Merge pull request #601 from frankmorgner/coverity
Some more fixes for problems reported by Coverity scan
This commit is contained in:
commit
641a71a2f4
|
@ -101,7 +101,7 @@ static int from_base64(const char *in, unsigned int *out, int *skip)
|
|||
int sc_base64_encode(const u8 *in, size_t len, u8 *out, size_t outlen, size_t linelength)
|
||||
{
|
||||
unsigned int chars = 0;
|
||||
size_t i, c;
|
||||
unsigned int i, c;
|
||||
|
||||
linelength -= linelength & 0x03;
|
||||
while (len >= 3) {
|
||||
|
@ -125,7 +125,7 @@ int sc_base64_encode(const u8 *in, size_t len, u8 *out, size_t outlen, size_t li
|
|||
}
|
||||
i = c = 0;
|
||||
while (c < len)
|
||||
i |= *in++ << ((2 - c++) << 3);
|
||||
i |= ((unsigned int) *in++) << ((2 - c++) << 3);
|
||||
if (len) {
|
||||
if (outlen < 4)
|
||||
return SC_ERROR_BUFFER_TOO_SMALL;
|
||||
|
|
|
@ -1108,11 +1108,8 @@ static int westcos_sign_decipher(int mode, sc_card_t *card,
|
|||
BIO *mem = BIO_new(BIO_s_mem());
|
||||
#endif
|
||||
|
||||
if (card == NULL) {
|
||||
if (keyfile)
|
||||
sc_file_free(keyfile);
|
||||
if (card == NULL)
|
||||
return SC_ERROR_INVALID_ARGUMENTS;
|
||||
}
|
||||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
|
||||
"westcos_sign_decipher outlen=%d\n", outlen);
|
||||
|
||||
|
|
|
@ -95,7 +95,7 @@ ctbcs_build_perform_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *d
|
|||
|
||||
if (data->flags & SC_PIN_CMD_NEED_PADDING) {
|
||||
len = data->pin1.pad_length;
|
||||
if (1 + j + len > buflen || len > 256)
|
||||
if (1 + j + 1 + len > buflen || len > 256)
|
||||
return SC_ERROR_BUFFER_TOO_SMALL;
|
||||
buf[j++] = len;
|
||||
memset(buf+j, data->pin1.pad_char, len);
|
||||
|
@ -170,7 +170,7 @@ ctbcs_build_modify_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *da
|
|||
|
||||
if (data->flags & SC_PIN_CMD_NEED_PADDING) {
|
||||
len = data->pin1.pad_length + data->pin2.pad_length;
|
||||
if (1 + j + len > buflen || len > 256)
|
||||
if (1 + j + 1 + len > buflen || len > 256)
|
||||
return SC_ERROR_BUFFER_TOO_SMALL;
|
||||
buf[j++] = len;
|
||||
memset(buf+j, data->pin1.pad_char, len);
|
||||
|
|
|
@ -269,7 +269,7 @@ int dnie_read_file(sc_card_t * card,
|
|||
dnie_read_file_err:
|
||||
if (data)
|
||||
free(data);
|
||||
if (*file) {
|
||||
if (file && *file) {
|
||||
sc_file_free(*file);
|
||||
*file = NULL;
|
||||
}
|
||||
|
|
|
@ -1402,6 +1402,7 @@ int cwa_create_secure_channel(sc_card_t * card,
|
|||
/* arriving here means ok: cleanup */
|
||||
res = SC_SUCCESS;
|
||||
csc_end:
|
||||
free(tlv);
|
||||
if (icc_cert)
|
||||
X509_free(icc_cert);
|
||||
if (ca_cert)
|
||||
|
|
|
@ -1286,8 +1286,10 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
|
|||
sc_log(ctx, "sc_pkcs15_pubkey_from_spki_fields() called: %p:%d\n%s", buf, buflen, sc_dump_hex(buf, buflen));
|
||||
|
||||
tmp_buf = malloc(buflen);
|
||||
if (!tmp_buf)
