Fix bugs

CMakeLists.txt

@@ -819,7 +819,7 @@ endif()
 #
 set(CPACK_PACKAGE_NAME "GmSSL")
 set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
-set(CPACK_PACKAGE_VERSION "3.2.0-dev.1085")
+set(CPACK_PACKAGE_VERSION "3.2.0-dev.1086")
 set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
 set(CPACK_NSIS_MODIFY_PATH ON)
 include(CPack)

include/gmssl/version.h

@@ -18,7 +18,7 @@ extern "C" {
 
 
 #define GMSSL_VERSION_NUM	30200
-#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1085"
+#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1086"
 
 int gmssl_version_num(void);
 const char *gmssl_version_str(void);

tools/kyberdecap.c

@@ -38,7 +38,7 @@ int kyberdecap_main(int argc, char **argv)
 	FILE *keyfp = NULL;
 	FILE *infp = stdin;
 	FILE *outfp = stdout;
-	uint8_t keybuf[KYBER_PRIVATE_KEY_SIZE];
+	uint8_t keybuf[KYBER_PRIVATE_KEY_SIZE] = {0};
 	size_t keylen = KYBER_PRIVATE_KEY_SIZE;
 	const uint8_t *cp = keybuf;
 	uint8_t *p = keybuf;

tools/sdfdecrypt.c

@@ -199,6 +199,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 	if (sdf_cbc_decrypt_finish(&ctx, buf, &outlen) != 1) {
 		error_print();
 		goto end;

tools/sdfdigest.c

@@ -152,7 +152,7 @@ int sdfdigest_main(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			infile = *(++argv);
 			if (!(infp = fopen(infile, "rb"))) {
-				fprintf(stderr, "gmssl%s: open '%s' failure : %s\n", prog, infile, strerror(errno));
+				fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, infile, strerror(errno));
 				goto end;
 			}
 		} else if (!strcmp(*argv, "-out")) {
@@ -236,6 +236,10 @@ bad:
 				goto end;
 			}
 		}
+		if (ferror(infp)) {
+			fprintf(stderr, "%s: read failure\n", prog);
+			goto end;
+		}
 		memset(buf, 0, sizeof(buf));
 	}
 	if (sdf_digest_finish(&ctx, dgst) != 1) {

tools/sdfencrypt.c

@@ -207,6 +207,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 	if (sdf_cbc_encrypt_finish(&ctx, buf, &outlen) != 1) {
 		error_print();
 		goto end;

tools/sdfsign.c

@@ -153,6 +153,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 	if (sdf_sign_finish(&ctx, sig, &siglen) != 1) {
 		(void)sdf_close_device(&dev);
 		fprintf(stderr, "gmssl %s: inner error\n", prog);

tools/sdfutil.c

@@ -174,6 +174,10 @@ bad:
 		while ((len = fread(buf, 1, sizeof(buf), infp)) > 0) {
 			sm3_update(&sm3_ctx, buf, len);
 		}
+		if (ferror(infp)) {
+			fprintf(stderr, "%s: read failure\n", prog);
+			goto end;
+		}
 		sm3_finish(&sm3_ctx, dgst);
 
 		if ((ret = sdf_sign(&key, dgst, sig, &siglen)) != 1) {

tools/skfutil.c

@@ -231,6 +231,10 @@ bad:
 		while ((len = fread(buf, 1, sizeof(buf), infp)) > 0) {
 			sm3_update(&sm3_ctx, buf, len);
 		}
+		if (ferror(infp)) {
+			fprintf(stderr, "%s: read failure\n", prog);
+			goto end;
+		}
 		sm3_finish(&sm3_ctx, dgst);
 
 		if ((ret = skf_sign(&key, dgst, sig, &siglen)) != 1) {

tools/sm2sign.c

@@ -131,6 +131,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 	if (sm2_sign_finish(&sign_ctx, sig, &siglen) != 1) {
 		fprintf(stderr, "gmssl %s: inner error\n", prog);
 		goto end;

tools/sm2verify.c

@@ -167,6 +167,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 	if ((vr = sm2_verify_finish(&verify_ctx, sig, siglen)) < 0) {
 		fprintf(stderr, "gmssl %s: inner error\n", prog);
 		goto end;

tools/sm3.c

@@ -214,6 +214,10 @@ bad:
 				goto end;
 			}
 		}
+		if (ferror(infp)) {
+			fprintf(stderr, "%s: read failure\n", prog);
+			goto end;
+		}
 		memset(buf, 0, sizeof(buf));
 	}
 	if (sm3_digest_finish(&sm3_ctx, dgst) != 1) {

