr,"no 'begin' found in uuencoded
input\n");
@@ -785,7 +789,11 @@ int uufread(unsigned char *out, int size
for (;;)
{
b[0]='\0';
- fgets((char *)b,300,fp);
+ if (fgets((char *)b,300,fp) == NULL)
+ {
+ fprintf(stderr,"fgets\n");
+ return(-1);
+ }
if (b[0] == '\0') break;
i=strlen((char *)b);
if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
@@ -793,7 +801,11 @@ int uufread(unsigned char *out, int size
done=1;
while (!feof(fp))
{
- fgets((char *)b,300,fp);
+ if (fgets((char *)b,300,fp) == NULL)
+ {
+ fprintf(stderr,"fgets\n");
+ return(-1);
+ }
}
break;
}
Index: crypto/des/read_pwd.c
===================================================================
RCS file: /home/chl/mirrors/cvs.openssl.org/openssl/crypto/des/read_pwd.c,v
retrieving revision 1.32
diff -u -p -r1.32 read_pwd.c
--- crypto/des/read_pwd.c 28 Nov 2002 08:03:32 -0000 1.32
+++ crypto/des/read_pwd.c 6 Sep 2007 17:58:12 -0000
@@ -250,7 +250,8 @@ static void read_till_nl(FILE *in)
char buf[SIZE+1];
do {
- fgets(buf,SIZE,in);
+ if (fgets(buf,sizeof(buf),in) == NULL)
+ err(1, NULL);
} while (strchr(buf,'\n') == NULL);
}
@@ -362,7 +363,7 @@ int des_read_pw(char *buf, char *buff, i
fflush(stderr);
buf[0]='\0';
- fgets(buf,size,tty);
+ if (fgets(buf,size,tty) == NULL) goto err;
if (feof(tty)) goto error;
if (ferror(tty)) goto error;
if ((p=(char *)strchr(buf,'\n')) != NULL)
@@ -373,7 +374,7 @@ int des_read_pw(char *buf, char *buff, i
fprintf(stderr,"\nVerifying password - %s",prompt);
fflush(stderr);
buff[0]='\0';
- fgets(buff,size,tty);
+ if (fgets(buf,size,tty) == NULL) goto err;
if (feof(tty)) goto error;
if ((p=(char *)strchr(buff,'\n')) != NULL)
*p='\0';
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
