diff --git a/src/common/libpkcs11.c b/src/common/libpkcs11.c index 4ded9389..e65fda7e 100644 --- a/src/common/libpkcs11.c +++ b/src/common/libpkcs11.c @@ -50,6 +50,9 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs) sc_pkcs11_module_t *mod; CK_RV rv, (*c_get_function_list)(CK_FUNCTION_LIST_PTR_PTR); mod = calloc(1, sizeof(*mod)); + if (mod == NULL) { + return NULL; + } mod->_magic = MAGIC; if (mspec == NULL) { diff --git a/src/common/simclist.c b/src/common/simclist.c index 06f65750..c8e87cca 100644 --- a/src/common/simclist.c +++ b/src/common/simclist.c @@ -229,7 +229,11 @@ static simclist_inline long get_random() { /* list initialization */ int list_init(list_t *simclist_restrict l) { - if (l == NULL) return -1; + if (l == NULL) { + return -1; + } + + memset(l, 0, sizeof *l); seed_random(); @@ -238,6 +242,9 @@ int list_init(list_t *simclist_restrict l) { /* head/tail sentinels and mid pointer */ l->head_sentinel = (struct list_entry_s *)malloc(sizeof(struct list_entry_s)); l->tail_sentinel = (struct list_entry_s *)malloc(sizeof(struct list_entry_s)); + if (l->tail_sentinel == NULL || l->head_sentinel == NULL) { + return -1; + } l->head_sentinel->next = l->tail_sentinel; l->tail_sentinel->prev = l->head_sentinel; l->head_sentinel->prev = l->tail_sentinel->next = l->mid = NULL; @@ -249,14 +256,19 @@ int list_init(list_t *simclist_restrict l) { l->iter_curentry = NULL; /* free-list attributes */ - l->spareels = (struct list_entry_s **)malloc(SIMCLIST_MAX_SPARE_ELEMS * sizeof(struct list_entry_s *)); l->spareelsnum = 0; + l->spareels = (struct list_entry_s **)malloc(SIMCLIST_MAX_SPARE_ELEMS * sizeof(struct list_entry_s *)); + if (l->spareels == NULL) { + return -1; + } #ifdef SIMCLIST_WITH_THREADS l->threadcount = 0; #endif - list_attributes_setdefaults(l); + if (0 != list_attributes_setdefaults(l)) { + return -1; + } assert(list_repOk(l)); assert(list_attrOk(l)); @@ -402,6 +414,8 @@ static simclist_inline struct list_entry_s *list_findpos(const list_t *simclist_ float x; int i; + if (l->head_sentinel == NULL || l->tail_sentinel == NULL) return NULL; + /* accept 1 slot overflow for fetching head and tail sentinels */ if (posstart < -1 || posstart > (int)l->numels) return NULL; @@ -430,6 +444,9 @@ void *list_extract_at(list_t *simclist_restrict l, unsigned int pos) { if (l->iter_active || pos >= l->numels) return NULL; tmp = list_findpos(l, pos); + if (tmp == NULL) { + return NULL; + } data = tmp->data; tmp->data = NULL; /* save data from list_drop_elem() free() */ @@ -452,14 +469,18 @@ int list_insert_at(list_t *simclist_restrict l, const void *data, unsigned int p l->spareelsnum--; } else { lent = (struct list_entry_s *)malloc(sizeof(struct list_entry_s)); - if (lent == NULL) + if (lent == NULL) { return -1; + } } if (l->attrs.copy_data) { /* make room for user' data (has to be copied) */ size_t datalen = l->attrs.meter(data); lent->data = (struct list_entry_s *)malloc(datalen); + if (lent->data == NULL) { + return -1; + } memcpy(lent->data, data, datalen); } else { lent->data = (void*)data; @@ -467,6 +488,9 @@ int list_insert_at(list_t *simclist_restrict l, const void *data, unsigned int p /* actually append element */ prec = list_findpos(l, pos-1); + if (prec == NULL) { + return -1; + } succ = prec->next; prec->next = lent; @@ -533,6 +557,9 @@ int list_delete_range(list_t *simclist_restrict l, unsigned int posstart, unsign if (l->iter_active || posend < posstart || posend >= l->numels) return -1; tmp = list_findpos(l, posstart); /* first el to be deleted */ + if (tmp == NULL) { + return -1; + } lastvalid = tmp->prev; /* last valid element */ numdel = posend - posstart + 1; @@ -591,34 +618,36 @@ int list_clear(list_t *simclist_restrict l) { if (l->iter_active) return -1; - if (l->attrs.copy_data) { /* also free user data */ - /* spare a loop conditional with two loops: spareing elems and freeing elems */ - for (s = l->head_sentinel->next; l->spareelsnum < SIMCLIST_MAX_SPARE_ELEMS && s != l->tail_sentinel; s = s->next) { - /* move elements as spares as long as there is room */ - if (s->data != NULL) free(s->data); - l->spareels[l->spareelsnum++] = s; + if (l->head_sentinel && l->tail_sentinel) { + if (l->attrs.copy_data) { /* also free user data */ + /* spare a loop conditional with two loops: spareing elems and freeing elems */ + for (s = l->head_sentinel->next; l->spareelsnum < SIMCLIST_MAX_SPARE_ELEMS && s != l->tail_sentinel; s = s->next) { + /* move elements as spares as long as there is room */ + if (s->data != NULL) free(s->data); + l->spareels[l->spareelsnum++] = s; + } + while (s != l->tail_sentinel) { + /* free the remaining elems */ + if (s->data != NULL) free(s->data); + s = s->next; + free(s->prev); + } + l->head_sentinel->next = l->tail_sentinel; + l->tail_sentinel->prev = l->head_sentinel; + } else { /* only free element containers */ + /* spare a loop conditional with two loops: spareing elems and freeing elems */ + for (s = l->head_sentinel->next; l->spareelsnum < SIMCLIST_MAX_SPARE_ELEMS && s != l->tail_sentinel; s = s->next) { + /* move elements as spares as long as there is room */ + l->spareels[l->spareelsnum++] = s; + } + while (s != l->tail_sentinel) { + /* free the remaining elems */ + s = s->next; + free(s->prev); + } + l->head_sentinel->next = l->tail_sentinel; + l->tail_sentinel->prev = l->head_sentinel; } - while (s != l->tail_sentinel) { - /* free the remaining elems */ - if (s->data != NULL) free(s->data); - s = s->next; - free(s->prev); - } - l->head_sentinel->next = l->tail_sentinel; - l->tail_sentinel->prev = l->head_sentinel; - } else { /* only free element containers */ - /* spare a loop conditional with two loops: spareing elems and freeing elems */ - for (s = l->head_sentinel->next; l->spareelsnum < SIMCLIST_MAX_SPARE_ELEMS && s != l->tail_sentinel; s = s->next) { - /* move elements as spares as long as there is room */ - l->spareels[l->spareelsnum++] = s; - } - while (s != l->tail_sentinel) { - /* free the remaining elems */ - s = s->next; - free(s->prev); - } - l->head_sentinel->next = l->tail_sentinel; - l->tail_sentinel->prev = l->head_sentinel; } l->numels = 0; l->mid = NULL; @@ -640,6 +669,8 @@ int list_locate(const list_t *simclist_restrict l, const void *data) { struct list_entry_s *el; int pos = 0; + if (l->head_sentinel == NULL || l->tail_sentinel == NULL) return -1; + if (l->attrs.comparator != NULL) { /* use comparator */ for (el = l->head_sentinel->next; el != l->tail_sentinel; el = el->next, pos++) { @@ -661,6 +692,8 @@ void *list_seek(list_t *simclist_restrict l, const void *indicator) { if (l->attrs.seeker == NULL) return NULL; + if (l->head_sentinel == NULL || l->tail_sentinel == NULL) return NULL; + for (iter = l->head_sentinel->next; iter != l->tail_sentinel; iter = iter->next) { if (l->attrs.seeker(iter->data, indicator) != 0) return iter->data; } @@ -677,11 +710,15 @@ int list_concat(const list_t *l1, const list_t *l2, list_t *simclist_restrict de unsigned int cnt; int err; - if (l1 == NULL || l2 == NULL || dest == NULL || l1 == dest || l2 == dest) return -1; - list_init(dest); + if (l1->head_sentinel == NULL || l1->tail_sentinel == NULL + || l2->head_sentinel == NULL || l2->tail_sentinel == NULL) return -1; + + if (0 != list_init(dest)) { + return -1; + } dest->numels = l1->numels + l2->numels; if (dest->numels == 0) @@ -692,6 +729,9 @@ int list_concat(const list_t *l1, const list_t *l2, list_t *simclist_restrict de el = dest->head_sentinel; while (srcel != l1->tail_sentinel) { el->next = (struct list_entry_s *)malloc(sizeof(struct list_entry_s)); + if (el->next == NULL) { + return -1; + } el->next->prev = el; el = el->next; el->data = srcel->data; @@ -702,6 +742,9 @@ int list_concat(const list_t *l1, const list_t *l2, list_t *simclist_restrict de srcel = l2->head_sentinel->next; while (srcel != l2->tail_sentinel) { el->next = (struct list_entry_s *)malloc(sizeof(struct list_entry_s)); + if (el->next == NULL) { + return -1; + } el->next->prev = el; el = el->next; el->data = srcel->data; @@ -731,6 +774,9 @@ int list_sort(list_t *simclist_restrict l, int versus) { if (l->numels <= 1) return 0; + + if (l->head_sentinel == NULL || l->tail_sentinel == NULL) return -1; + list_sort_quicksort(l, versus, 0, l->head_sentinel->next, l->numels-1, l->tail_sentinel->prev); assert(list_repOk(l)); return 0; @@ -869,6 +915,9 @@ static void list_sort_quicksort(list_t *simclist_restrict l, int versus, /* prepare wrapped args, then start thread */ if (l->threadcount < SIMCLIST_MAXTHREADS-1) { struct list_sort_wrappedparams *wp = (struct list_sort_wrappedparams *)malloc(sizeof(struct list_sort_wrappedparams)); + if (wp == NULL) { + return -1; + } l->threadcount++; traised = 1; wp->l = l; @@ -899,6 +948,7 @@ static void list_sort_quicksort(list_t *simclist_restrict l, int versus, int list_iterator_start(list_t *simclist_restrict l) { if (l->iter_active) return 0; + if (l->head_sentinel == NULL) return -1; l->iter_pos = 0; l->iter_active = 1; l->iter_curentry = l->head_sentinel->next; @@ -1247,6 +1297,9 @@ int list_restore_filedescriptor(list_t *simclist_restrict l, int fd, size_t *sim if (l->attrs.unserializer != NULL) { /* use unserializer */ buf = malloc(header.elemlen); + if (buf == NULL) { + return -1; + } for (cnt = 0; cnt < header.numels; cnt++) { READ_ERRCHECK(fd, buf, header.elemlen); list_append(l, l->attrs.unserializer(buf, & elsize)); @@ -1256,6 +1309,9 @@ int list_restore_filedescriptor(list_t *simclist_restrict l, int fd, size_t *sim /* copy verbatim into memory */ for (cnt = 0; cnt < header.numels; cnt++) { buf = malloc(header.elemlen); + if (buf == NULL) { + return -1; + } READ_ERRCHECK(fd, buf, header.elemlen); list_append(l, buf); } @@ -1269,6 +1325,9 @@ int list_restore_filedescriptor(list_t *simclist_restrict l, int fd, size_t *sim for (cnt = 0; cnt < header.numels; cnt++) { READ_ERRCHECK(fd, & elsize, sizeof(elsize)); buf = malloc((size_t)elsize); + if (buf == NULL) { + return -1; + } READ_ERRCHECK(fd, buf, elsize); totreadlen += elsize; list_append(l, l->attrs.unserializer(buf, & elsize)); @@ -1279,6 +1338,9 @@ int list_restore_filedescriptor(list_t *simclist_restrict l, int fd, size_t *sim for (cnt = 0; cnt < header.numels; cnt++) { READ_ERRCHECK(fd, & elsize, sizeof(elsize)); buf = malloc(elsize); + if (buf == NULL) { + return -1; + } READ_ERRCHECK(fd, buf, elsize); totreadlen += elsize; list_append(l, buf); @@ -1368,7 +1430,7 @@ static int list_drop_elem(list_t *simclist_restrict l, struct list_entry_s *tmp, if (l->attrs.copy_data && tmp->data != NULL) free(tmp->data); - if (l->spareelsnum < SIMCLIST_MAX_SPARE_ELEMS) { + if (l->spareels != NULL && l->spareelsnum < SIMCLIST_MAX_SPARE_ELEMS) { l->spareels[l->spareelsnum++] = tmp; } else { free(tmp); diff --git a/src/libopensc/card-cac.c b/src/libopensc/card-cac.c index b4f5ca2d..e1748bff 100644 --- a/src/libopensc/card-cac.c +++ b/src/libopensc/card-cac.c @@ -190,6 +190,8 @@ static cac_private_data_t *cac_new_private_data(void) { cac_private_data_t *priv; priv = calloc(1, sizeof(cac_private_data_t)); + if (!priv) + return NULL; list_init(&priv->pki_list); list_attributes_comparator(&priv->pki_list, cac_list_compare_path); list_attributes_copy(&priv->pki_list, cac_list_meter, 1); @@ -1453,6 +1455,8 @@ static int cac_find_and_initialize(sc_card_t *card, int initialize) return r; priv = cac_new_private_data(); + if (!priv) + return SC_ERROR_OUT_OF_MEMORY; r = cac_process_CCC(card, priv); if (r == SC_SUCCESS) { card->type = SC_CARD_TYPE_CAC_II; @@ -1470,6 +1474,8 @@ static int cac_find_and_initialize(sc_card_t *card, int initialize) if (!priv) { priv = cac_new_private_data(); + if (!priv) + return SC_ERROR_OUT_OF_MEMORY; } r = cac_populate_cac_1(card, index, priv); if (r == SC_SUCCESS) { diff --git a/src/libopensc/card-coolkey.c b/src/libopensc/card-coolkey.c index 798e490d..5d462a8f 100644 --- a/src/libopensc/card-coolkey.c +++ b/src/libopensc/card-coolkey.c @@ -788,6 +788,8 @@ static coolkey_private_data_t *coolkey_new_private_data(void) coolkey_private_data_t *priv; /* allocate priv and zero all the fields */ priv = calloc(1, sizeof(coolkey_private_data_t)); + if (!priv) + return NULL; /* set other fields as appropriate */ priv->key_id = COOLKEY_INVALID_KEY; list_init(&priv->objects_list); @@ -2152,7 +2154,7 @@ static int coolkey_initialize(sc_card_t *card) priv = coolkey_new_private_data(); if (priv == NULL) { - r= SC_ERROR_OUT_OF_MEMORY; + r = SC_ERROR_OUT_OF_MEMORY; goto cleanup; } r = coolkey_get_life_cycle(card, &life_cycle); diff --git a/src/libopensc/card-dnie.c b/src/libopensc/card-dnie.c index 204ffbde..284528a3 100644 --- a/src/libopensc/card-dnie.c +++ b/src/libopensc/card-dnie.c @@ -422,9 +422,8 @@ static int dnie_get_environment( /* look for sc block in opensc.conf */ ctx = card->ctx; for (i = 0; ctx->conf_blocks[i]; i++) { - blocks = - scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], - "card_driver", "dnie"); + blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], + "card_driver", "dnie"); if (!blocks) continue; blk = blocks[0]; diff --git a/src/libopensc/card-entersafe.c b/src/libopensc/card-entersafe.c index 65115aba..abc8008d 100644 --- a/src/libopensc/card-entersafe.c +++ b/src/libopensc/card-entersafe.c @@ -387,8 +387,13 @@ static int entersafe_transmit_apdu(sc_card_t *card, sc_apdu_t *apdu, { mac_data_size=apdu->lc+4; mac_data=malloc(mac_data_size); + if(!mac_data) + { + r = SC_ERROR_OUT_OF_MEMORY; + goto out; + } r = entersafe_mac_apdu(card,apdu,key,keylen,mac_data,mac_data_size); - if(r<0) + if(r < 0) goto out; } diff --git a/src/libopensc/card-gemsafeV1.c b/src/libopensc/card-gemsafeV1.c index 3ce7a5ea..ff056297 100644 --- a/src/libopensc/card-gemsafeV1.c +++ b/src/libopensc/card-gemsafeV1.c @@ -99,7 +99,7 @@ static int get_conf_aid(sc_card_t *card, u8 *aid, size_t *len) for (i = 0; ctx->conf_blocks[i] != NULL; i++) { blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], "card", "gemsafeV1"); - if (blocks[0] != NULL) + if (blocks != NULL && blocks[0] != NULL) conf_block = blocks[0]; free(blocks); } diff --git a/src/libopensc/card-itacns.c b/src/libopensc/card-itacns.c index d73057e6..f322f895 100644 --- a/src/libopensc/card-itacns.c +++ b/src/libopensc/card-itacns.c @@ -208,6 +208,8 @@ static int itacns_init(sc_card_t *card) card->cla = 0x00; card->drv_data = calloc(1, sizeof(itacns_drv_data_t)); + if (!card->drv_data) + return SC_ERROR_OUT_OF_MEMORY; /* Match ATR again to find the card data. */ itacns_match_card(card); @@ -219,7 +221,7 @@ static int itacns_init(sc_card_t *card) ; _sc_card_add_rsa_alg(card, 1024, flags, 0); - return 0; + return SC_SUCCESS; } static int itacns_finish(struct sc_card *card) diff --git a/src/libopensc/card-npa.c b/src/libopensc/card-npa.c index c9067b15..2de14d29 100644 --- a/src/libopensc/card-npa.c +++ b/src/libopensc/card-npa.c @@ -371,6 +371,10 @@ static int npa_init(sc_card_t * card) EAC_init(); #endif card->drv_data = npa_drv_data_create(); + if (!card->drv_data) { + r = SC_ERROR_OUT_OF_MEMORY; + goto err; + } r = npa_load_options(card->ctx, card->drv_data); if (r != SC_SUCCESS) goto err; diff --git a/src/libopensc/card-oberthur.c b/src/libopensc/card-oberthur.c index 86c10e74..9842055a 100644 --- a/src/libopensc/card-oberthur.c +++ b/src/libopensc/card-oberthur.c @@ -2122,6 +2122,10 @@ auth_read_binary(struct sc_card *card, unsigned int offset, { int rv; char debug_buf[2048]; + struct sc_pkcs15_bignum bn[2]; + unsigned char *out = NULL; + bn[0].data = NULL; + bn[1].data = NULL; LOG_FUNC_CALLED(card->ctx); sc_log(card->ctx, @@ -2136,9 +2140,8 @@ auth_read_binary(struct sc_card *card, unsigned int offset, if (auth_current_ef->magic==SC_FILE_MAGIC && auth_current_ef->ef_structure == SC_CARDCTL_OBERTHUR_KEY_RSA_PUBLIC) { int jj; - unsigned char resp[256], *out = NULL; + unsigned char resp[256]; size_t resp_len, out_len; - struct sc_pkcs15_bignum bn[2]; struct sc_pkcs15_pubkey_rsa key; resp_len = sizeof(resp); @@ -2150,14 +2153,22 @@ auth_read_binary(struct sc_card *card, unsigned int offset, ; bn[0].data = calloc(1, rv - jj); + if (!bn[0].data) { + rv = SC_ERROR_OUT_OF_MEMORY; + goto err; + } bn[0].len = rv - jj; memcpy(bn[0].data, resp + jj, rv - jj); rv = auth_read_component(card, SC_CARDCTL_OBERTHUR_KEY_RSA_PUBLIC, 1, resp, resp_len); - LOG_TEST_RET(card->ctx, rv, "Cannot read RSA public key component"); + LOG_TEST_GOTO_ERR(card->ctx, rv, "Cannot read RSA public key component"); bn[1].data = calloc(1, rv); + if (!bn[1].data) { + rv = SC_ERROR_OUT_OF_MEMORY; + goto err; + } bn[1].len = rv; memcpy(bn[1].data, resp, rv); @@ -2165,8 +2176,8 @@ auth_read_binary(struct sc_card *card, unsigned int offset, key.modulus = bn[1]; if (sc_pkcs15_encode_pubkey_rsa(card->ctx, &key, &out, &out_len)) { - LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_ASN1_OBJECT, - "cannot encode RSA public key"); + rv = SC_ERROR_INVALID_ASN1_OBJECT; + LOG_TEST_GOTO_ERR(card->ctx, rv, "cannot encode RSA public key"); } else { rv = out_len - offset > count ? count : out_len - offset; @@ -2179,18 +2190,16 @@ auth_read_binary(struct sc_card *card, unsigned int offset, "write_publickey in %"SC_FORMAT_LEN_SIZE_T"u bytes :\n%s", count, debug_buf); } - - if (bn[0].data) - free(bn[0].data); - if (bn[1].data) - free(bn[1].data); - if (out) - free(out); } - else { + else { rv = iso_ops->read_binary(card, offset, buf, count, 0); } +err: + free(bn[0].data); + free(bn[1].data); + free(out); + LOG_FUNC_RETURN(card->ctx, rv); } diff --git a/src/libopensc/card-piv.c b/src/libopensc/card-piv.c index 0f22d142..7df1f2e0 100644 --- a/src/libopensc/card-piv.c +++ b/src/libopensc/card-piv.c @@ -579,9 +579,6 @@ static int piv_general_io(sc_card_t *card, int ins, int p1, int p2, /* if using internal buffer, alloc new one */ if (rbuf == rbufinitbuf) { *recvbuf = malloc(rbuflen); - sc_log(card->ctx, - "DEE got buffer %p len %"SC_FORMAT_LEN_SIZE_T"u", - *recvbuf, rbuflen); if (*recvbuf == NULL) { r = SC_ERROR_OUT_OF_MEMORY; goto err; diff --git a/src/libopensc/card.c b/src/libopensc/card.c index 46091aa1..9a8b5f69 100644 --- a/src/libopensc/card.c +++ b/src/libopensc/card.c @@ -1414,12 +1414,12 @@ sc_card_sm_check(struct sc_card *card) for (ii = 0; ctx->conf_blocks[ii]; ii++) { scconf_block **blocks; - blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[ii], "secure_messaging", sm); + blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[ii], "secure_messaging", sm); if (blocks) { sm_conf_block = blocks[0]; free(blocks); } - if (sm_conf_block != NULL) + if (sm_conf_block != NULL) break; } diff --git a/src/libopensc/ctx.c b/src/libopensc/ctx.c index 1e3d0db2..e74619a8 100644 --- a/src/libopensc/ctx.c +++ b/src/libopensc/ctx.c @@ -670,12 +670,12 @@ static void process_config_file(sc_context_t *ctx, struct _sc_ctx_options *opts) return; } blocks = scconf_find_blocks(ctx->conf, NULL, "app", ctx->app_name); - if (blocks[0]) + if (blocks && blocks[0]) ctx->conf_blocks[count++] = blocks[0]; free(blocks); if (strcmp(ctx->app_name, "default") != 0) { blocks = scconf_find_blocks(ctx->conf, NULL, "app", "default"); - if (blocks[0]) + if (blocks && blocks[0]) ctx->conf_blocks[count] = blocks[0]; free(blocks); } @@ -775,7 +775,9 @@ int sc_context_create(sc_context_t **ctx_out, const sc_context_param_t *parm) ctx->flags = parm->flags; set_defaults(ctx, &opts); - list_init(&ctx->readers); + if (0 != list_init(&ctx->readers)) { + return SC_ERROR_OUT_OF_MEMORY; + } list_attributes_seeker(&ctx->readers, reader_list_seeker); /* set thread context and create mutex object (if specified) */ if (parm->thread_ctx != NULL) diff --git a/src/libopensc/pkcs15-actalis.c b/src/libopensc/pkcs15-actalis.c index f42cc03c..24983921 100644 --- a/src/libopensc/pkcs15-actalis.c +++ b/src/libopensc/pkcs15-actalis.c @@ -225,6 +225,11 @@ static int sc_pkcs15emu_actalis_init(sc_pkcs15_card_t * p15card) compCert = malloc(compLen * sizeof(unsigned char)); len = 3 * compLen; /*Approximation of the uncompressed size */ cert = malloc(len * sizeof(unsigned char)); + if (!cert || !compCert) { + free(cert); + free(compCert); + return