tools/sm3hmac.c

@@ -161,6 +161,10 @@ bad:
 				goto end;
 			}
 		}
+		if (ferror(infp)) {
+			fprintf(stderr, "%s: read failure\n", prog);
+			goto end;
+		}
 		memset(buf, 0, sizeof(buf));
 	}
 	if (sm3_digest_finish(&ctx, mac) != 1) {

tools/sm4_cbc.c

@@ -178,6 +178,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (enc) {
 		if (sm4_cbc_encrypt_finish(&ctx, buf, &outlen) != 1) {

tools/sm4_cbc_mac.c

@@ -161,6 +161,10 @@ bad:
 				goto end;
 			}
 		}
+		if (ferror(infp)) {
+			fprintf(stderr, "%s: read failure\n", prog);
+			goto end;
+		}
 		memset(buf, 0, sizeof(buf));
 	}
 	if (sm4_cbc_mac_finish(&ctx, mac) != 1) {

tools/sm4_cbc_sm3_hmac.c

@@ -205,6 +205,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (enc) {
 		if (sm4_cbc_sm3_hmac_encrypt_finish(&ctx, buf, &outlen) != 1) {

tools/sm4_cfb.c

@@ -194,6 +194,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (enc) {
 		if (sm4_cfb_encrypt_finish(&ctx, buf, &outlen) != 1) {

tools/sm4_ctr.c

@@ -149,6 +149,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (sm4_ctr_encrypt_finish(&ctx, buf, &outlen) != 1) {
 		error_print();

tools/sm4_ctr_sm3_hmac.c

@@ -205,6 +205,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (enc) {
 		if (sm4_ctr_sm3_hmac_encrypt_finish(&ctx, buf, &outlen) != 1) {

tools/sm4_ecb.c

@@ -158,6 +158,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (enc) {
 		if (sm4_ecb_encrypt_finish(&ctx, buf, &outlen) != 1) {

tools/sm4_gcm.c

@@ -214,6 +214,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (enc) {
 		if (sm4_gcm_encrypt_finish(&ctx, buf, &outlen) != 1) {

tools/sm4_ofb.c

@@ -149,6 +149,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (sm4_ofb_encrypt_finish(&ctx, buf, &outlen) != 1) {
 		error_print();

tools/sm4_xts.c

@@ -191,6 +191,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 
 	if (enc) {
 		if (sm4_xts_encrypt_finish(&ctx, buf, &outlen) != 1) {

tools/sm9sign.c

@@ -120,6 +120,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 	if (sm9_sign_finish(&ctx, &key, sig, &siglen) != 1) {
 		error_print();
 		goto end;

tools/sm9verify.c

@@ -124,6 +124,10 @@ bad:
 			goto end;
 		}
 	}
+	if (ferror(infp)) {
+		fprintf(stderr, "%s: read failure\n", prog);
+		goto end;
+	}
 	if ((ret = sm9_verify_finish(&ctx, sig, siglen, &mpk, id, strlen(id))) != 1) {
 		error_print();
 		goto end;

tools/tlcp_server.c

@@ -7,6 +7,21 @@
  *  http://www.apache.org/licenses/LICENSE-2.0
  */
 
+/*
+ * FIXME: 本文件中多处使用 atoi() 解析命令行参数（如 -port），存在安全隐患：
+ *
+ * 1. 错误不可检测：atoi("abc") 和 atoi("0") 均返回 0，无法区分有效值 0 和解析错误。
+ * 2. 溢出是未定义行为：atoi 遇到超出 INT_MAX 的输入时行为未定义，编译器可能产生不可预测的结果。
+ * 3. 负数可绕过边界检查：atoi("-1") 返回 -1，可能绕过只检查下界的验证逻辑。
+ *
+ * 应在后续版本中将 atoi 替换为 strtol()，配合 errno 和 endptr 做完整的错误检查：
+ *   errno = 0;
+ *   long val = strtol(arg, &endptr, 10);
+ *   if (errno || *endptr || val < 0 || val > INT_MAX) { error; }
+ *   port = (int)val;
+ *
+ * 同样的 atoi 问题也存在于其他 tlcp_*.c、tls12_*.c、tls13_*.c 以及 sm4*.c 等工具文件中。
+ */
 
 #include <stdio.h>
 #include <string.h>