diff options
| author |   beck <beck@openbsd.org> | 2000-04-16 23:50:12 +0000 |
|---|---|---|
| committer | beck <beck@openbsd.org> | 2000-04-16 23:50:12 +0000 |
| commit | 535f5ec40a728dc6af0cadeeb79a35554c7a1548 (patch) | |
| tree | 348df84296fe380d43d170686ccf565e89376bf0 | |
| parent | Fix package conflict for flavors: (diff) | |
| download | wireguard-openbsd-535f5ec40a728dc6af0cadeeb79a35554c7a1548.tar.xz wireguard-openbsd-535f5ec40a728dc6af0cadeeb79a35554c7a1548.zip | |
Fix strcpy/strcat abuse and fix stupid behaviour of the default
RAND_file_name - changed so that it stats the filename it returns
before returing it. If the file won't stat, return DEVRANDOM (for us
/dev/arandom) instead, thus making the default behaviour moderately
intelligent.
| -rw-r--r-- | lib/libcrypto/rand/randfile.c | 31 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/rand/randfile.c | 31 |
2 files changed, 48 insertions, 14 deletions
diff --git a/lib/libcrypto/rand/randfile.c b/lib/libcrypto/rand/randfile.c index c3a0c12c580..53a75667f49 100644 --- a/lib/libcrypto/rand/randfile.c +++ b/lib/libcrypto/rand/randfile.c @@ -218,6 +218,7 @@ const char *RAND_file_name(char *buf, int size) { char *s; char *ret=NULL; + struct stat sb; s=getenv("RANDFILE"); if (s != NULL) @@ -229,15 +230,31 @@ const char *RAND_file_name(char *buf, int size) else { s=getenv("HOME"); - if (s == NULL) return(RFILE); - if (((int)(strlen(s)+strlen(RFILE)+2)) > size) - return(RFILE); - strcpy(buf,s); + if (s == NULL) + ret = RFILE; + if (((int)(strlen(s)+strlen(RFILE)+2)) > size) + ret=RFILE; + else + { + strlcpy(buf,s,size); #ifndef VMS - strcat(buf,"/"); + strcat(buf,"/"); #endif - strcat(buf,RFILE); - ret=buf; + strlcat(buf,RFILE,size); + ret=buf; + } } +#ifdef DEVRANDOM + /* given that all random loads just fail if the file can't be + * seen on a stat, we stat the file we're returning, if it + * fails, use DEVRANDOM instead. the allows the user to + * use their own source for good random data, but defaults + * to something hopefully decent if that isn't available. + */ + + if (stat(ret,&sb) == -1) + ret = DEVRANDOM; +#endif return(ret); } + diff --git a/lib/libssl/src/crypto/rand/randfile.c b/lib/libssl/src/crypto/rand/randfile.c index c3a0c12c580..53a75667f49 100644 --- a/lib/libssl/src/crypto/rand/randfile.c +++ b/lib/libssl/src/crypto/rand/randfile.c @@ -218,6 +218,7 @@ const char *RAND_file_name(char *buf, int size) { char *s; char *ret=NULL; + struct stat sb; s=getenv("RANDFILE"); if (s != NULL) @@ -229,15 +230,31 @@ const char *RAND_file_name(char *buf, int size) else { s=getenv("HOME"); - if (s == NULL) return(RFILE); - if (((int)(strlen(s)+strlen(RFILE)+2)) > size) - return(RFILE); - strcpy(buf,s); + if (s == NULL) + ret = RFILE; + if (((int)(strlen(s)+strlen(RFILE)+2)) > size) + ret=RFILE; + else + { + strlcpy(buf,s,size); #ifndef VMS - strcat(buf,"/"); + strcat(buf,"/"); #endif - strcat(buf,RFILE); - ret=buf; + strlcat(buf,RFILE,size); + ret=buf; + } } +#ifdef DEVRANDOM + /* given that all random loads just fail if the file can't be + * seen on a stat, we stat the file we're returning, if it + * fails, use DEVRANDOM instead. the allows the user to + * use their own source for good random data, but defaults + * to something hopefully decent if that isn't available. + */ + + if (stat(ret,&sb) == -1) + ret = DEVRANDOM; +#endif return(ret); } + |