libblake_decode_hex: verify input

Signed-off-by: Mattias Andrée <maandree@kth.se>

3 files changed, 15 insertions, 6 deletions

diff --git a/libblake.h b/libblake.h
index 9f8f3d7..7d818fc 100644
--- a/libblake.h
+++ b/libblake.h
@@ -12,7 +12,7 @@
 #endif
 
 void libblake_encode_hex(const void *data, size_t n, char out[/* static n * 2 + 1 */], int uppercase);
-size_t libblake_decode_hex(const char *data, size_t n, void *out);
+size_t libblake_decode_hex(const char *data, size_t n, void *out, int *validp);
 
 #define LIBBLAKE_BLAKE224_OUTPUT_SIZE (224 / 8)
 #define LIBBLAKE_BLAKE256_OUTPUT_SIZE (256 / 8)
diff --git a/libblake_decode_hex.c b/libblake_decode_hex.c
index 4243d82..afdc31c 100644
--- a/libblake_decode_hex.c
+++ b/libblake_decode_hex.c
@@ -2,19 +2,24 @@
 #include "common.h"
 
 size_t
-libblake_decode_hex(const char *data, size_t n, void *out_)
+libblake_decode_hex(const char *data, size_t n, void *out_, int *validp)
 {
 	unsigned char *out = out_, value;
 	size_t i, j = 0;
 	int odd = 0;
 
+	*validp = 1;
+
 	if (!out) {
 		for (i = 0; i < n && data[i]; i++) {
 			if (isxdigit(data[i])) {
 				j += (size_t)odd;
 				odd ^= 1;
+			} else if (isgraph(data[i])) {
+				*validp = 0;
 			}
 		}
+		*validp &= !odd;
 		return j;
 	}
 
@@ -28,8 +33,11 @@ libblake_decode_hex(const char *data, size_t n, void *out_)
 				out[j++] |= value;
 				odd = 0;
 			}
+		} else if (isgraph(data[i])) {
+			*validp = 0;
 		}
 	}
 
+	*validp &= !odd;
 	return j;
 }
diff --git a/test.c b/test.c
index 2b0b960..890b710 100644
--- a/test.c
+++ b/test.c
@@ -15,6 +15,7 @@ check_hex(int uppercase, const char *hex, const unsigned char *bin, size_t n)
 {
 	unsigned char buf_bin[512];
 	char buf_hex[1025];
+	int valid = 0;
 	memset(buf_bin, 0, sizeof(buf_bin));
 	memset(buf_hex, 0, sizeof(buf_hex));
 	buf_hex[2 * n] = 1;
@@ -23,8 +24,8 @@ check_hex(int uppercase, const char *hex, const unsigned char *bin, size_t n)
 		fprintf(stderr, "libblake_encode_hex with uppercase=%i failed\n", uppercase);
 		exit(1);
 	}
-	if (libblake_decode_hex(hex, SIZE_MAX, NULL) != n ||
-	    libblake_decode_hex(hex, SIZE_MAX, buf_bin) != n ||
+	if (libblake_decode_hex(hex, SIZE_MAX, NULL, &valid) != n || !valid ||
+	    libblake_decode_hex(hex, SIZE_MAX, buf_bin, &valid) != n || !valid ||
 	    memcmp(buf_bin, bin, n)) {
 		fprintf(stderr, "libblake_decode_hex failed\n");
 		exit(1);
@@ -76,7 +77,7 @@ digest_blake1(int length, const void *msg, size_t msglen, size_t bits)
 
 #if 0
 # define CHECK_BLAKE1_HEX(LENGTH, MSG, EXPECTED)\
-	failed |= !check_blake1_(LENGTH, "0x"MSG, buf, libblake_decode_hex(MSG, SIZE_MAX, buf), 0, EXPECTED)
+	failed |= !check_blake1_(LENGTH, "0x"MSG, buf, libblake_decode_hex(MSG, SIZE_MAX, buf, &(int){0}), 0, EXPECTED)
 # define CHECK_BLAKE224_HEX(MSG, EXPECTED) CHECK_BLAKE1_HEX(224, MSG, EXPECTED)
 # define CHECK_BLAKE256_HEX(MSG, EXPECTED) CHECK_BLAKE1_HEX(256, MSG, EXPECTED)
 # define CHECK_BLAKE384_HEX(MSG, EXPECTED) CHECK_BLAKE1_HEX(384, MSG, EXPECTED)
@@ -84,7 +85,7 @@ digest_blake1(int length, const void *msg, size_t msglen, size_t bits)
 #endif
 
 #define CHECK_BLAKE1_BITS(LENGTH, MSG, BITS, EXPECTED)\
-	failed |= !check_blake1_(LENGTH, "0x"MSG, buf, libblake_decode_hex(MSG, SIZE_MAX, buf), BITS, EXPECTED)
+	failed |= !check_blake1_(LENGTH, "0x"MSG, buf, libblake_decode_hex(MSG, SIZE_MAX, buf, &(int){0}), BITS, EXPECTED)
 #define CHECK_BLAKE224_BITS(MSG, BITS, EXPECTED) CHECK_BLAKE1_BITS(224, MSG, BITS, EXPECTED)
 #define CHECK_BLAKE256_BITS(MSG, BITS, EXPECTED) CHECK_BLAKE1_BITS(256, MSG, BITS, EXPECTED)
 #define CHECK_BLAKE384_BITS(MSG, BITS, EXPECTED) CHECK_BLAKE1_BITS(384, MSG, BITS, EXPECTED)