lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity

[multiple] fix TLS config string parsing 

flagged by coverity

final segment of colon (':') separated string was being ignored
in some TLS config strings in mod_gnutls and mod_mbedtls

workaround: add ':' at end of config string (or apply this patch)
personal/stbuehler/tests-path
Glenn Strauss 2021-01-17 14:33:19 -05:00
parent 0e2a14921e
commit d5b166c04d
2 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/mod_gnutls.c
View File

@ -2991,7 +2991,9 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
if (ciphersuites) {
buffer *b = ciphersuites;
buffer_to_upper(b); /*(ciphersuites are all uppercase (currently))*/
for (const char *p, *e = b->ptr-1; e && (e = strchr((p = e+1),':')); ) {
for (const char *e = b->ptr-1; e; ) {
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (buffer_eq_icase_ss(p, len,
@ -3089,7 +3091,9 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
int rc = 1;
if (e == b->ptr || *e == '\0') --e; /*initial condition for loop below*/
for (const char *p; e && (e = strchr((p = e+1),':')); ) {
do {
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (len >= sizeof(n)) {
log_error(srv->errh, __FILE__, __LINE__,
@ -3229,7 +3233,7 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
rc = 0;
continue;
}
}
} while (e);
if (0 == rc) return 0;
}
@ -3264,7 +3268,9 @@ mod_gnutls_ssl_conf_curves(server *srv, plugin_config_socket *s, const buffer *c
buffer * const plist = &s->priority_str;
const buffer * const b = curvelist;
for (const char *n, *e = b->ptr-1; e && (e = strchr((n = e+1),':')); ) {
for (const char *e = b->ptr-1; e; ) {
const char * const n = e+1;
e = strchr(n, ':');
size_t len = e ? (size_t)(e - n) : strlen(n);
uint32_t i;
for (i = 0; i < sizeof(names)/sizeof(*names)/2; i += 2) {

14
src/mod_mbedtls.c
View File

@ -3103,7 +3103,9 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
if (ciphersuites) {
buffer *b = ciphersuites;
buffer_to_upper(b); /*(ciphersuites are all uppercase (currently))*/
for (const char *p, *e = b->ptr-1; e && (e = strchr((p = e+1),':')); ) {
for (const char *e = b->ptr-1; e; ) {
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (len >= sizeof(n)) {
log_error(srv->errh, __FILE__, __LINE__,
@ -3230,7 +3232,9 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
int rc = 1;
if (e == b->ptr || *e == '\0') --e; /*initial condition for loop below*/
for (const char *p; e && (e = strchr((p = e+1),':')); ) {
do {
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (len >= sizeof(n)) {
log_error(srv->errh, __FILE__, __LINE__,
@ -3508,7 +3512,7 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
rc = 0;
continue;
}
}
} while (e);
if (0 == rc) return 0;
}
@ -3567,7 +3571,9 @@ mod_mbedtls_ssl_conf_curves(server *srv, plugin_config_socket *s, const buffer *
const mbedtls_ecp_curve_info * const curve_info = mbedtls_ecp_curve_list();
const buffer * const b = curvelist;
for (const char *n, *e = b->ptr-1; e && (e = strchr((n = e+1),':')); ) {
for (const char *e = b->ptr-1; e; ) {
const char * const n = e+1;
e = strchr(n, ':');
size_t len = e ? (size_t)(e - n) : strlen(n);
/* similar to mbedtls_ecp_curve_info_from_name() */
const mbedtls_ecp_curve_info *info;