diff options
| author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-02-26 12:11:03 +0100 |
|---|---|---|
| committer | Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> | 2021-03-02 18:03:54 +0000 |
| commit | d316ae8e830b8b86f81307d35583f20773da6a55 (patch) | |
| tree | 2cebb0be300b22986216ae73b42b6ca296bfdda3 | |
| parent | 79138e41d6bf9ca60056a5c7fe0f35f3b67a9237 (diff) | |
QSsl: fix UB pointer use
Weird macro had inverted notion of type safety: instead of casting
parameters and return values (they are pointers) to work with generic
OPENSSL_sk_xxx functions, it was ... casting a function pointer to an invalid
type to get ... nothing, but UB. Home-brewed (un)'safestack'!!!
Change-Id: Ib91a7ba4cd472f370836797e422456f91a4385b0
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
(cherry picked from commit 9fc2f1f076b953ff0979fb73ed6e70ac9bde278c)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
| -rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols_p.h | 10 | ||||
| -rw-r--r-- | src/network/ssl/qx509_openssl.cpp | 4 |
2 files changed, 7 insertions, 7 deletions
diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h index 9f54efddaa..443faf068f 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -269,8 +269,8 @@ int q_DH_bits(DH *dh); # define q_SSL_load_error_strings() q_OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \ | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL) -#define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_OPENSSL_sk_num)(st) -#define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_OPENSSL_sk_value)(st, i) +#define q_SKM_sk_num(st) q_OPENSSL_sk_num((OPENSSL_STACK *)st) +#define q_SKM_sk_value(type, st,i) (type *)q_OPENSSL_sk_value((OPENSSL_STACK *)st, i) #define q_OPENSSL_add_all_algorithms_conf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ | OPENSSL_INIT_ADD_ALL_DIGESTS \ @@ -612,14 +612,14 @@ void q_PKCS12_free(PKCS12 *pkcs12); #define q_BIO_get_mem_data(b, pp) (int)q_BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) #define q_BIO_pending(b) (int)q_BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) #define q_SSL_CTX_set_mode(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL) -#define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st)) +#define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num((st)) #define q_sk_GENERAL_NAME_value(st, i) q_SKM_sk_value(GENERAL_NAME, (st), (i)) void q_GENERAL_NAME_free(GENERAL_NAME *a); -#define q_sk_X509_num(st) q_SKM_sk_num(X509, (st)) +#define q_sk_X509_num(st) q_SKM_sk_num((st)) #define q_sk_X509_value(st, i) q_SKM_sk_value(X509, (st), (i)) -#define q_sk_SSL_CIPHER_num(st) q_SKM_sk_num(SSL_CIPHER, (st)) +#define q_sk_SSL_CIPHER_num(st) q_SKM_sk_num((st)) #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i)) #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \ q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) diff --git a/src/network/ssl/qx509_openssl.cpp b/src/network/ssl/qx509_openssl.cpp index 376b24ab37..ad9c55463b 100644 --- a/src/network/ssl/qx509_openssl.cpp +++ b/src/network/ssl/qx509_openssl.cpp @@ -194,7 +194,7 @@ QVariant x509UnknownExtensionToValue(X509_EXTENSION *ext) QVariantList list; bool isMap = false; - for (int j = 0; j < q_SKM_sk_num(CONF_VALUE, val); j++) { + for (int j = 0; j < q_SKM_sk_num(val); j++) { CONF_VALUE *nval = q_SKM_sk_value(CONF_VALUE, val, j); if (nval->name && nval->value) { isMap = true; @@ -263,7 +263,7 @@ QVariant x509ExtensionToValue(X509_EXTENSION *ext) if (!info) return {}; QVariantMap result; - for (int i=0; i < q_SKM_sk_num(ACCESS_DESCRIPTION, info); i++) { + for (int i=0; i < q_SKM_sk_num(info); i++) { ACCESS_DESCRIPTION *ad = q_SKM_sk_value(ACCESS_DESCRIPTION, info, i); GENERAL_NAME *name = ad->location; |