Additional error checks and a refcount fix for global_passphrase_callback. There were two really big problems in this function: the first one was the silent truncation of passphrases, the second was the refcounting bug, which kept the passphrase in memory until the process exited. See tests for details.

commit: 781295ae151fb709e613d1d30f47f31426f8008e [log] [tgz]
author: Ziga Seilnacht <ziga.seilnacht@gmail.com> Tue Dec 22 14:58:01 2009 +0100
committer: Jean-Paul Calderone <exarkun@divmod.com> Tue Dec 22 14:58:01 2009 +0100
tree: 5e049389c765d7960b55ad8ea9c5cc7a6822eedb
parent: 6b90a40aaaae00de1ba4eef736255fc0eeb7f72a [diff] [blame]
diff --git a/OpenSSL/crypto/crypto.c b/OpenSSL/crypto/crypto.c
index d9ce52e..ec4d0b3 100644
--- a/OpenSSL/crypto/crypto.c
+++ b/OpenSSL/crypto/crypto.c

@@ -45,19 +45,28 @@
 
     func = (PyObject *)cb_arg;
     argv = Py_BuildValue("(i)", rwflag);
+    if (argv == NULL) {
+        return 0;
+    }
     ret = PyEval_CallObject(func, argv);
     Py_DECREF(argv);
     if (ret == NULL)
         return 0;
     if (!PyBytes_Check(ret))
     {
+        Py_DECREF(ret);
         PyErr_SetString(PyExc_ValueError, "String expected");
         return 0;
     }
     nchars = PyBytes_Size(ret);
-    if (nchars > len)
-        nchars = len;
+    if (nchars > len) {
+        Py_DECREF(ret);
+        PyErr_SetString(PyExc_ValueError,
+                        "passphrase returned by callback is too long");
+        return 0;
+    }
     strncpy(buf, PyBytes_AsString(ret), nchars);
+    Py_DECREF(ret);
     return nchars;
 }
commit	781295ae151fb709e613d1d30f47f31426f8008e	[log] [tgz]
author	Ziga Seilnacht <ziga.seilnacht@gmail.com>	Tue Dec 22 14:58:01 2009 +0100
committer	Jean-Paul Calderone <exarkun@divmod.com>	Tue Dec 22 14:58:01 2009 +0100
tree	5e049389c765d7960b55ad8ea9c5cc7a6822eedb
parent	6b90a40aaaae00de1ba4eef736255fc0eeb7f72a [diff] [blame]