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||
if (!tmp_buf) {
|
||||
r = SC_ERROR_OUT_OF_MEMORY;
|
||||
LOG_TEST_GOTO_ERR(ctx, r, "");
|
||||
}
|
||||
memcpy(tmp_buf, buf, buflen);
|
||||
|
||||
if ((*tmp_buf & SC_ASN1_TAG_CONTEXT))
|
||||
|
@ -1295,8 +1297,10 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
|
|||
|
||||
memset(&pk_alg, 0, sizeof(pk_alg));
|
||||
pubkey = calloc(1, sizeof(sc_pkcs15_pubkey_t));
|
||||
if (pubkey == NULL)
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||
if (pubkey == NULL) {
|
||||
r = SC_ERROR_OUT_OF_MEMORY;
|
||||
LOG_TEST_GOTO_ERR(ctx, r, "");
|
||||
}
|
||||
*outpubkey = pubkey;
|
||||
|
||||
sc_copy_asn1_entry(c_asn1_pkinfo, asn1_pkinfo);
|
||||
|
@ -1305,11 +1309,13 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
|
|||
sc_format_asn1_entry(asn1_pkinfo + 1, &pk.value, &pk.len, 0);
|
||||
|
||||
r = sc_asn1_decode(ctx, asn1_pkinfo, tmp_buf, buflen, NULL, NULL);
|
||||
LOG_TEST_RET(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
|
||||
LOG_TEST_GOTO_ERR(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
|
||||
|
||||
pubkey->alg_id = calloc(1, sizeof(struct sc_algorithm_id));
|
||||
if (pubkey->alg_id == NULL)
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||
if (pubkey->alg_id == NULL) {
|
||||
r = SC_ERROR_OUT_OF_MEMORY;
|
||||
LOG_TEST_GOTO_ERR(ctx, r, "");
|
||||
}
|
||||
|
||||
memcpy(pubkey->alg_id, &pk_alg, sizeof(struct sc_algorithm_id));
|
||||
pubkey->algorithm = pk_alg.algorithm;
|
||||
|
@ -1330,13 +1336,15 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
|
|||
struct sc_ec_parameters *ecp = (struct sc_ec_parameters *)pubkey->alg_id->params;
|
||||
|
||||
pubkey->u.ec.params.der.value = malloc(ecp->der.len);
|
||||
if (pubkey->u.ec.params.der.value == NULL)
|
||||
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);
|
||||
if (pubkey->u.ec.params.der.value == NULL) {
|
||||
r = SC_ERROR_OUT_OF_MEMORY;
|
||||
LOG_TEST_GOTO_ERR(ctx, r, "");
|
||||
}
|
||||
|
||||
memcpy(pubkey->u.ec.params.der.value, ecp->der.value, ecp->der.len);
|
||||
pubkey->u.ec.params.der.len = ecp->der.len;
|
||||
r = sc_pkcs15_fix_ec_parameters(ctx, &pubkey->u.ec.params);
|
||||
LOG_TEST_RET(ctx, r, "failed to fix EC parameters");
|
||||
LOG_TEST_GOTO_ERR(ctx, r, "failed to fix EC parameters");
|
||||
}
|
||||
|
||||
pubkey->u.ec.ecpointQ.value = malloc(pk.len);
|
||||
|
@ -1348,15 +1356,16 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
|
|||
else {
|
||||
/* Public key is expected to be encapsulated into BIT STRING */
|
||||
r = sc_pkcs15_decode_pubkey(ctx, pubkey, pk.value, pk.len);
|
||||
LOG_TEST_RET(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
|
||||
LOG_TEST_GOTO_ERR(ctx, r, "ASN.1 parsing of subjectPubkeyInfo failed");
|
||||
}
|
||||
|
||||
err:
|
||||
if (pk.value)
|
||||
free(pk.value);
|
||||
if (tmp_buf)
|
||||
free(tmp_buf);
|
||||
