Merge pull request #601 from frankmorgner/coverity

Some more fixes for problems reported by Coverity scan

src/libopensc/base64.c

@@ -101,7 +101,7 @@ static int from_base64(const char *in, unsigned int *out, int *skip)
 int sc_base64_encode(const u8 *in, size_t len, u8 *out, size_t outlen, size_t linelength)
 {
 	unsigned int chars = 0;
-	size_t i, c;
+	unsigned int i, c;
 
 	linelength -= linelength & 0x03;
 	while (len >= 3) {
@@ -125,7 +125,7 @@ int sc_base64_encode(const u8 *in, size_t len, u8 *out, size_t outlen, size_t li
 	}
 	i = c = 0;
 	while (c < len)
-		i |= *in++ << ((2 - c++) << 3);
+		i |= ((unsigned int) *in++) << ((2 - c++) << 3);
 	if (len) {
 		if (outlen < 4)
 			return SC_ERROR_BUFFER_TOO_SMALL;

src/libopensc/card-westcos.c

@@ -1108,11 +1108,8 @@ static int westcos_sign_decipher(int mode, sc_card_t *card,
 	BIO *mem = BIO_new(BIO_s_mem());
 #endif
 
-	if (card == NULL) {
-		if (keyfile)
-			sc_file_free(keyfile);
+	if (card == NULL)
 		return SC_ERROR_INVALID_ARGUMENTS;
-	}
 	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
 		"westcos_sign_decipher outlen=%d\n", outlen);
 	

src/libopensc/ctbcs.c

@@ -95,7 +95,7 @@ ctbcs_build_perform_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *d
 
 	if (data->flags & SC_PIN_CMD_NEED_PADDING) {
 		len = data->pin1.pad_length;
-		if (1 + j + len > buflen || len > 256)
+		if (1 + j + 1 + len > buflen || len > 256)
 			return SC_ERROR_BUFFER_TOO_SMALL;
 		buf[j++] = len;
 		memset(buf+j, data->pin1.pad_char, len);
@@ -170,7 +170,7 @@ ctbcs_build_modify_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *da
 
 	if (data->flags & SC_PIN_CMD_NEED_PADDING) {
 		len = data->pin1.pad_length + data->pin2.pad_length;
-		if (1 + j + len > buflen || len > 256)
+		if (1 + j + 1 + len > buflen || len > 256)
 			return SC_ERROR_BUFFER_TOO_SMALL;
 		buf[j++] = len;
 		memset(buf+j, data->pin1.pad_char, len);

src/libopensc/cwa-dnie.c

@@ -269,7 +269,7 @@ int dnie_read_file(sc_card_t * card,
  dnie_read_file_err:
 	if (data)
 		free(data);
-	if (*file) {
+	if (file && *file) {
 		sc_file_free(*file);
 		*file = NULL;
 	}

src/libopensc/cwa14890.c

@@ -1402,6 +1402,7 @@ int cwa_create_secure_channel(sc_card_t * card,
 	/* arriving here means ok: cleanup */
 	res = SC_SUCCESS;
  csc_end:
+	free(tlv);
 	if (icc_cert)
 		X509_free(icc_cert);
 	if (ca_cert)

src/libopensc/pkcs15-pubkey.c

@@ -1286,8 +1286,10 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
 	sc_log(ctx, "sc_pkcs15_pubkey_from_spki_fields() called: %p:%d\n%s", buf, buflen, sc_dump_hex(buf, buflen));
 
 	tmp_buf = malloc(buflen);
-	if (!tmp_buf)
-		LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
+	if (!tmp_buf) {
+		r = SC_ERROR_OUT_OF_MEMORY;
+		LOG_TEST_GOTO_ERR(ctx, r, "");
+	}
 	memcpy(tmp_buf, buf, buflen);
 
 	if ((*tmp_buf & SC_ASN1_TAG_CONTEXT))
@@ -1295,8 +1297,10 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
 
 	memset(&pk_alg, 0, sizeof(pk_alg));
 	pubkey = calloc(1, sizeof(sc_pkcs15_pubkey_t));
-	if (pubkey == NULL)
-		LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
+	if (pubkey == NULL) {
+		r = SC_ERROR_OUT_OF_MEMORY;
+		LOG_TEST_GOTO_ERR(ctx, r, "");
+	}
 	*outpubkey = pubkey;
 
 	sc_copy_asn1_entry(c_asn1_pkinfo, asn1_pkinfo);
@@ -1305,11 +1309,13 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
 	sc_format_asn1_entry(asn1_pkinfo + 1, &pk.value, &pk.len, 0);
 
 	r = sc_asn1_decode(ctx, asn1_pkinfo, tmp_buf, buflen, NULL, NULL);
-	LOG_TEST_RET(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
+	LOG_TEST_GOTO_ERR(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
 
 	pubkey->alg_id = calloc(1, sizeof(struct sc_algorithm_id));
-	if (pubkey->alg_id == NULL)
-		LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
+	if (pubkey->alg_id == NULL) {
+		r = SC_ERROR_OUT_OF_MEMORY;
+		LOG_TEST_GOTO_ERR(ctx, r, "");
+	}
 
