commit 3c28d95ca7c1f7086c2f840254a2d6663beaf935 Author: Nick Mathewson <nickm@torproject.org> Date: Wed Jul 15 10:35:29 2015 -0400 Add more EINVAL errno setting on key read failures Teor found these. This is for part of #16582. --- src/common/crypto_ed25519.c | 18 ++++++++++++------ src/common/util.c | 9 +++++++-- src/or/routerkeys.c | 8 ++++++-- 3 files changed, 25 insertions(+), 10 deletions(-) diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index 599a1ca..1606d02 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -381,10 +381,13 @@ ed25519_seckey_read_from_file(ed25519_secret_key_t *seckey_out, len = crypto_read_tagged_contents_from_file(filename, "ed25519v1-secret", tag_out, seckey_out->seckey, sizeof(seckey_out->seckey)); - if (len != sizeof(seckey_out->seckey)) - return -1; + if (len == sizeof(seckey_out->seckey)) { + return 0; + } else if (len >= 0) { + errno = EINVAL; + } - return 0; + return -1; } /** @@ -417,10 +420,13 @@ ed25519_pubkey_read_from_file(ed25519_public_key_t *pubkey_out, len = crypto_read_tagged_contents_from_file(filename, "ed25519v1-public", tag_out, pubkey_out->pubkey, sizeof(pubkey_out->pubkey)); - if (len != sizeof(pubkey_out->pubkey)) - return -1; + if (len == sizeof(pubkey_out->pubkey)) { + return 0; + } else if (len >= 0) { + errno = EINVAL; + } - return 0; + return -1; } /** Release all storage held for <b>kp</b>. */ diff --git a/src/common/util.c b/src/common/util.c index a140057..1849613 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -1997,8 +1997,10 @@ read_all(tor_socket_t fd, char *buf, size_t count, int isSocket) size_t numread = 0; ssize_t result; - if (count > SIZE_T_CEILING || count > SSIZE_MAX) + if (count > SIZE_T_CEILING || count > SSIZE_MAX) { + errno = EINVAL; return -1; + } while (numread != count) { if (isSocket) @@ -2558,8 +2560,10 @@ read_file_to_str_until_eof(int fd, size_t max_bytes_to_read, size_t *sz_out) char *string = NULL; size_t string_max = 0; - if (max_bytes_to_read+1 >= SIZE_T_CEILING) + if (max_bytes_to_read+1 >= SIZE_T_CEILING) { + errno = EINVAL; return NULL; + } do { /* XXXX This "add 1K" approach is a little goofy; if we care about @@ -2655,6 +2659,7 @@ read_file_to_str(const char *filename, int flags, struct stat *stat_out) if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING) { close(fd); + errno = EINVAL; return NULL; } diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index 946c48b..77bbcfd 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -34,14 +34,18 @@ read_encrypted_secret_key(ed25519_secret_key_t *out, r = 0; goto done; } - if (strcmp(tag, ENC_KEY_TAG)) + if (strcmp(tag, ENC_KEY_TAG)) { + saved_errno = EINVAL; goto done; + } while (1) { ssize_t pwlen = tor_getpass("Enter pasphrase for master key:", pwbuf, sizeof(pwbuf)); - if (pwlen < 0) + if (pwlen < 0) { + saved_errno = EINVAL; goto done; + } const int r = crypto_unpwbox(&secret, &secret_len, encrypted_key, encrypted_len,