SC_ERROR_OUT_OF_MEMORY; + } sc_read_binary(card, 4, compCert, compLen, 0); diff --git a/src/libopensc/pkcs15-cac.c b/src/libopensc/pkcs15-cac.c index 1fd2ecf2..d82854df 100644 --- a/src/libopensc/pkcs15-cac.c +++ b/src/libopensc/pkcs15-cac.c @@ -373,6 +373,10 @@ static int sc_pkcs15emu_cac_init(sc_pkcs15_card_t *p15card) cert_out->subject_len, &cn_oid, &cn_name, &cn_len); if (r == SC_SUCCESS) { token_name = malloc (cn_len+1); + if (!token_name) { + r = SC_ERROR_OUT_OF_MEMORY; + goto fail; + } memcpy(token_name, cn_name, cn_len); free(cn_name); token_name[cn_len] = 0; diff --git a/src/libopensc/pkcs15-coolkey.c b/src/libopensc/pkcs15-coolkey.c index de4920be..5064a0f4 100644 --- a/src/libopensc/pkcs15-coolkey.c +++ b/src/libopensc/pkcs15-coolkey.c @@ -380,6 +380,8 @@ coolkey_make_public_key(sc_card_t *card, sc_cardctl_coolkey_object_t *obj, CK_KE int r; key = calloc(1, sizeof(struct sc_pkcs15_pubkey)); + if (!key) + return NULL; switch (key_type) { case CKK_RSA: key->algorithm = SC_ALGORITHM_RSA; diff --git a/src/libopensc/pkcs15-infocamere.c b/src/libopensc/pkcs15-infocamere.c index 399bfd9a..14c18879 100644 --- a/src/libopensc/pkcs15-infocamere.c +++ b/src/libopensc/pkcs15-infocamere.c @@ -519,6 +519,11 @@ static int loadCertificate(sc_pkcs15_card_t * p15card, int i, compCert = malloc(compLen * sizeof(unsigned char)); len = 4 * compLen; /*Approximation of the uncompressed size */ cert = malloc(len * sizeof(unsigned char)); + if (!cert || !compCert) { + free(cert); + free(compCert); + return SC_ERROR_OUT_OF_MEMORY; + } sc_read_binary(card, 4, compCert, compLen, 0); diff --git a/src/libopensc/pkcs15-prkey.c b/src/libopensc/pkcs15-prkey.c index 2c775eb9..d3eee983 100644 --- a/src/libopensc/pkcs15-prkey.c +++ b/src/libopensc/pkcs15-prkey.c @@ -619,6 +619,8 @@ sc_pkcs15_convert_bignum(sc_pkcs15_bignum_t *dst, const void *src) return 0; dst->len = BN_num_bytes(bn); dst->data = malloc(dst->len); + if (!dst->data) + return 0; BN_bn2bin(bn, dst->data); return 1; #else @@ -722,6 +724,8 @@ sc_pkcs15_convert_prkey(struct sc_pkcs15_prkey *pkcs15_key, void *evp_key) /* copy the public key */ dst->ecpointQ.value = malloc(buflen); + if (!dst->ecpointQ.value) + return SC_ERROR_OUT_OF_MEMORY; memcpy(dst->ecpointQ.value, buf, buflen); dst->ecpointQ.len = buflen; diff --git a/src/libopensc/pkcs15-pubkey.c b/src/libopensc/pkcs15-pubkey.c index 6aab12c7..4035321c 100644 --- a/src/libopensc/pkcs15-pubkey.c +++ b/src/libopensc/pkcs15-pubkey.c @@ -1095,6 +1095,8 @@ sc_pkcs15_dup_pubkey(struct sc_context *ctx, struct sc_pkcs15_pubkey *key, struc rv = sc_asn1_encode_algorithm_id(ctx, &alg, &alglen,key->alg_id, 0); if (rv == SC_SUCCESS) { pubkey->alg_id = (struct sc_algorithm_id *)calloc(1, sizeof(struct sc_algorithm_id)); + if (pubkey->alg_id == NULL) + LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY); rv = sc_asn1_decode_algorithm_id(ctx, alg, alglen, pubkey->alg_id, 0); free(alg); } diff --git a/src/libopensc/pkcs15.c b/src/libopensc/pkcs15.c index e9317f90..7eabdd4b 100644 --- a/src/libopensc/pkcs15.c +++ b/src/libopensc/pkcs15.c @@ -1153,6 +1153,10 @@ sc_pkcs15_bind_internal(struct sc_pkcs15_card *p15card, struct sc_aid *aid) if (!p15card->tokeninfo->serial_number && card->serialnr.len) { char *serial = calloc(1, card->serialnr.len*2 + 1); size_t ii; + if (!serial) { + err = SC_ERROR_OUT_OF_MEMORY; + goto end; + } for(ii=0;iiserialnr.len;ii++) sprintf(serial + ii*2, "%02X", *(card->serialnr.value + ii)); diff --git a/src/libopensc/reader-ctapi.c b/src/libopensc/reader-ctapi.c index 0fc01db6..3c1db600 100644 --- a/src/libopensc/reader-ctapi.c +++ b/src/libopensc/reader-ctapi.c @@ -190,7 +190,7 @@ static int ctapi_transmit(sc_reader_t *reader, sc_apdu_t *apdu) int r; rsize = rbuflen = apdu->resplen + 2; - rbuf = malloc(rbuflen); + rbuf = malloc(rbuflen); if (rbuf == NULL) { r = SC_ERROR_OUT_OF_MEMORY; goto out; @@ -310,9 +310,14 @@ static struct ctapi_module * add_module(struct ctapi_global_private_data *gpriv, const char *name, void *dlhandle) { int i; + struct ctapi_module *p; i = gpriv->module_count; - gpriv->modules = (struct ctapi_module *) realloc(gpriv->modules, sizeof(struct ctapi_module) * (i+1)); + p = (struct ctapi_module *) realloc(gpriv->modules, sizeof(struct ctapi_module) * (i+1)); + if (!p) { + return NULL; + } + gpriv->modules = p; gpriv->modules[i].name = strdup(name); gpriv->modules[i].dlhandle = dlhandle; gpriv->modules[i].ctn_count = 0; @@ -358,6 +363,8 @@ static int ctapi_load_module(sc_context_t *ctx, goto symerr; mod = add_module(gpriv, val, dlh); + if (!mod) + goto symerr; for (; list != NULL; list = list->next) { int port; char namebuf[128]; diff --git a/src/libopensc/reader-openct.c b/src/libopensc/reader-openct.c index 9e3bef6c..7f586e90 100644 --- a/src/libopensc/reader-openct.c +++ b/src/libopensc/reader-openct.c @@ -115,9 +115,8 @@ openct_add_reader(sc_context_t *ctx, unsigned int num, ct_info_t *info) int rc; if (!(reader = calloc(1, sizeof(*reader))) - || !