Check exit value for snprintf where it makes sense.

2025-12-13 11:50:10 +01:00 · 2021-05-18 21:41:42 +02:00
parent 280c821b9b
commit df8135dfdf
16 changed files with 96 additions and 40 deletions
--- a/lib/crypto_backend/crypto_cipher_kernel.c
+++ b/lib/crypto_backend/crypto_cipher_kernel.c
@@ -96,11 +96,14 @@ int crypt_cipher_init_kernel(struct crypt_cipher_kernel *ctx, const char *name,
 		.salg_family = AF_ALG,
 		.salg_type = "skcipher",
 	};
+	int r;

 	if (!strcmp(name, "cipher_null"))
 		key_length = 0;

-	snprintf((char *)sa.salg_name, sizeof(sa.salg_name), "%s(%s)", mode, name);
+	r = snprintf((char *)sa.salg_name, sizeof(sa.salg_name), "%s(%s)", mode, name);
+	if (r < 0 || (size_t)r >= sizeof(sa.salg_name))
+		return -EINVAL;

 	return _crypt_cipher_init(ctx, key, key_length, 0, &sa);
 }
@@ -230,7 +233,10 @@ int crypt_cipher_check_kernel(const char *name, const char *mode,
 	}

 	salg_type = aead ? "aead" : "skcipher";
-	snprintf((char *)sa.salg_type, sizeof(sa.salg_type), "%s", salg_type);
+	r = snprintf((char *)sa.salg_type, sizeof(sa.salg_type), "%s", salg_type);
+	if (r < 0 || (size_t)r >= sizeof(sa.salg_name))
+		return -EINVAL;
+
 	memset(tmp_salg_name, 0, sizeof(tmp_salg_name));

 	/* FIXME: this is duplicating a part of devmapper backend */
@@ -243,7 +249,7 @@ int crypt_cipher_check_kernel(const char *name, const char *mode,
 	else
 		r = snprintf(tmp_salg_name, sizeof(tmp_salg_name), "%s(%s)", real_mode, name);

-	if (r <= 0 || r > (int)(sizeof(sa.salg_name) - 1))
+	if (r < 0 || (size_t)r >= sizeof(tmp_salg_name))
 		return -EINVAL;

 	memcpy(sa.salg_name, tmp_salg_name, sizeof(sa.salg_name));
--- a/lib/crypto_backend/crypto_gcrypt.c
+++ b/lib/crypto_backend/crypto_gcrypt.c
@@ -96,6 +96,8 @@ static void crypt_hash_test_whirlpool_bug(void)

 int crypt_backend_init(void)
 {
+	int r;
+
 	if (crypto_backend_initialised)
 		return 0;

@@ -125,11 +127,12 @@ int crypt_backend_init(void)
 	crypto_backend_initialised = 1;
 	crypt_hash_test_whirlpool_bug();

-	snprintf(version, 64, "gcrypt %s%s%s",
+	r = snprintf(version, sizeof(version), "gcrypt %s%s%s",
 		 gcry_check_version(NULL),
 		 crypto_backend_secmem ? "" : ", secmem disabled",
-		 crypto_backend_whirlpool_bug > 0 ? ", flawed whirlpool" : ""
-		);
+		 crypto_backend_whirlpool_bug > 0 ? ", flawed whirlpool" : "");
+	if (r < 0 || (size_t)r >= sizeof(version))
+		return -EINVAL;

 	return 0;
 }
--- a/lib/crypto_backend/crypto_kernel.c
+++ b/lib/crypto_backend/crypto_kernel.c
@@ -126,7 +126,7 @@ int crypt_backend_init(void)
 		.salg_type = "hash",
 		.salg_name = "sha256",
 	};
-	int tfmfd = -1, opfd = -1;
+	int r, tfmfd = -1, opfd = -1;

 	if (crypto_backend_initialised)
 		return 0;
@@ -134,15 +134,17 @@ int crypt_backend_init(void)
 	if (uname(&uts) == -1 || strcmp(uts.sysname, "Linux"))
 		return -EINVAL;

+	r = snprintf(version, sizeof(version), "%s %s kernel cryptoAPI",
+		uts.sysname, uts.release);
+	if (r < 0 || (size_t)r >= sizeof(version))
+		return -EINVAL;
+
 	if (crypt_kernel_socket_init(&sa, &tfmfd, &opfd, NULL, 0) < 0)
 		return -EINVAL;

 	close(tfmfd);
 	close(opfd);

-	snprintf(version, sizeof(version), "%s %s kernel cryptoAPI",
-		 uts.sysname, uts.release);
-
 	crypto_backend_initialised = 1;
 	return 0;
 }
@@ -263,6 +265,7 @@ int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
 		.salg_family = AF_ALG,
 		.salg_type = "hash",
 	};
+	int r;

 	h = malloc(sizeof(*h));
 	if (!h)
@@ -275,8 +278,12 @@ int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
 	}
 	h->hash_len = ha->length;

-	snprintf((char *)sa.salg_name, sizeof(sa.salg_name),
+	r = snprintf((char *)sa.salg_name, sizeof(sa.salg_name),
 		 "hmac(%s)", ha->kernel_name);
+	if (r < 0 || (size_t)r >= sizeof(sa.salg_name)) {
+		free(h);
+		return -EINVAL;
+	}

 	if (crypt_kernel_socket_init(&sa, &h->tfmfd, &h->opfd, key, key_length) < 0) {
 		free(h);
--- a/lib/crypto_backend/crypto_nss.c
+++ b/lib/crypto_backend/crypto_nss.c
@@ -77,6 +77,8 @@ static struct hash_alg *_get_alg(const char *name)

 int crypt_backend_init(void)
 {
+	int r;
+
 	if (crypto_backend_initialised)
 		return 0;

@@ -84,10 +86,13 @@ int crypt_backend_init(void)
 		return -EINVAL;

 #if HAVE_DECL_NSS_GETVERSION
-	snprintf(version, 64, "NSS %s", NSS_GetVersion());
+	r = snprintf(version, sizeof(version), "NSS %s", NSS_GetVersion());
 #else
-	snprintf(version, 64, "NSS");
+	r = snprintf(version, sizeof(version), "NSS");
 #endif
+	if (r < 0 || (size_t)r >= sizeof(version))
+		return -EINVAL;
+
 	crypto_backend_initialised = 1;
 	return 0;
 }
--- a/lib/crypto_backend/crypto_openssl.c
+++ b/lib/crypto_backend/crypto_openssl.c
@@ -402,7 +402,7 @@ static int _cipher_init(EVP_CIPHER_CTX **hd_enc, EVP_CIPHER_CTX **hd_dec, const
 		key_bits /= 2;

 	r = snprintf(cipher_name, sizeof(cipher_name), "%s-%d-%s", name, key_bits, mode);
-	if (r < 0 || r >= (int)sizeof(cipher_name))
+	if (r < 0 || (size_t)r >= sizeof(cipher_name))
 		return -EINVAL;

 	type = EVP_get_cipherbyname(cipher_name);