Skip to content

Commit 2a77f26

Browse files
yosuke-wolfsslyosuke-wolfssl
committed
Add the validations of input argument and PreparePacket
1 parent 4ed01d3 commit 2a77f26

1 file changed

Lines changed: 56 additions & 44 deletions

File tree

src/internal.c

Lines changed: 56 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -15419,6 +15419,7 @@ static int BuildUserAuthRequestPublicKey(WOLFSSH* ssh,
1541915419
int SendUserAuthKeyboardResponse(WOLFSSH* ssh)
1542015420
{
1542115421
byte* output;
15422+
int authRet = WS_SUCCESS;
1542215423
int ret = WS_SUCCESS;
1542315424
word32 idx;
1542415425
word32 payloadSz = 0;
@@ -15427,47 +15428,58 @@ int SendUserAuthKeyboardResponse(WOLFSSH* ssh)
1542715428

1542815429
WLOG(WS_LOG_DEBUG, "Entering SendUserAuthKeyboardResponse()");
1542915430

15430-
authData.type = WOLFSSH_USERAUTH_KEYBOARD;
15431-
authData.username = (const byte*)ssh->userName;
15432-
authData.usernameSz = ssh->userNameSz;
15433-
authData.sf.keyboard.promptCount = ssh->kbAuth.promptCount;
15434-
authData.sf.keyboard.promptName = ssh->kbAuth.promptName;
15435-
authData.sf.keyboard.promptNameSz = ssh->kbAuth.promptName ?
15436-
(word32)WSTRLEN((char*)ssh->kbAuth.promptName) : 0;
15437-
authData.sf.keyboard.promptInstruction = ssh->kbAuth.promptInstruction;
15438-
authData.sf.keyboard.promptInstructionSz = ssh->kbAuth.promptInstruction ?
15439-
(word32)WSTRLEN((char*)ssh->kbAuth.promptInstruction) : 0;
15440-
authData.sf.keyboard.promptLanguage = ssh->kbAuth.promptLanguage;
15441-
authData.sf.keyboard.promptLanguageSz = ssh->kbAuth.promptLanguage ?
15442-
(word32)WSTRLEN((char*)ssh->kbAuth.promptLanguage) : 0;
15443-
authData.sf.keyboard.prompts = ssh->kbAuth.prompts;
15444-
authData.sf.keyboard.promptEcho = ssh->kbAuth.promptEcho;
15445-
authData.sf.keyboard.responseCount = 0;
15446-
15447-
WLOG(WS_LOG_DEBUG, "SUAR: Calling the userauth callback");
15448-
ret = ssh->ctx->userAuthCb(WOLFSSH_USERAUTH_KEYBOARD, &authData,
15449-
ssh->userAuthCtx);
15450-
15451-
WFREE(ssh->kbAuth.promptName, ssh->ctx->heap, 0);
15452-
WFREE(ssh->kbAuth.promptInstruction, ssh->ctx->heap, 0);
15453-
WFREE(ssh->kbAuth.promptLanguage, ssh->ctx->heap, 0);
15454-
WFREE(ssh->kbAuth.promptEcho, ssh->ctx->heap, 0);
15455-
for (prompt = 0; prompt < ssh->kbAuth.promptCount; prompt++) {
15456-
WFREE((void*)ssh->kbAuth.prompts[prompt], ssh->ctx->heap, 0);
15457-
}
15458-
WFREE(ssh->kbAuth.prompts, ssh->ctx->heap, 0);
15459-
15460-
if (ret != WOLFSSH_USERAUTH_SUCCESS) {
15461-
WLOG(WS_LOG_DEBUG, "SUAR: Couldn't get keyboard auth");
15462-
ret = WS_FATAL_ERROR;
15431+
if (ssh == NULL || ssh->ctx == NULL) {
15432+
ret = WS_BAD_ARGUMENT;
1546315433
}
15464-
else if (ssh->kbAuth.promptCount != authData.sf.keyboard.responseCount) {
15465-
WLOG(WS_LOG_DEBUG,
15466-
"SUAR: Keyboard auth response count does not match request count");
15467-
ret = WS_USER_AUTH_E;
15434+
if (ret == WS_SUCCESS && ssh->ctx->userAuthCb == NULL) {
15435+
ret = WS_INVALID_STATE_E;
1546815436
}
15469-
else {
15470-
