procyberian/emacs
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Avoid assertion violations in gnutls.c

Browse source 
* src/gnutls.c (Fgnutls_hash_digest, gnutls_symmetric)
(Fgnutls_hash_mac): Check CONSP before invoking XCDR.  (Bug#32187)
Report values of invalid arguments when signaling an error.
This commit is contained in:
Eli Zaretskii 2018-07-17 19:58:27 +03:00
parent 90110f8499
commit a4767a662b
1 changed files with 32 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

38
src/gnutls.c
View file

@ -2024,7 +2024,14 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
cipher = intern (SSDATA (cipher)); cipher = intern (SSDATA (cipher));
if (SYMBOLP (cipher)) if (SYMBOLP (cipher))
info = XCDR (Fassq (cipher, Fgnutls_ciphers ())); {
info = Fassq (cipher, Fgnutls_ciphers ());
if (!CONSP (info))
xsignal2 (Qerror,
build_string ("GnuTLS cipher is invalid or not found"),
cipher);
info = XCDR (info);
}
else if (TYPE_RANGED_INTEGERP (gnutls_cipher_algorithm_t, cipher)) else if (TYPE_RANGED_INTEGERP (gnutls_cipher_algorithm_t, cipher))
gca = XINT (cipher); gca = XINT (cipher);
else else
@ -2039,7 +2046,8 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
ptrdiff_t key_size = gnutls_cipher_get_key_size (gca); ptrdiff_t key_size = gnutls_cipher_get_key_size (gca);
if (key_size == 0) if (key_size == 0)
error ("GnuTLS cipher is invalid or not found"); xsignal2 (Qerror,
build_string ("GnuTLS cipher is invalid or not found"), cipher);
ptrdiff_t kstart_byte, kend_byte; ptrdiff_t kstart_byte, kend_byte;
const char *kdata = extract_data_from_object (key, &kstart_byte, &kend_byte); const char *kdata = extract_data_from_object (key, &kstart_byte, &kend_byte);
@ -2295,7 +2303,14 @@ itself. */)
hash_method = intern (SSDATA (hash_method)); hash_method = intern (SSDATA (hash_method));
if (SYMBOLP (hash_method)) if (SYMBOLP (hash_method))
info = XCDR (Fassq (hash_method, Fgnutls_macs ())); {
info = Fassq (hash_method, Fgnutls_macs ());
if (!CONSP (info))
xsignal2 (Qerror,
build_string ("GnuTLS MAC-method is invalid or not found"),
hash_method);
info = XCDR (info);
}
else if (TYPE_RANGED_INTEGERP (gnutls_mac_algorithm_t, hash_method)) else if (TYPE_RANGED_INTEGERP (gnutls_mac_algorithm_t, hash_method))
gma = XINT (hash_method); gma = XINT (hash_method);
else else
@ -2310,7 +2325,9 @@ itself. */)
ptrdiff_t digest_length = gnutls_hmac_get_len (gma); ptrdiff_t digest_length = gnutls_hmac_get_len (gma);
if (digest_length == 0) if (digest_length == 0)
error ("GnuTLS MAC-method is invalid or not found"); xsignal2 (Qerror,
build_string ("GnuTLS MAC-method is invalid or not found"),
hash_method);
ptrdiff_t kstart_byte, kend_byte; ptrdiff_t kstart_byte, kend_byte;
const char *kdata = extract_data_from_object (key, &kstart_byte, &kend_byte); const char *kdata = extract_data_from_object (key, &kstart_byte, &kend_byte);
@ -2376,7 +2393,14 @@ the number itself. */)
digest_method = intern (SSDATA (digest_method)); digest_method = intern (SSDATA (digest_method));
if (SYMBOLP (digest_method)) if (SYMBOLP (digest_method))
info = XCDR (Fassq (digest_method, Fgnutls_digests ())); {
info = Fassq (digest_method, Fgnutls_digests ());
if (!CONSP (info))
xsignal2 (Qerror,
build_string ("GnuTLS digest-method is invalid or not found"),
digest_method);
info = XCDR (info);
}
else if (TYPE_RANGED_INTEGERP (gnutls_digest_algorithm_t, digest_method)) else if (TYPE_RANGED_INTEGERP (gnutls_digest_algorithm_t, digest_method))
gda = XINT (digest_method); gda = XINT (digest_method);
else else
@ -2391,7 +2415,9 @@ the number itself. */)
ptrdiff_t digest_length = gnutls_hash_get_len (gda); ptrdiff_t digest_length = gnutls_hash_get_len (gda);
if (digest_length == 0) if (digest_length == 0)
error ("GnuTLS digest-method is invalid or not found"); xsignal2 (Qerror,
build_string ("GnuTLS digest-method is invalid or not found"),
digest_method);
gnutls_hash_hd_t hash; gnutls_hash_hd_t hash;
int ret = gnutls_hash_init (&hash, gda); int ret = gnutls_hash_init (&hash, gda);