(data = (calloc(1, sizeof(*data))))) { - if (reader) - free(reader); + || !(data = (calloc(1, sizeof(*data))))) { + free(reader); return SC_ERROR_OUT_OF_MEMORY; } diff --git a/src/minidriver/minidriver.c b/src/minidriver/minidriver.c index 8d7af5ad..705b7340 100644 --- a/src/minidriver/minidriver.c +++ b/src/minidriver/minidriver.c @@ -5694,6 +5694,8 @@ DWORD WINAPI CardAcquireContext(__inout PCARD_DATA pCardData, __in DWORD dwFlags /* VENDOR SPECIFIC */ vs = pCardData->pvVendorSpecific = pCardData->pfnCspAlloc(sizeof(VENDOR_SPECIFIC)); + if (!vs) + return SCARD_E_NO_MEMORY; memset(vs, 0, sizeof(VENDOR_SPECIFIC)); logprintf(pCardData, 1, "==================================================================\n"); diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c index 3441b994..dba579a3 100644 --- a/src/pkcs11/framework-pkcs15.c +++ b/src/pkcs11/framework-pkcs15.c @@ -968,6 +968,9 @@ pkcs15_init_slot(struct sc_pkcs15_card *p15card, struct sc_pkcs11_slot *slot, slot->token_info.flags |= CKF_RNG; slot->fw_data = fw_data = calloc(1, sizeof(*fw_data)); + if (!fw_data) { + return; + } fw_data->auth_obj = auth; if (auth != NULL) { @@ -2136,7 +2139,7 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile if (attr->pValue) { args.data_value.value = calloc(1,attr->ulValueLen); if (!args.data_value.value) - return CKR_HOST_MEMORY; + return CKR_HOST_MEMORY; memcpy(args.data_value.value, attr->pValue, attr->ulValueLen); args.data_value.len = attr->ulValueLen; } @@ -2170,8 +2173,8 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile key_obj = calloc(1, sizeof(sc_pkcs15_object_t)); if (key_obj == NULL) { - rv = CKR_HOST_MEMORY; - goto out; + rv = CKR_HOST_MEMORY; + goto out; } key_obj->type = SC_PKCS15_TYPE_SKEY; @@ -2181,9 +2184,9 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile key_obj->flags = 2; /* TODO not sure what these mean */ skey_info = calloc(1, sizeof(sc_pkcs15_skey_info_t)); - if (skey_info == NULL) { - rv = CKR_HOST_MEMORY; - goto out; + if (skey_info == NULL) { + rv = CKR_HOST_MEMORY; + goto out; } key_obj->data = skey_info; skey_info->usage = args.usage; diff --git a/src/pkcs11/mechanism.c b/src/pkcs11/mechanism.c index 827857b4..0ac4366a 100644 --- a/src/pkcs11/mechanism.c +++ b/src/pkcs11/mechanism.c @@ -704,6 +704,10 @@ sc_pkcs11_verify_final(sc_pkcs11_operation_t *operation, if (rv != CKR_OK) return rv; pubkey_value = calloc(1, attr.ulValueLen); + if (!pubkey_value) { + rv = CKR_HOST_MEMORY; + goto done; + } attr.pValue = pubkey_value; rv = key->ops->get_attribute(operation->session, key, &attr); if (rv != CKR_OK) @@ -841,19 +845,19 @@ sc_pkcs11_deri(struct sc_pkcs11_session *session, ulDataLen = 0; rv = operation->type->derive(operation, basekey, - pMechanism->pParameter, pMechanism->ulParameterLen, - NULL, &ulDataLen); + pMechanism->pParameter, pMechanism->ulParameterLen, + NULL, &ulDataLen); if (rv != CKR_OK) - goto out; + goto out; if (ulDataLen > 0) - keybuf = calloc(1,ulDataLen); + keybuf = calloc(1,ulDataLen); else - keybuf = calloc(1,8); /* pass in dummy buffer */ + keybuf = calloc(1,8); /* pass in dummy buffer */ - if (!keybuf) { - rv = CKR_HOST_MEMORY; - goto out; + if (!keybuf) { + rv = CKR_HOST_MEMORY; + goto out; } /* Now do the actuall derivation */ diff --git a/src/pkcs11/pkcs11-global.c b/src/pkcs11/pkcs11-global.c index 7a45531c..5f04a7f1 100644 --- a/src/pkcs11/pkcs11-global.c +++ b/src/pkcs11/pkcs11-global.c @@ -257,11 +257,18 @@ CK_RV C_Initialize(CK_VOID_PTR pInitArgs) load_pkcs11_parameters(&sc_pkcs11_conf, context); /* List of sessions */ - list_init(&sessions); + if (0 != list_init(&sessions)) { + rv = CKR_HOST_MEMORY; + goto out; + } list_attributes_seeker(&sessions, session_list_seeker); /* List of slots */ list_init(&virtual_slots); + if (0 != list_init(&virtual_slots)) { + rv = CKR_HOST_MEMORY; + goto out; + } list_attributes_seeker(&virtual_slots, slot_list_seeker); /* Create slots for readers found on initialization, only if in 2.11 mode */ diff --git a/src/pkcs11/slot.c b/src/pkcs11/slot.c index 5b368511..0b6b208b 100644 --- a/src/pkcs11/slot.c +++ b/src/pkcs11/slot.c @@ -95,10 +95,14 @@ CK_RV create_slot(sc_reader_t *reader) return CKR_HOST_MEMORY; list_append(&virtual_slots, slot); - list_init(&slot->objects); + if (0 != list_init(&slot->objects)) { + return CKR_HOST_MEMORY; + } list_attributes_seeker(&slot->objects, object_list_seeker); - list_init(&slot->logins); + if (0 != list_init(&slot->logins)) { + return CKR_HOST_MEMORY; + } } else { /* reuse the old list of logins/objects since they should be empty */ list_t logins = slot->logins; diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c index c11f8aea..a69e43bc 100644 --- a/src/pkcs15init/pkcs15-lib.c +++ b/src/pkcs15init/pkcs15-lib.c @@ -203,6 +203,8 @@ get_profile_from_config(struct sc_card *card, char *buffer, size_t size) blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], "card_driver", card->driver->short_name); + if (!blocks) + continue; blk = blocks[0]; free(blocks); if (blk == NULL) @@ -228,18 +230,22 @@ find_library(struct sc_context *ctx, const char *name) for (i = 0; ctx->conf_blocks[i]; i++) { blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], "framework", "pkcs15"); - blk = blocks[0]; - free(blocks); - if (blk == NULL) - continue; - blocks = scconf_find_blocks(ctx->conf, blk, "pkcs15init", name); + if (!blocks) + continue; blk = blocks[0]; - free(blocks); - if (blk == NULL) - continue; - libname = scconf_get_str(blk, "module", NULL); - break; - } + free(blocks); + if (blk == NULL) + continue; + blocks = scconf_find_blocks(ctx->conf, blk, "pkcs15init", name); + if (!blocks) + continue; + blk = blocks[0]; + free(blocks); + if (blk == NULL) + continue; + libname = scconf_get_str(blk, "module", NULL); + break; + } if (!libname) { sc_log(ctx, "unable to locate pkcs15init driver for '%s'", name); } diff --git a/src/scconf/parse.c b/src/scconf/parse.c index f0e585b0..c8bf1419 100644 --- a/src/scconf/parse.c +++ b/src/scconf/parse.c @@ -107,11 +107,10 @@ static scconf_item *scconf_item_add_internal(scconf_parser * parser, int type) return item; } } - item = malloc(sizeof(scconf_item)); + item = calloc(1, sizeof(scconf_item)); if (!item) { return NULL; } - memset(item, 0, sizeof(scconf_item)); item->type = type; item->key = parser->key; @@ -177,12 +176,14 @@ static void scconf_block_add_internal(scconf_parser * parser) scconf_item *item; item = scconf_item_add_internal(parser, SCCONF_ITEM_TYPE_BLOCK); + if (!item) { + return; + } - block = malloc(sizeof(scconf_block)); + block = calloc(1, sizeof(scconf_block)); if (!block) { return; } - memset(block, 0, sizeof(scconf_block)); block->parent = parser->block; item->value.block = block; @@ -259,6 +260,9 @@ void scconf_parse_token(scconf_parser * parser, int token_type, const char *toke /* fall through - treat empty lines as comments */ case TOKEN_TYPE_COMMENT: item = scconf_item_add_internal(parser, SCCONF_ITEM_TYPE_COMMENT); + if (!item) { + return; + } item->value.comment = token ? strdup(token) : NULL; break; case TOKEN_TYPE_STRING: diff --git a/src/scconf/scconf.c b/src/scconf/scconf.c index 678df3e9..0849560d 100644 --- a/src/scconf/scconf.c +++ b/src/scconf/scconf.c @@ -35,13 +35,12 @@ scconf_context *scconf_new(const char *filename) { scconf_context *config; - config = malloc(sizeof(scconf_context)); + config = calloc(1, sizeof(scconf_context)); if (!config) { return NULL; } - memset(config, 0, sizeof(scconf_context)); config->filename = filename ? strdup(filename) : NULL; - config->root = malloc(sizeof(scconf_block)); + config->root = calloc(1, sizeof(scconf_block)); if (!config->root) { if (config->filename) { free(config->filename); @@ -49,7 +48,6 @@ scconf_context *scconf_new(const char *filename) free(config); return NULL; } - memset(config->root, 0, sizeof(scconf_block)); return config; } @@ -107,6 +105,8 @@ scconf_block **scconf_find_blocks(const scconf_context * config, const scconf_bl for (item = block->items; item; item = item->next) { if (item->type == SCCONF_ITEM_TYPE_BLOCK && strcasecmp(item_name, item->key) == 0) { + if (!item->value.block) + continue; if (key && strcasecmp(key, item->value.block->name->data)) { continue; } @@ -207,21 +207,19 @@ scconf_item *scconf_item_copy(const scconf_item * src, scconf_item ** dst) { scconf_item *ptr, *_dst = NULL, *next = NULL; - next = malloc(sizeof(scconf_item)); + next = calloc(1, sizeof(scconf_item)); if (!next) { return NULL; } - memset(next, 0, sizeof(scconf_item)); ptr = next; _dst = next; while (src) { if (!next) { - next = malloc(sizeof(scconf_item)); + next = calloc(1, sizeof(scconf_item)); if (!next) { scconf_item_destroy(ptr); return NULL; } - memset(next, 0, sizeof(scconf_item)); _dst->next = next; } next->type = src->type; @@ -281,7 +279,7 @@ scconf_block *scconf_block_copy(const scconf_block * src, scconf_block ** dst) if (src) { scconf_block *_dst = NULL; - _dst = malloc(sizeof(scconf_block)); + _dst = calloc(1, sizeof(scconf_block)); if (!_dst) { return NULL; } @@ -311,11 +309,10 @@ scconf_list *scconf_list_add(scconf_list ** list, const char *value) { scconf_list *rec, **tmp; - rec = malloc(sizeof(scconf_list)); + rec = calloc(1, sizeof(scconf_list)); if (!rec) { return NULL; } - memset(rec, 0, sizeof(scconf_list)); rec->data = value ? strdup(value) : NULL; if (!