From c0615a472f8d23ce449fd59bbb1cdf7071082a43 Mon Sep 17 00:00:00 2001 From: Edwin Mons <edwin.mons@isode.com> Date: Mon, 29 Oct 2018 14:31:18 +0000 Subject: Catch bad_numeric_casts in crypto code Exceptions thrown by boost::numeric_cast are now caught and an assert explicitly triggered. Test-Information: Unit tests pass on macOS 10.13 Change-Id: I9a1cbe5ae2765e4275bf35473a871ef8468fd729 diff --git a/Swiften/Crypto/CommonCryptoCryptoProvider.cpp b/Swiften/Crypto/CommonCryptoCryptoProvider.cpp index d4257e0..3cc69b0 100644 --- a/Swiften/Crypto/CommonCryptoCryptoProvider.cpp +++ b/Swiften/Crypto/CommonCryptoCryptoProvider.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2017 Isode Limited. + * Copyright (c) 2013-2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -49,7 +49,12 @@ namespace { template<typename ContainerType> Hash& updateInternal(const ContainerType& data) { assert(!finalized); - if (!CC_SHA1_Update(&context, vecptr(data), boost::numeric_cast<CC_LONG>(data.size()))) { + try { + if (!CC_SHA1_Update(&context, vecptr(data), boost::numeric_cast<CC_LONG>(data.size()))) { + assert(false); + } + } + catch (const boost::numeric::bad_numeric_cast&) { assert(false); } return *this; @@ -90,7 +95,12 @@ namespace { template<typename ContainerType> Hash& updateInternal(const ContainerType& data) { assert(!finalized); - if (!CC_MD5_Update(&context, vecptr(data), boost::numeric_cast<CC_LONG>(data.size()))) { + try { + if (!CC_MD5_Update(&context, vecptr(data), boost::numeric_cast<CC_LONG>(data.size()))) { + assert(false); + } + } + catch (const boost::numeric::bad_numeric_cast&) { assert(false); } return *this; @@ -104,7 +114,12 @@ namespace { template<typename T> ByteArray getHMACSHA1Internal(const T& key, const ByteArray& data) { std::vector<unsigned char> result(CC_SHA1_DIGEST_LENGTH); - CCHmac(kCCHmacAlgSHA1, vecptr(key), key.size(), vecptr(data), boost::numeric_cast<CC_LONG>(data.size()), vecptr(result)); + try { + CCHmac(kCCHmacAlgSHA1, vecptr(key), key.size(), vecptr(data), boost::numeric_cast<CC_LONG>(data.size()), vecptr(result)); + } + catch (const boost::numeric::bad_numeric_cast&) { + assert(false); + } return result; } } diff --git a/Swiften/Crypto/OpenSSLCryptoProvider.cpp b/Swiften/Crypto/OpenSSLCryptoProvider.cpp index e8c1c73..73f46a6 100644 --- a/Swiften/Crypto/OpenSSLCryptoProvider.cpp +++ b/Swiften/Crypto/OpenSSLCryptoProvider.cpp @@ -107,7 +107,12 @@ namespace { ByteArray getHMACSHA1Internal(const T& key, const ByteArray& data) { unsigned int len = SHA_DIGEST_LENGTH; std::vector<unsigned char> result(len); - HMAC(EVP_sha1(), vecptr(key), boost::numeric_cast<int>(key.size()), vecptr(data), data.size(), vecptr(result), &len); + try { + HMAC(EVP_sha1(), vecptr(key), boost::numeric_cast<int>(key.size()), vecptr(data), boost::numeric_cast<int>(data.size()), vecptr(result), &len); + } + catch (const boost::numeric::bad_numeric_cast&) { + assert(false); + } return result; } } -- cgit v0.10.2-6-g49f6