WLOG(WS_LOG_DEBUG, "SUAR: Callback successful keyboard");
15437+
15438+
if (ret == WS_SUCCESS) {
15439+
authData.type = WOLFSSH_USERAUTH_KEYBOARD;
15440+
authData.username = (const byte*)ssh->userName;
15441+
authData.usernameSz = ssh->userNameSz;
15442+
authData.sf.keyboard.promptCount = ssh->kbAuth.promptCount;
15443+
authData.sf.keyboard.promptName = ssh->kbAuth.promptName;
15444+
authData.sf.keyboard.promptNameSz = ssh->kbAuth.promptName ?
15445+
(word32)WSTRLEN((char*)ssh->kbAuth.promptName) : 0;
15446+
authData.sf.keyboard.promptInstruction = ssh->kbAuth.promptInstruction;
15447+
authData.sf.keyboard.promptInstructionSz = ssh->kbAuth.promptInstruction ?
15448+
(word32)WSTRLEN((char*)ssh->kbAuth.promptInstruction) : 0;
15449+
authData.sf.keyboard.promptLanguage = ssh->kbAuth.promptLanguage;
15450+
authData.sf.keyboard.promptLanguageSz = ssh->kbAuth.promptLanguage ?
15451+
(word32)WSTRLEN((char*)ssh->kbAuth.promptLanguage) : 0;
15452+
authData.sf.keyboard.prompts = ssh->kbAuth.prompts;
15453+
authData.sf.keyboard.promptEcho = ssh->kbAuth.promptEcho;
15454+
authData.sf.keyboard.responseCount = 0;
15455+
15456+
WLOG(WS_LOG_DEBUG, "SUAR: Calling the userauth callback");
15457+
authRet = ssh->ctx->userAuthCb(WOLFSSH_USERAUTH_KEYBOARD, &authData,
15458+
ssh->userAuthCtx);
15459+
15460+
WFREE(ssh->kbAuth.promptName, ssh->ctx->heap, 0);
15461+
WFREE(ssh->kbAuth.promptInstruction, ssh->ctx->heap, 0);
15462+
WFREE(ssh->kbAuth.promptLanguage, ssh->ctx->heap, 0);
15463+
WFREE(ssh->kbAuth.promptEcho, ssh->ctx->heap, 0);
15464+
for (prompt = 0; prompt < ssh->kbAuth.promptCount; prompt++) {
15465+
WFREE((void*)ssh->kbAuth.prompts[prompt], ssh->ctx->heap, 0);
15466+
}
15467+
WFREE(ssh->kbAuth.prompts, ssh->ctx->heap, 0);
15468+
}
15469+
15470+
if (ret == WS_SUCCESS) {
15471+
if (authRet != WOLFSSH_USERAUTH_SUCCESS) {
15472+
WLOG(WS_LOG_DEBUG, "SUAR: Couldn't get keyboard auth");
15473+
ret = WS_FATAL_ERROR;
15474+
}
15475+
else if (ssh->kbAuth.promptCount != authData.sf.keyboard.responseCount) {
15476+
WLOG(WS_LOG_DEBUG,
15477+
"SUAR: Keyboard auth response count does not match request count");
15478+
ret = WS_USER_AUTH_E;
15479+
}
15480+
else {
15481+
WLOG(WS_LOG_DEBUG, "SUAR: Callback successful keyboard");
15482+
}
1547115483
}
1547215484

1547315485
payloadSz = MSG_ID_SZ;
@@ -15479,13 +15491,13 @@ int SendUserAuthKeyboardResponse(WOLFSSH* ssh)
1547915491
ret = PreparePacket(ssh, payloadSz);
1548015492
}
1548115493

15482-
output = ssh->outputBuffer.buffer;
15483-
idx = ssh->outputBuffer.length;
15484-
15485-
output[idx++] = MSGID_USERAUTH_INFO_RESPONSE;
15494+
if (ret == WS_SUCCESS) {
15495+
output = ssh->outputBuffer.buffer;
15496+
idx = ssh->outputBuffer.length;
1548615497

15487-
if (ret == WS_SUCCESS)
15498+
output[idx++] = MSGID_USERAUTH_INFO_RESPONSE;
1548815499
ret = BuildUserAuthResponseKeyboard(ssh, output, &idx, &authData);
15500+
}
1548915501

1549015502
if (ret == WS_SUCCESS) {
1549115503
ssh->outputBuffer.length = idx;

0 commit comments

Comments
 (0)