diff options
| author | ben | 2019-05-28 14:33:12 +0200 |
|---|---|---|
| committer | ben | 2019-05-28 15:19:37 +0200 |
| commit | c814f3c1c2970773ebc10876882776bd10febf0f (patch) | |
| tree | ce401beb9b372b3c3c231cad10974f45690ea827 /src/main.c | |
| parent | 1cad5dfaab8712d3ad39470c67e968158198b4e9 (diff) | |
| download | inexact-c814f3c1c2970773ebc10876882776bd10febf0f.tar.gz inexact-c814f3c1c2970773ebc10876882776bd10febf0f.tar.bz2 inexact-c814f3c1c2970773ebc10876882776bd10febf0f.tar.xz | |
[FIX] Improve code security by prevent buffer overflow.
Diffstat (limited to 'src/main.c')
| -rw-r--r-- | src/main.c | 61 |
1 files changed, 43 insertions, 18 deletions
@@ -28,6 +28,8 @@ struct arg_file *seckey, *pubkey, *infile, *outfile; struct arg_end *end; struct arg_int *taglen, *noncelen, *cipherlen; +int file_exist (const char *filename); + int main(int argc, char *argv[]) { /* the global arg_xxx structs are initialised within the argtable */ void *argtable[] = { @@ -53,7 +55,7 @@ int main(int argc, char *argv[]) { int exitcode = 0; const char progname[] = "inexact"; - const char ver[] = "beta 1.01"; + const char ver[] = "beta 1.02"; FILE *fo = NULL; int nerrors; @@ -186,7 +188,7 @@ int main(int argc, char *argv[]) { exitcode = 1; goto exit; } - if (access(seckey->filename[0], F_OK) != -1) { + if (file_exist(seckey->filename[0]) == 1) { char ch; printf("Overwrite '%s' ? ", seckey->filename[0]); int res = scanf("%c", &ch); @@ -195,7 +197,7 @@ int main(int argc, char *argv[]) { goto exit; } } - if (access(pubkey->filename[0], F_OK) != -1) { + if (file_exist(pubkey->filename[0]) == 1) { char ch; printf("Overwrite '%s' ? ", pubkey->filename[0]); int res = scanf(" %c", &ch); @@ -245,7 +247,7 @@ int main(int argc, char *argv[]) { } data[len - 1] = '\0'; data_len = len - 1; - } else if (access(infile->filename[0], F_OK) == -1) { + } else if (file_exist(infile->filename[0]) == 0) { printf("Input file '%s' not found.\n", infile->filename[0]); exitcode = 1; goto exit; @@ -379,7 +381,8 @@ int main(int argc, char *argv[]) { int base64_transformation = (base64->count == 0); if (cipherlen->count == 1) { - if (dencrypt->count == 0 || noncelen->count == 1 || base64->count == 1) { + if (dencrypt->count == 0 || noncelen->count == 1 || + base64->count == 1) { printf("Invalid options.\n"); printf("Try '%s --help' for more information.\n", progname); exitcode = 1; @@ -395,7 +398,7 @@ int main(int argc, char *argv[]) { total_encrypted_len - rand_nonce_len; if (symmetric->count == 1) { - total_encrypted_len_without_rand1 = + total_encrypted_len_without_rand1 = total_encrypted_len_without_rand1 + 64; } @@ -417,8 +420,8 @@ int main(int argc, char *argv[]) { } if (weak->count == 1) { - if (dencrypt->count == 0 || noncelen->count == 1 || taglen->count == 1 || - cipherlen->count == 1) { + if (dencrypt->count == 0 || noncelen->count == 1 || + taglen->count == 1 || cipherlen->count == 1) { printf("Invalid options.\n"); printf("Try '%s --help' for more information.\n", progname); exitcode = 1; @@ -428,10 +431,16 @@ int main(int argc, char *argv[]) { auth_tag_len = 4; } + unsigned char *secretkey = malloc(32); + unsigned char *publickey = malloc(32); + unsigned char *salt = malloc(32); + if (secretkey == NULL || publickey == NULL || salt == NULL) { + printf("Malloc failed\n"); + exitcode = 1; + goto exit; + } + if (dencrypt->count == 1) { - unsigned char secretkey[32] = {0}; - unsigned char publickey[32] = {0}; - unsigned char salt[32] = {0}; unsigned char *psalt = NULL; if (symmetric->count == 1) { @@ -442,7 +451,7 @@ int main(int argc, char *argv[]) { } psalt = &salt[0]; } else { - if (access(seckey->filename[0], F_OK) == -1) { + if (file_exist(seckey->filename[0]) == 0) { printf("Secret key file '%s' not found.\n", seckey->filename[0]); exitcode = 1; @@ -453,7 +462,7 @@ int main(int argc, char *argv[]) { exitcode = 1; goto exit; } - if (access(pubkey->filename[0], F_OK) == -1) { + if (file_exist(pubkey->filename[0]) == 0) { printf("Public key file '%s' not found.\n", pubkey->filename[0]); exitcode = 1; @@ -487,9 +496,6 @@ int main(int argc, char *argv[]) { } if (ddecrypt->count == 1) { - unsigned char secretkey[32] = {0}; - unsigned char publickey[32] = {0}; - if (base64->count == 1) { printf("Invalid options.\n"); printf("Try '%s --help' for more information.\n", progname); @@ -503,7 +509,7 @@ int main(int argc, char *argv[]) { goto exit; } } else { - if (access(seckey->filename[0], F_OK) == -1) { + if (file_exist(seckey->filename[0]) == 0) { printf("Secret key file '%s' not found.\n", seckey->filename[0]); exitcode = 1; @@ -514,7 +520,7 @@ int main(int argc, char *argv[]) { exitcode = 1; goto exit; } - if (access(pubkey->filename[0], F_OK) == -1) { + if (file_exist(pubkey->filename[0]) == 0) { printf("Public key file '%s' not found.\n", pubkey->filename[0]); exitcode = 1; @@ -542,8 +548,12 @@ int main(int argc, char *argv[]) { memset(decrypted, 0, decrypted_len); memset(secretkey, 0, 32); memset(publickey, 0, 32); + memset(salt, 0, 32); memset(data, 0, data_len); free(decrypted); + free(secretkey); + free(salt); + free(publickey); } exit: @@ -553,3 +563,18 @@ exit: arg_freetable(argtable, sizeof(argtable) / sizeof(argtable[0])); return exitcode; } + +int file_exist(const char *filename) { + int exist = 0; + FILE *file; + if ((file = fopen(filename, "r")) == NULL) { + if (errno != ENOENT) { + printf("Some other error occured"); + } + } else { + exist = 1; + fclose(file); + } + return exist; +} + |