 	memcpy(pubkey->alg_id, &pk_alg, sizeof(struct sc_algorithm_id));
 	pubkey->algorithm = pk_alg.algorithm;
@@ -1330,13 +1336,15 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
 			struct sc_ec_parameters *ecp = (struct sc_ec_parameters *)pubkey->alg_id->params;
 
 			pubkey->u.ec.params.der.value = malloc(ecp->der.len);
-			if (pubkey->u.ec.params.der.value == NULL)
-				LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
+			if (pubkey->u.ec.params.der.value == NULL) {
+				r = SC_ERROR_OUT_OF_MEMORY;
+				LOG_TEST_GOTO_ERR(ctx, r, "");
+			}
 
 			memcpy(pubkey->u.ec.params.der.value, ecp->der.value, ecp->der.len);
 			pubkey->u.ec.params.der.len = ecp->der.len;
 			r = sc_pkcs15_fix_ec_parameters(ctx, &pubkey->u.ec.params);
-			LOG_TEST_RET(ctx, r, "failed to fix EC parameters");
+			LOG_TEST_GOTO_ERR(ctx, r, "failed to fix EC parameters");
 		}
 
 		pubkey->u.ec.ecpointQ.value = malloc(pk.len);
@@ -1348,15 +1356,16 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
 	else   {
 		/* Public key is expected to be encapsulated into BIT STRING */
 		r = sc_pkcs15_decode_pubkey(ctx, pubkey, pk.value, pk.len);
-		LOG_TEST_RET(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
+		LOG_TEST_GOTO_ERR(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
 	}
 
+err:
 	if (pk.value)
 		free(pk.value);
 	if (tmp_buf)
 		free(tmp_buf);
 
-	LOG_FUNC_RETURN(ctx, SC_SUCCESS);
+	LOG_FUNC_RETURN(ctx, r);
 }
 
 

src/libopensc/pkcs15-tccardos.c

@@ -210,7 +210,8 @@ static int parse_EF_CardInfo(sc_pkcs15_card_t *p15card)
 	u8     info2[MAX_INFO2_SIZE];
 	size_t info2_len = MAX_INFO2_SIZE;
 	u8     *p1, *p2;
-	size_t key_num, i;
+	size_t i;
+	unsigned int key_num;
 	struct sc_context *ctx = p15card->card->ctx;
 	size_t offset;
 
@@ -223,8 +224,10 @@ static int parse_EF_CardInfo(sc_pkcs15_card_t *p15card)
 	if (r != SC_SUCCESS)
 		return SC_ERROR_WRONG_CARD;
 	/* get the number of private keys */
-	key_num = info1[info1_len-1] | (info1[info1_len-2] << 8) |
-		  (info1[info1_len-3] << 16) | (info1[info1_len-4] << 24);
+	key_num = ((unsigned int) info1[info1_len-1])
+		| (((unsigned int) info1[info1_len-2]) << 8)
+	   	| (((unsigned int) info1[info1_len-3]) << 16)
+	   	| (((unsigned int) info1[info1_len-4]) << 24);
 	sc_debug(ctx, SC_LOG_DEBUG_NORMAL,
 		"found %d private keys\n", (int)key_num);
 	/* set p1 to the address of the first key descriptor */

src/tools/cryptoflex-tool.c

@@ -601,8 +601,10 @@ static int create_key_files(void)
 	sc_file_add_acl_entry(file, SC_AC_OP_INVALIDATE, SC_AC_CHV, 1);
 	sc_file_add_acl_entry(file, SC_AC_OP_REHABILITATE, SC_AC_CHV, 1);
 
-	if (select_app_df())
+	if (select_app_df()) {
+		sc_file_free(file);
 		return 1;
+	}
 	r = sc_create_file(card, file);
 	sc_file_free(file);
 	if (r) {

src/tools/pkcs15-tool.c

@@ -828,8 +828,10 @@ static void print_ssh_key(FILE *outf, const char * alg, struct sc_pkcs15_object
 		// Old style openssh - [<quote protected options> <whitespace> <keytype> <whitespace> <key> [<whitespace> anything else]
 		//
 		r = sc_base64_encode(buf, len, uu, 2*len, 0);
-		if (r < 0)
+		if (r < 0) {
+			free(uu);
 			return;
+		}
 
 		if (obj->label[0] != '\0')
 			fprintf(outf,"ssh-%s %s %.*s\n", alg, uu, (int) sizeof obj->label, obj->label);
@@ -1294,7 +1296,7 @@ static int list_apps(FILE *fout)
 	for (i=0; i<p15card->card->app_count; i++)   {
 		struct sc_app_info *info = p15card->card->app[i];
 
-		fprintf(fout, "Application '%.*s':\n", (int) sizeof info->label, info->label);
+		fprintf(fout, "Application '%s':\n", info->label);
 		fprintf(fout, "\tAID: ");
 		for(j=0;j<info->aid.len;j++)
 			fprintf(fout, "%02X", info->aid.value[j]);

src/tools/sc-hsm-tool.c

@@ -665,6 +665,7 @@ static int recreate_password_from_shares(char **pwd, int *pwdlen, int num_of_pas
 	memset(inbuf, 0, sizeof(inbuf));
 	if (fgets(inbuf, sizeof(inbuf), stdin) == NULL) {
 		fprintf(stderr, "Input aborted\n");
+		free(shares);
 		return -1;
 	}
 	binlen = 64;