mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-16 17:45:16 +00:00
03fc0c626d
While running vircryptotest, it was found that valgrind pointed out the following error: ==27453== Invalid write of size 1 ==27453== at 0x4C7D7C9: virCryptoHashString (vircrypto.c:76) ==27453== by 0x401C4E: testCryptoHash (vircryptotest.c:41) ==27453== by 0x402A11: virtTestRun (testutils.c:199) ==27453== by 0x401AD5: mymain (vircryptotest.c:76) ==27453== by 0x40318D: virtTestMain (testutils.c:782) ==27453== by 0x3E6CE1ED1C: (below main) (libc-start.c:226) ==27453== Address 0x51f0541 is 0 bytes after a block of size 65 alloc'd ==27453== at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==27453== by 0x4C69F2E: virAllocN (viralloc.c:189) ==27453== by 0x4C7D76B: virCryptoHashString (vircrypto.c:69) ==27453== by 0x401C4E: testCryptoHash (vircryptotest.c:41) ==27453== by 0x402A11: virtTestRun (testutils.c:199) ==27453== by 0x401AD5: mymain (vircryptotest.c:76) ==27453== by 0x40318D: virtTestMain (testutils.c:782) ==27453== by 0x3E6CE1ED1C: (below main) (libc-start.c:226) ==27453== ...and many more. Two observations: hashstrlen was already set to include the trailing NUL byte (so writing to hashstrlen as the array offset was indeed writing one byte beyond bounds), and VIR_ALLOC_N already guarantees zero-initialization (so we already have a trailing NUL without needing to explicitly write one). Signed-off-by: Eric Blake <eblake@redhat.com>
79 lines
2.1 KiB
C
79 lines
2.1 KiB
C
/*
|
|
* vircrypto.c: cryptographic helper APIs
|
|
*
|
|
* Copyright (C) 2014 Red Hat, Inc.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library. If not, see
|
|
* <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include <config.h>
|
|
|
|
#include "vircrypto.h"
|
|
#include "virerror.h"
|
|
#include "viralloc.h"
|
|
|
|
#include "md5.h"
|
|
#include "sha256.h"
|
|
|
|
#define VIR_FROM_THIS VIR_FROM_CRYPTO
|
|
|
|
static const char hex[] = "0123456789abcdef";
|
|
|
|
struct virHashInfo {
|
|
void *(*func)(const char *buf, size_t len, void *res);
|
|
size_t hashlen;
|
|
} hashinfo[] = {
|
|
{ md5_buffer, MD5_DIGEST_SIZE },
|
|
{ sha256_buffer, SHA256_DIGEST_SIZE },
|
|
};
|
|
|
|
#define VIR_CRYPTO_LARGEST_DIGEST_SIZE SHA256_DIGEST_SIZE
|
|
|
|
verify(ARRAY_CARDINALITY(hashinfo) == VIR_CRYPTO_HASH_LAST);
|
|
|
|
int
|
|
virCryptoHashString(virCryptoHash hash,
|
|
const char *input,
|
|
char **output)
|
|
{
|
|
unsigned char buf[VIR_CRYPTO_LARGEST_DIGEST_SIZE];
|
|
size_t hashstrlen;
|
|
size_t i;
|
|
|
|
if (hash >= VIR_CRYPTO_HASH_LAST) {
|
|
virReportError(VIR_ERR_INVALID_ARG,
|
|
_("Unknown crypto hash %d"), hash);
|
|
return -1;
|
|
}
|
|
|
|
hashstrlen = (hashinfo[hash].hashlen * 2) + 1;
|
|
|
|
if (!(hashinfo[hash].func(input, strlen(input), buf))) {
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
_("Unable to compute hash of data"));
|
|
return -1;
|
|
}
|
|
|
|
if (VIR_ALLOC_N(*output, hashstrlen) < 0)
|
|
return -1;
|
|
|
|
for (i = 0; i < hashinfo[hash].hashlen; i++) {
|
|
(*output)[i * 2] = hex[(buf[i] >> 4) & 0xf];
|
|
(*output)[(i * 2) + 1] = hex[buf[i] & 0xf];
|
|
}
|
|
|
|
return 0;
|
|
}
|