From 8ac48890e98a4974980b8ca3d5e90a2e52c1a624 Mon Sep 17 00:00:00 2001 From: Benjamin Barenblat Date: Fri, 28 Sep 2018 18:31:33 -0400 Subject: Make NID-to-string routine safer Eliminate the possibility of a null pointer dereference by converting short names to `Maybe String`. --- src/BTLS/BoringSSL/Obj.chs | 11 +++++++++-- src/BTLS/Types.hs | 8 ++------ 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/src/BTLS/BoringSSL/Obj.chs b/src/BTLS/BoringSSL/Obj.chs index a337ad5..7e132e7 100644 --- a/src/BTLS/BoringSSL/Obj.chs +++ b/src/BTLS/BoringSSL/Obj.chs @@ -16,8 +16,15 @@ module BTLS.BoringSSL.Obj ( objNID2SN ) where -import Foreign.C (CString) +import Foreign (nullPtr) +import Foreign.C (CString, peekCString) #include -{#fun pure OBJ_nid2sn as objNID2SN {`Int'} -> `CString'#} +{#fun pure OBJ_nid2sn as objNID2SN + {`Int'} -> `Maybe String' peekCStringOrNull*#} + +peekCStringOrNull :: CString -> IO (Maybe String) +peekCStringOrNull ptr + | ptr == nullPtr = return Nothing + | otherwise = Just <$> peekCString ptr diff --git a/src/BTLS/Types.hs b/src/BTLS/Types.hs index 7a821f8..03f9083 100644 --- a/src/BTLS/Types.hs +++ b/src/BTLS/Types.hs @@ -14,9 +14,7 @@ module BTLS.Types where -import Foreign (Ptr, nullPtr) -import Foreign.C (peekCString) -import Foreign.Marshal.Unsafe (unsafeLocalState) +import Foreign (Ptr) import BTLS.BoringSSL.Base (EVPMD) import BTLS.BoringSSL.Digest (evpMDType) @@ -29,6 +27,4 @@ instance Eq Algorithm where Algorithm a == Algorithm b = evpMDType a == evpMDType b instance Show Algorithm where - show (Algorithm md) = - let sn = objNID2SN (evpMDType md) in - if sn == nullPtr then "" else unsafeLocalState (peekCString sn) + show (Algorithm md) = maybe "" id (objNID2SN (evpMDType md)) -- cgit v1.2.3