From 879e62697e2da35b1517b733cf9b2e8318b8d98e Mon Sep 17 00:00:00 2001 From: Andres AG Date: Fri, 2 Sep 2016 14:06:04 +0100 Subject: [PATCH] Allow the entry_name size to be set in config.h Allow the size of the entry_name character array in x509_crt.c to be configurable through a macro in config.h. entry_name holds a path/filename string. The macro introduced in MBEDTLS_X509_MAX_FILE_PATH_LEN. --- ChangeLog | 3 +++ include/mbedtls/config.h | 1 + include/mbedtls/x509_crt.h | 4 ++++ library/x509_crt.c | 17 ++++++++++++----- 4 files changed, 20 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2007c410c..662ed8f19 100644 --- a/ChangeLog +++ b/ChangeLog @@ -44,6 +44,9 @@ Bugfix buffer. * Fix invalid buffer sizes passed to zlib during record compression and decompression. + * Added the macro MBEDTLS_X509_MAX_FILE_PATH_LEN that enables the user to + configure the maximum length of a file path that can be buffered when + calling mbedtls_x509_crt_parse_path(). Changes * Improve testing in configurations that omit certain hashes or diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 0444eb12a..968964317 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2492,6 +2492,7 @@ /* X509 options */ //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ +//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ /** * Allow SHA-1 in the default TLS configuration for certificate signing. diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index f82f91fce..3548b9a6d 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -120,6 +120,10 @@ mbedtls_x509_crt_profile; #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 +#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) +#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 +#endif + /** * Container for writing a certificate (CRT) */ diff --git a/library/x509_crt.c b/library/x509_crt.c index e79735568..f567afcb4 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1169,9 +1169,10 @@ cleanup: FindClose( hFind ); #else /* _WIN32 */ int t_ret; + int snp_ret; struct stat sb; struct dirent *entry; - char entry_name[255]; + char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN]; DIR *dir = opendir( path ); if( dir == NULL ) @@ -1187,11 +1188,16 @@ cleanup: while( ( entry = readdir( dir ) ) != NULL ) { - mbedtls_snprintf( entry_name, sizeof entry_name, "%s/%s", path, entry->d_name ); + snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name, + "%s/%s", path, entry->d_name ); - if( stat( entry_name, &sb ) == -1 ) + if( snp_ret < 0 || (size_t)snp_ret >= sizeof entry_name ) + { + ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + goto cleanup; + } + else if( stat( entry_name, &sb ) == -1 ) { - closedir( dir ); ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; goto cleanup; } @@ -1207,9 +1213,10 @@ cleanup: else ret += t_ret; } - closedir( dir ); cleanup: + closedir( dir ); + #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 ) ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;