diff options
author | Kim Alvefur <zash@zash.se> | 2022-07-11 17:01:55 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2022-07-11 17:01:55 +0200 |
commit | e893bbf6817ff4193d9639afc40143fd792c9a4b (patch) | |
tree | a759130d39f816df05b084c4d8e7867e33a9dae1 /util-src/crypto.c | |
parent | e12c9a83df999049970403cbbd6a6427f79f889e (diff) | |
download | prosody-e893bbf6817ff4193d9639afc40143fd792c9a4b.tar.gz prosody-e893bbf6817ff4193d9639afc40143fd792c9a4b.zip |
util.crypto: Use stack space buffers
Removes assumption that LUAL_BUFFERSIZE is known at pre-processing time,
which it is not in Lua 5.3 and 5.4, where it is a computed macro based
on sizeof.
Allocation of stack space is safer and faster, no need to worry about
luaL_prepbuffer failing to allocate memory and skipping free()
Diffstat (limited to 'util-src/crypto.c')
-rw-r--r-- | util-src/crypto.c | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/util-src/crypto.c b/util-src/crypto.c index 6822b9bf..0f4edb51 100644 --- a/util-src/crypto.c +++ b/util-src/crypto.c @@ -434,7 +434,8 @@ static int Lparse_ecdsa_signature(lua_State *L) { size_t sig_der_len; const unsigned char *sig_der = (unsigned char*)luaL_checklstring(L, 1, &sig_der_len); const BIGNUM *r, *s; - luaL_Buffer rb, sb; + unsigned char rb[32]; + unsigned char sb[32]; int rlen, slen; sig = d2i_ECDSA_SIG(NULL, &sig_der, sig_der_len); @@ -449,23 +450,19 @@ static int Lparse_ecdsa_signature(lua_State *L) { rlen = BN_num_bytes(r); slen = BN_num_bytes(s); - // COMPAT w/ Lua 5.1 - #if LUAL_BUFFERSIZE < 32 - #error Configured LUAL_BUFFERSIZE is too small for this operation - #endif - - luaL_buffinit(L, &rb); - BN_bn2bin(r, (unsigned char*)luaL_prepbuffer(&rb)); - luaL_addsize(&rb, rlen); - luaL_pushresult(&rb); + if (rlen > 32 || slen > 32) { + ECDSA_SIG_free(sig); + luaL_error(L, "unexpectedly large signature integers"); + } - luaL_buffinit(L, &sb); - BN_bn2bin(s, (unsigned char*)luaL_prepbuffer(&sb)); - luaL_addsize(&sb, slen); - luaL_pushresult(&sb); + BN_bn2bin(r, rb); + BN_bn2bin(s, sb); ECDSA_SIG_free(sig); + lua_pushlstring(L, (const char*)rb, rlen); + lua_pushlstring(L, (const char*)sb, slen); + return 2; } |