mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

sudo_digest_getlen: return size_t, and 0 on error instead of -1

Browse Source 
This is an API change, sudo_digest_getlen_v1 remains for binary
compatibility.
This commit is contained in:
Todd C. Miller 2023-08-07 08:43:13 -06:00
parent 184e03b4a9
commit 77f94f291a
10 changed files with 50 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/sudo_digest.h
View File

@ -33,13 +33,14 @@ sudo_dso_public struct sudo_digest *sudo_digest_alloc_v1(unsigned int digest_typ
sudo_dso_public void sudo_digest_free_v1(struct sudo_digest *dig); sudo_dso_public void sudo_digest_free_v1(struct sudo_digest *dig);
sudo_dso_public void sudo_digest_reset_v1(struct sudo_digest *dig); sudo_dso_public void sudo_digest_reset_v1(struct sudo_digest *dig);
sudo_dso_public int sudo_digest_getlen_v1(unsigned int digest_type); sudo_dso_public int sudo_digest_getlen_v1(unsigned int digest_type);
sudo_dso_public size_t sudo_digest_getlen_v2(unsigned int digest_type);
sudo_dso_public void sudo_digest_update_v1(struct sudo_digest *dig, const void *data, size_t len); sudo_dso_public void sudo_digest_update_v1(struct sudo_digest *dig, const void *data, size_t len);
sudo_dso_public void sudo_digest_final_v1(struct sudo_digest *dig, unsigned char *md); sudo_dso_public void sudo_digest_final_v1(struct sudo_digest *dig, unsigned char *md);
#define sudo_digest_alloc(_a) sudo_digest_alloc_v1((_a)) #define sudo_digest_alloc(_a) sudo_digest_alloc_v1((_a))
#define sudo_digest_free(_a) sudo_digest_free_v1((_a)) #define sudo_digest_free(_a) sudo_digest_free_v1((_a))
#define sudo_digest_reset(_a) sudo_digest_reset_v1((_a)) #define sudo_digest_reset(_a) sudo_digest_reset_v1((_a))
#define sudo_digest_getlen(_a) sudo_digest_getlen_v1((_a)) #define sudo_digest_getlen(_a) sudo_digest_getlen_v2((_a))
#define sudo_digest_update(_a, _b, _c) sudo_digest_update_v1((_a), (_b), (_c)) #define sudo_digest_update(_a, _b, _c) sudo_digest_update_v1((_a), (_b), (_c))
#define sudo_digest_final(_a, _b) sudo_digest_final_v1((_a), (_b)) #define sudo_digest_final(_a, _b) sudo_digest_final_v1((_a), (_b))

17
lib/util/digest.c
View File

@ -43,7 +43,7 @@
#endif #endif
static struct digest_function { static struct digest_function {
const unsigned int digest_len; const size_t digest_len;
void (*init)(SHA2_CTX *); void (*init)(SHA2_CTX *);
#ifdef SHA2_VOID_PTR #ifdef SHA2_VOID_PTR
void (*update)(SHA2_CTX *, const void *, size_t); void (*update)(SHA2_CTX *, const void *, size_t);
@ -130,18 +130,25 @@ sudo_digest_reset_v1(struct sudo_digest *dig)
debug_return; debug_return;
} }
int size_t
sudo_digest_getlen_v1(unsigned int digest_type) sudo_digest_getlen_v2(unsigned int digest_type)
{ {
debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL); debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL);
unsigned int i; unsigned int i;
for (i = 0; digest_functions[i].digest_len != 0; i++) { for (i = 0; digest_functions[i].digest_len != 0; i++) {
if (digest_type == i) if (digest_type == i)
debug_return_int(digest_functions[i].digest_len); debug_return_size_t(digest_functions[i].digest_len);
} }
debug_return_int(-1); debug_return_size_t(0);
}
int
sudo_digest_getlen_v1(unsigned int digest_type)
{
size_t len = sudo_digest_getlen_v2(digest_type);
return len ? (int)len : -1;
} }
void void

