From e893bbf6817ff4193d9639afc40143fd792c9a4b Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Mon, 11 Jul 2022 17:01:55 +0200 Subject: util.crypto: Use stack space buffers Removes assumption that LUAL_BUFFERSIZE is known at pre-processing time, which it is not in Lua 5.3 and 5.4, where it is a computed macro based on sizeof. Allocation of stack space is safer and faster, no need to worry about luaL_prepbuffer failing to allocate memory and skipping free() --- util-src/crypto.c | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) (limited to 'util-src/crypto.c') diff --git a/util-src/crypto.c b/util-src/crypto.c index 6822b9bf..0f4edb51 100644 --- a/util-src/crypto.c +++ b/util-src/crypto.c @@ -434,7 +434,8 @@ static int Lparse_ecdsa_signature(lua_State *L) { size_t sig_der_len; const unsigned char *sig_der = (unsigned char*)luaL_checklstring(L, 1, &sig_der_len); const BIGNUM *r, *s; - luaL_Buffer rb, sb; + unsigned char rb[32]; + unsigned char sb[32]; int rlen, slen; sig = d2i_ECDSA_SIG(NULL, &sig_der, sig_der_len); @@ -449,23 +450,19 @@ static int Lparse_ecdsa_signature(lua_State *L) { rlen = BN_num_bytes(r); slen = BN_num_bytes(s); - // COMPAT w/ Lua 5.1 - #if LUAL_BUFFERSIZE < 32 - #error Configured LUAL_BUFFERSIZE is too small for this operation - #endif - - luaL_buffinit(L, &rb); - BN_bn2bin(r, (unsigned char*)luaL_prepbuffer(&rb)); - luaL_addsize(&rb, rlen); - luaL_pushresult(&rb); + if (rlen > 32 || slen > 32) { + ECDSA_SIG_free(sig); + luaL_error(L, "unexpectedly large signature integers"); + } - luaL_buffinit(L, &sb); - BN_bn2bin(s, (unsigned char*)luaL_prepbuffer(&sb)); - luaL_addsize(&sb, slen); - luaL_pushresult(&sb); + BN_bn2bin(r, rb); + BN_bn2bin(s, sb); ECDSA_SIG_free(sig); + lua_pushlstring(L, (const char*)rb, rlen); + lua_pushlstring(L, (const char*)sb, slen); + return 2; } -- cgit v1.2.3