Revamp get_bn_from_bin()

* Add bounds checking. * Add error checking for OpenSSL calls. * Only set *bnp on success.
author: Doug Hogan <[email protected]> 2019-01-03 19:33:40 -0800
committer: Doug Hogan <[email protected]> 2019-01-08 00:08:22 -0800
commit: 792e83f15c43771342b9f36d940d2c2bd1cfa336 (patch)
tree: b1717c6002ce6653d859907fbfad3ab30f27680c /lib/crypto
parent: d48b585cc3b4b324f30785494d406c7082bf8fdb (diff)
download: otp-792e83f15c43771342b9f36d940d2c2bd1cfa336.tar.gz
otp-792e83f15c43771342b9f36d940d2c2bd1cfa336.tar.bz2
otp-792e83f15c43771342b9f36d940d2c2bd1cfa336.zip
1 files changed, 15 insertions, 4 deletions
diff --git a/lib/crypto/c_src/bn.c b/lib/crypto/c_src/bn.c
index a8112350dc..a111269539 100644
--- a/lib/crypto/c_src/bn.c
+++ b/lib/crypto/c_src/bn.c
@@ -52,13 +52,24 @@ int get_bn_from_mpint(ErlNifEnv* env, ERL_NIF_TERM term, BIGNUM** bnp)
 
 int get_bn_from_bin(ErlNifEnv* env, ERL_NIF_TERM term, BIGNUM** bnp)
 {
+    BIGNUM *ret;
     ErlNifBinary bin;
-    if (!enif_inspect_binary(env,term,&bin)) {
-	return 0;
-    }
+
+    if (!enif_inspect_binary(env, term, &bin))
+        goto err;
+    if (bin.size > INT_MAX)
+        goto err;
+
     ERL_VALGRIND_ASSERT_MEM_DEFINED(bin.data, bin.size);
-    *bnp = BN_bin2bn(bin.data, bin.size, NULL);
+
+    if ((ret = BN_bin2bn(bin.data, (int)bin.size, NULL)) == NULL)
+        goto err;
+
+    *bnp = ret;
     return 1;
+
+ err:
+    return 0;
 }
 
 ERL_NIF_TERM bin_from_bn(ErlNifEnv* env, const BIGNUM *bn)
author	Doug Hogan <[email protected]>	2019-01-03 19:33:40 -0800
committer	Doug Hogan <[email protected]>	2019-01-08 00:08:22 -0800
commit	792e83f15c43771342b9f36d940d2c2bd1cfa336 (patch)
tree	b1717c6002ce6653d859907fbfad3ab30f27680c /lib/crypto
parent	d48b585cc3b4b324f30785494d406c7082bf8fdb (diff)
download	otp-792e83f15c43771342b9f36d940d2c2bd1cfa336.tar.gz otp-792e83f15c43771342b9f36d940d2c2bd1cfa336.tar.bz2 otp-792e83f15c43771342b9f36d940d2c2bd1cfa336.zip