15
lib/util/digest_gcrypt.c
View File

@ -125,17 +125,24 @@ sudo_digest_reset_v1(struct sudo_digest *dig)
debug_return; debug_return;
} }
int size_t
sudo_digest_getlen_v1(unsigned int digest_type) sudo_digest_getlen_v2(unsigned int digest_type)
{ {
debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL); debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL);
int gcry_digest_type; int gcry_digest_type;
gcry_digest_type = sudo_digest_type_to_gcry(digest_type); gcry_digest_type = sudo_digest_type_to_gcry(digest_type);
if (gcry_digest_type == -1) if (gcry_digest_type == -1)
debug_return_int(-1); debug_return_size_t(0);
debug_return_int(gcry_md_get_algo_dlen(gcry_digest_type)); debug_return_size_t(gcry_md_get_algo_dlen(gcry_digest_type));
}
int
sudo_digest_getlen_v1(unsigned int digest_type)
{
size_t len = sudo_digest_getlen_v2(digest_type);
return len ? (int)len : -1;
} }
void void

15
lib/util/digest_openssl.c
View File

@ -118,17 +118,24 @@ sudo_digest_reset_v1(struct sudo_digest *dig)
debug_return; debug_return;
} }
int size_t
sudo_digest_getlen_v1(unsigned int digest_type) sudo_digest_getlen_v2(unsigned int digest_type)
{ {
const EVP_MD *md; const EVP_MD *md;
debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL); debug_decl(sudo_digest_getlen, SUDO_DEBUG_UTIL);
md = sudo_digest_type_to_md(digest_type); md = sudo_digest_type_to_md(digest_type);
if (md == NULL) if (md == NULL)
debug_return_int(-1); debug_return_size_t(0);
debug_return_int(EVP_MD_size(md)); debug_return_size_t((size_t)EVP_MD_size(md));
}
int
sudo_digest_getlen_v1(unsigned int digest_type)
{
size_t len = sudo_digest_getlen_v2(digest_type);
return len ? (int)len : -1;
} }
void void

2
lib/util/getentropy.c
View File

@ -436,7 +436,7 @@ getentropy_fallback(void *buf, size_t len)
if ((ctx = sudo_digest_alloc(SUDO_DIGEST_SHA512)) == NULL) if ((ctx = sudo_digest_alloc(SUDO_DIGEST_SHA512)) == NULL)
return -1; return -1;
digest_len = sudo_digest_getlen(SUDO_DIGEST_SHA512); digest_len = sudo_digest_getlen(SUDO_DIGEST_SHA512);
if (digest_len == (size_t)-1 || (results = malloc(digest_len)) == NULL) if (digest_len == 0 || (results = malloc(digest_len)) == NULL)
goto done; goto done;
pid = getpid(); pid = getpid();

4
lib/util/regress/digest/digest_test.c
View File

@ -1109,10 +1109,10 @@ run_tests(unsigned int digest_type, struct test_vector *test_vectors)
struct sudo_digest *ctx; struct sudo_digest *ctx;
unsigned char md[64]; /* SHA512_DIGEST_LENGTH */ unsigned char md[64]; /* SHA512_DIGEST_LENGTH */
char mdhex[128 + 1]; /* SHA512_DIGEST_LENGTH * 2 + 1 */ char mdhex[128 + 1]; /* SHA512_DIGEST_LENGTH * 2 + 1 */
int i, j, digest_len; size_t i, j, digest_len;
digest_len = sudo_digest_getlen(digest_type); digest_len = sudo_digest_getlen(digest_type);
if (digest_len == -1) if (digest_len == 0)
sudo_fatalx("unable to get digest length for type %d", digest_type); sudo_fatalx("unable to get digest length for type %d", digest_type);
if (digest_len > ssizeof(md)) if (digest_len > ssizeof(md))
sudo_fatalx("digest length too big for type %d", digest_type); sudo_fatalx("digest length too big for type %d", digest_type);

1
lib/util/util.exp.in
View File

@ -50,6 +50,7 @@ sudo_digest_alloc_v1
sudo_digest_final_v1 sudo_digest_final_v1
sudo_digest_free_v1 sudo_digest_free_v1
sudo_digest_getlen_v1 sudo_digest_getlen_v1
sudo_digest_getlen_v2
sudo_digest_reset_v1 sudo_digest_reset_v1
sudo_digest_update_v1 sudo_digest_update_v1
sudo_dso_findsym_v1 sudo_dso_findsym_v1