|
||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||
LOG_FUNC_RETURN(ctx, r);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -210,7 +210,8 @@ static int parse_EF_CardInfo(sc_pkcs15_card_t *p15card)
|
|||
u8 info2[MAX_INFO2_SIZE];
|
||||
size_t info2_len = MAX_INFO2_SIZE;
|
||||
u8 *p1, *p2;
|
||||
size_t key_num, i;
|
||||
size_t i;
|
||||
unsigned int key_num;
|
||||
struct sc_context *ctx = p15card->card->ctx;
|
||||
size_t offset;
|
||||
|
||||
|
@ -223,8 +224,10 @@ static int parse_EF_CardInfo(sc_pkcs15_card_t *p15card)
|
|||
if (r != SC_SUCCESS)
|
||||
return SC_ERROR_WRONG_CARD;
|
||||
/* get the number of private keys */
|
||||
key_num = info1[info1_len-1] | (info1[info1_len-2] << 8) |
|
||||
(info1[info1_len-3] << 16) | (info1[info1_len-4] << 24);
|
||||
key_num = ((unsigned int) info1[info1_len-1])
|
||||
| (((unsigned int) info1[info1_len-2]) << 8)
|
||||
| (((unsigned int) info1[info1_len-3]) << 16)
|
||||
| (((unsigned int) info1[info1_len-4]) << 24);
|
||||
sc_debug(ctx, SC_LOG_DEBUG_NORMAL,
|
||||
"found %d private keys\n", (int)key_num);
|
||||
/* set p1 to the address of the first key descriptor */
|
||||
|
|
|
@ -601,8 +601,10 @@ static int create_key_files(void)
|
|||
sc_file_add_acl_entry(file, SC_AC_OP_INVALIDATE, SC_AC_CHV, 1);
|
||||
sc_file_add_acl_entry(file, SC_AC_OP_REHABILITATE, SC_AC_CHV, 1);
|
||||
|
||||
if (select_app_df())
|
||||
if (select_app_df()) {
|
||||
sc_file_free(file);
|
||||
return 1;
|
||||
}
|
||||
r = sc_create_file(card, file);
|
||||
sc_file_free(file);
|
||||
if (r) {
|
||||
|
|
|
@ -828,8 +828,10 @@ static void print_ssh_key(FILE *outf, const char * alg, struct sc_pkcs15_object
|
|||
// Old style openssh - [<quote protected options> <whitespace> <keytype> <whitespace> <key> [<whitespace> anything else]
|
||||
//
|
||||
r = sc_base64_encode(buf, len, uu, 2*len, 0);
|
||||
if (r < 0)
|
||||
if (r < 0) {
|
||||
free(uu);
|
||||
return;
|
||||
}
|
||||
|
||||
if (obj->label[0] != '\0')
|
||||
fprintf(outf,"ssh-%s %s %.*s\n", alg, uu, (int) sizeof obj->label, obj->label);
|
||||
|
@ -1294,7 +1296,7 @@ static int list_apps(FILE *fout)
|
|||
for (i=0; i<p15card->card->app_count; i++) {
|
||||
struct sc_app_info *info = p15card->card->app[i];
|
||||
|
||||
fprintf(fout, "Application '%.*s':\n", (int) sizeof info->label, info->label);
|
||||
fprintf(fout, "Application '%s':\n", info->label);
|
||||
fprintf(fout, "\tAID: ");
|
||||
for(j=0;j<info->aid.len;j++)
|
||||
fprintf(fout, "%02X", info->aid.value[j]);
|
||||
|
|
|
@ -665,6 +665,7 @@ static int recreate_password_from_shares(char **pwd, int *pwdlen, int num_of_pas
|
|||
memset(inbuf, 0, sizeof(inbuf));
|
||||
if (fgets(inbuf, sizeof(inbuf), stdin) == NULL) {
|
||||
fprintf(stderr, "Input aborted\n");
|
||||
free(shares);
|
||||
return -1;
|
||||
}
|
||||
binlen = 64;
|
||||
|
|
Loading…
Reference in New Issue