*list) { @@ -413,11 +410,10 @@ char *scconf_list_strdup(const scconf_list * list, const char *filler) } if (len == 0) return NULL; - buf = malloc(len); + buf = calloc(1, len); if (!buf) { return NULL; } - memset(buf, 0, len); while (list && list->data) { strcat(buf, list->data); if (filler) { diff --git a/src/scconf/sclex.c b/src/scconf/sclex.c index c5a6758f..44b1a472 100644 --- a/src/scconf/sclex.c +++ b/src/scconf/sclex.c @@ -45,17 +45,23 @@ static void buf_init(BUFHAN * bp, FILE * fp, const char *saved_string) bp->fp = fp; bp->saved_char = 0; bp->buf = malloc(256); - bp->bufmax = 256; + if (bp->buf) { + bp->bufmax = 256; + bp->buf[0] = '\0'; + } else + bp->bufmax = 0; bp->bufcur = 0; - bp->buf[0] = '\0'; bp->saved_string = saved_string; } static void buf_addch(BUFHAN * bp, char ch) { if (bp->bufcur >= bp->bufmax) { + char *p = (char *) realloc(bp->buf, bp->bufmax + 256); + if (!p) + return; bp->bufmax += 256; - bp->buf = (char *) realloc(bp->buf, bp->bufmax); + bp->buf = p; } if (bp->buf) { bp->buf[bp->bufcur++] = ch; diff --git a/src/tools/opensc-tool.c b/src/tools/opensc-tool.c index 4523edc5..4d7efc7a 100644 --- a/src/tools/opensc-tool.c +++ b/src/tools/opensc-tool.c @@ -167,7 +167,7 @@ static int opensc_get_conf_entry(const char *config) key++; blocks = scconf_find_blocks(ctx->conf, NULL, section, name); - if (blocks[0]) + if (blocks && blocks[0]) conf_block = blocks[0]; free(blocks); if (conf_block != NULL) { @@ -224,7 +224,7 @@ static int opensc_set_conf_entry(const char *config) value++; blocks = scconf_find_blocks(ctx->conf, NULL, section, name); - if (blocks[0]) + if (blocks && blocks[0]) conf_block = blocks[0]; free(blocks); if (conf_block != NULL) { diff --git a/src/tools/piv-tool.c b/src/tools/piv-tool.c index 422004cb..b272135e 100644 --- a/src/tools/piv-tool.c +++ b/src/tools/piv-tool.c @@ -213,6 +213,9 @@ static int load_cert(const char * cert_id, const char * cert_file, derlen = i2d_X509(cert, NULL); der = malloc(derlen); + if (!der) { + goto err; + } p = der; i2d_X509(cert, &p); } @@ -485,6 +488,10 @@ int main(int argc, char * const argv[]) case 's': opt_apdus = (char **) realloc(opt_apdus, (opt_apdu_count + 1) * sizeof(char *)); + if (!opt_apdus) { + err = 1; + goto end; + } opt_apdus[opt_apdu_count] = optarg; do_send_apdu++; if (opt_apdu_count == 0) diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c index 169ee8a6..c43c4476 100644 --- a/src/tools/pkcs11-tool.c +++ b/src/tools/pkcs11-tool.c @@ -1054,7 +1054,7 @@ static void list_slots(int tokens, int refresh, int print) p11_slots = calloc(p11_num_slots, sizeof(CK_SLOT_ID)); if (p11_slots == NULL) { perror("calloc failed"); - return; + exit(1); } rv = p11->C_GetSlotList(tokens, p11_slots, &p11_num_slots); @@ -4796,7 +4796,7 @@ static int encrypt_decrypt(CK_SESSION_HANDLE session, encrypted_len = EVP_PKEY_encrypt(encrypted, orig_data, sizeof(orig_data), pkey); #endif EVP_PKEY_free(pkey); - if (encrypted_len <= 0) { + if (((int) encrypted_len) <= 0) { fprintf(stderr, "Encryption failed, returning\n"); return 0; } diff --git a/src/tools/pkcs15-tool.c b/src/tools/pkcs15-tool.c index 04e76180..98410355 100644 --- a/src/tools/pkcs15-tool.c +++ b/src/tools/pkcs15-tool.c @@ -888,6 +888,8 @@ static void print_ssh_key(FILE *outf, const char * alg, struct sc_pkcs15_object int r; uu = malloc(len*2); // Way over - even if we have extra LFs; as each 6 bits take one byte. + if (!uu) + return; if (opt_rfc4716) { r = sc_base64_encode(buf, len, uu, 2*len, 64); diff --git a/src/tools/sc-hsm-tool.c b/src/tools/sc-hsm-tool.c index 029d9913..718a8f11 100644 --- a/src/tools/sc-hsm-tool.c +++ b/src/tools/sc-hsm-tool.c @@ -250,6 +250,9 @@ static int createShares(const BIGNUM *s, const unsigned char t, const unsigned c unsigned long i; secret_share_t *sp; + if (!polynomial) + return -1; + // Set the secret value as the constant part of the polynomial pp = polynomial; *pp = BN_new(); @@ -310,6 +313,9 @@ static int reconstructSecret(secret_share_t *shares, unsigned char t, const BIGN secret_share_t *sp_j; BN_CTX *ctx; + if (!bValue) + return -1; + // Initialize pbValue = bValue; for (i = 0; i < t; i++) { @@ -656,15 +662,17 @@ static int recreate_password_from_shares(char **pwd, int *pwdlen, int num_of_pas return -1; } + // Allocate data buffer for the shares + shares = malloc(num_of_password_shares * sizeof(secret_share_t)); + if (!shares) + return -1; + /* * Initialize prime and secret */ prime = BN_new(); secret = BN_new(); - // Allocate data buffer for the shares - shares = malloc(num_of_password_shares * sizeof(secret_share_t)); - printf("\nDeciphering the DKEK for import into the SmartCard-HSM requires %i key custodians", num_of_password_shares); printf("\nto present their share. Only the first key custodian needs to enter the public prime."); printf("\nPlease remember to present the share id as well as the share value."); @@ -733,14 +741,16 @@ static int recreate_password_from_shares(char **pwd, int *pwdlen, int num_of_pas ip = (unsigned char *) inbuf; *pwdlen = BN_bn2bin(secret, ip); *pwd = calloc(1, *pwdlen); - memcpy(*pwd, ip, *pwdlen); + if (*pwd) { + memcpy(*pwd, ip, *pwdlen); + } cleanUpShares(shares, num_of_password_shares); BN_clear_free(prime); BN_clear_free(secret); - return 0; + return *pwd ? 0 : -1; } diff --git a/src/tools/westcos-tool.c b/src/tools/westcos-tool.c index ea71ba39..186bb66b 100644 --- a/src/tools/westcos-tool.c +++ b/src/tools/westcos-tool.c @@ -106,7 +106,8 @@ static int do_convert_bignum(sc_pkcs15_bignum_t *dst, const BIGNUM *src) if (src == 0) return 0; dst->len = BN_num_bytes(src); dst->data = malloc(dst->len); - BN_bn2bin(src, dst->data); + if (!dst->data) return 0; + if (!BN_bn2bin(src, dst->data)) return 0; return 1; }