Fix file_name_check() in storemgmt/file_store.c and e_loader_attic.c

Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15892)
2021-06-24 11:08:10 +02:00 · 2021-06-24 11:08:10 +02:00 · 5fc0992fc7
commit 5fc0992fc7
parent d5567d5f6e
2 changed files with 10 additions and 8 deletions
--- a/engines/e_loader_attic.c
+++ b/engines/e_loader_attic.c
@ -9,6 +9,8 @@

 /* THIS ENGINE IS FOR TESTING PURPOSES ONLY. */

+/* This file has quite some overlap with providers/implementations/storemgmt/file_store.c */
+
 /* We need to use some engine deprecated APIs */
 #define OPENSSL_SUPPRESS_DEPRECATED

@ -1449,6 +1451,7 @@ static int file_name_to_uri(OSSL_STORE_LOADER_CTX *ctx, const char *name,
 static int file_name_check(OSSL_STORE_LOADER_CTX *ctx, const char *name)
 {
    const char *p = NULL;
+    size_t len = strlen(ctx->_.dir.search_name);

    /* If there are no search criteria, all names are accepted */
    if (ctx->_.dir.search_name[0] == '\0')
@ -1463,11 +1466,9 @@ static int file_name_check(OSSL_STORE_LOADER_CTX *ctx, const char *name)
    /*
     * First, check the basename
     */
-    if (strncasecmp(name, ctx->_.dir.search_name,
-                    sizeof(ctx->_.dir.search_name) - 1) != 0
-        || name[sizeof(ctx->_.dir.search_name) - 1] != '.')
+    if (strncasecmp(name, ctx->_.dir.search_name, len) != 0 || name[len] != '.')
        return 0;
-    p = &name[sizeof(ctx->_.dir.search_name)];
+    p = &name[len + 1];

    /*
     * Then, if the expected type is a CRL, check that the extension starts