4
plugins/sudoers/filedigest.c
View File

@ -45,8 +45,8 @@ sudo_filedigest(int fd, const char *file, unsigned int digest_type,
int fd2; int fd2;
debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL); debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL);
*digest_len = (size_t)sudo_digest_getlen(digest_type); *digest_len = sudo_digest_getlen(digest_type);
if (*digest_len == (size_t)-1) { if (*digest_len == 0) {
sudo_warnx(U_("unsupported digest type %u for %s"), digest_type, file); sudo_warnx(U_("unsupported digest type %u for %s"), digest_type, file);
debug_return_ptr(NULL); debug_return_ptr(NULL);
} }

8
plugins/sudoers/toke.c
View File

@ -3906,9 +3906,9 @@ YY_RULE_SETUP
#line 319 "toke.l" #line 319 "toke.l"
{ {
/* Only return DIGEST if the length is correct. */ /* Only return DIGEST if the length is correct. */
int digest_len = size_t digest_len =
sudo_digest_getlen(digest_type); sudo_digest_getlen(digest_type);
if (sudoersleng == digest_len * 2) { if ((size_t)sudoersleng == digest_len * 2) {
if (!fill(sudoerstext, sudoersleng)) if (!fill(sudoerstext, sudoersleng))
yyterminate(); yyterminate();
BEGIN INITIAL; BEGIN INITIAL;
@ -3924,7 +3924,7 @@ YY_RULE_SETUP
#line 334 "toke.l" #line 334 "toke.l"
{ {
/* Only return DIGEST if the length is correct. */ /* Only return DIGEST if the length is correct. */
int len, digest_len = size_t len, digest_len =
sudo_digest_getlen(digest_type); sudo_digest_getlen(digest_type);
if (sudoerstext[sudoersleng - 1] == '=') { if (sudoerstext[sudoersleng - 1] == '=') {
/* use padding */ /* use padding */
@ -3933,7 +3933,7 @@ YY_RULE_SETUP
/* no padding */ /* no padding */
len = (4 * digest_len + 2) / 3; len = (4 * digest_len + 2) / 3;
} }
if (sudoersleng == len) { if ((size_t)sudoersleng == len) {
if (!fill(sudoerstext, sudoersleng)) if (!fill(sudoerstext, sudoersleng))
yyterminate(); yyterminate();
BEGIN INITIAL; BEGIN INITIAL;

8
plugins/sudoers/toke.l
View File

@ -318,9 +318,9 @@ DEFVAR [a-z_]+
<WANTDIGEST>[[:xdigit:]]+ { <WANTDIGEST>[[:xdigit:]]+ {
/* Only return DIGEST if the length is correct. */ /* Only return DIGEST if the length is correct. */
int digest_len = size_t digest_len =
sudo_digest_getlen(digest_type); sudo_digest_getlen(digest_type);
if (sudoersleng == digest_len * 2) { if ((size_t)sudoersleng == digest_len * 2) {
if (!fill(sudoerstext, sudoersleng)) if (!fill(sudoerstext, sudoersleng))
yyterminate(); yyterminate();
BEGIN INITIAL; BEGIN INITIAL;
@ -333,7 +333,7 @@ DEFVAR [a-z_]+
<WANTDIGEST>[A-Za-z0-9\+/=]+ { <WANTDIGEST>[A-Za-z0-9\+/=]+ {
/* Only return DIGEST if the length is correct. */ /* Only return DIGEST if the length is correct. */
int len, digest_len = size_t len, digest_len =
sudo_digest_getlen(digest_type); sudo_digest_getlen(digest_type);
if (sudoerstext[sudoersleng - 1] == '=') { if (sudoerstext[sudoersleng - 1] == '=') {
/* use padding */ /* use padding */
@ -342,7 +342,7 @@ DEFVAR [a-z_]+
/* no padding */ /* no padding */
len = (4 * digest_len + 2) / 3; len = (4 * digest_len + 2) / 3;
} }
if (sudoersleng == len) { if ((size_t)sudoersleng == len) {
if (!fill(sudoerstext, sudoersleng)) if (!fill(sudoerstext, sudoersleng))
yyterminate(); yyterminate();
BEGIN INITIAL; BEGIN INITIAL;