p11test: Avoid possible issues reported by coverity

* The fail_msg() in cmocka has a way not to fail, which confuses coverity. Adding explicit retunr/exit should address this issue
 * Reformat some code in p11test
This commit is contained in:
Jakub Jelen 2019-07-26 10:46:31 +02:00 committed by Frank Morgner
parent 2958b71c9a
commit 818aa5b69c
4 changed files with 90 additions and 46 deletions

View File

@ -30,13 +30,15 @@ char flag_buffer[11];
void always_authenticate(test_cert_t *o, token_info_t *info)
{
CK_RV rv;
if (!o->always_auth)
if (!o->always_auth) {
return;
}
rv = info->function_pointer->C_Login(info->session_handle,
CKU_CONTEXT_SPECIFIC, info->pin, info->pin_length);
if (rv != CKR_OK) {
fail_msg(" [ SKIP %s ] Re-authentication failed", o->id_str);
exit(1);
}
}
@ -153,7 +155,7 @@ int callback_certificates(test_certs_t *objects,
CK_ATTRIBUTE template[], unsigned int template_size, CK_OBJECT_HANDLE object_handle)
{
EVP_PKEY *evp = NULL;
const u_char *cp;
const u_char *cp = NULL;
test_cert_t *o = NULL;
if (*(CK_CERTIFICATE_TYPE *)template[3].pValue != CKC_X_509)
@ -166,23 +168,29 @@ int callback_certificates(test_certs_t *objects,
cp = template[1].pValue;
if (d2i_X509(&(o->x509), &cp, template[1].ulValueLen) == NULL) {
fail_msg("d2i_X509");
return -1;
} else if ((evp = X509_get_pubkey(o->x509)) == NULL) {
fail_msg("X509_get_pubkey failed.");
return -1;
}
if (EVP_PKEY_base_id(evp) == EVP_PKEY_RSA) {
/* Extract public RSA key */
RSA *rsa = EVP_PKEY_get0_RSA(evp);
if ((o->key.rsa = RSAPublicKey_dup(rsa)) == NULL)
if ((o->key.rsa = RSAPublicKey_dup(rsa)) == NULL) {
fail_msg("RSAPublicKey_dup failed");
return -1;
}
o->type = EVP_PK_RSA;
o->bits = EVP_PKEY_bits(evp);
} else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) {
/* Extract public EC key */
EC_KEY *ec = EVP_PKEY_get0_EC_KEY(evp);
if ((o->key.ec = EC_KEY_dup(ec)) == NULL)
if ((o->key.ec = EC_KEY_dup(ec)) == NULL) {
fail_msg("EC_KEY_dup failed");
return -1;
}
o->type = EVP_PK_EC;
o->bits = EVP_PKEY_bits(evp);
@ -434,8 +442,10 @@ int search_objects(test_certs_t *objects, token_info_t *info,
if (i >= objects_length) {
objects_length += 4; // do not realloc after each row
object_handles = realloc(object_handles, objects_length * sizeof(CK_OBJECT_HANDLE_PTR));
if (object_handles == NULL)
if (object_handles == NULL) {
fail_msg("Realloc failed. Need to store object handles.\n");
return -1;
}
}
object_handles[i++] = object_handle;
}
@ -445,6 +455,7 @@ int search_objects(test_certs_t *objects, token_info_t *info,
if (rv != CKR_OK) {
fprintf(stderr, "C_FindObjectsFinal: rv = 0x%.8lX\n", rv);
fail_msg("Could not find certificate.\n");
return -1;
}
for (i = 0; i < objects_length; i++) {
@ -457,24 +468,30 @@ int search_objects(test_certs_t *objects, token_info_t *info,
rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
&(template[j]), 1);
if (rv == CKR_ATTRIBUTE_TYPE_INVALID)
if (rv == CKR_ATTRIBUTE_TYPE_INVALID) {
continue;
else if (rv != CKR_OK)
} else if (rv != CKR_OK) {
fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
return -1;
}
/* Allocate memory to hold the data we want */
if (template[j].ulValueLen == 0) {
continue;
} else {
template[j].pValue = malloc(template[j].ulValueLen);
if (template[j].pValue == NULL)
if (template[j].pValue == NULL) {
fail_msg("malloc failed");
return -1;
}
}
/* Call again to get actual attribute */
rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
&(template[j]), 1);
if (rv != CKR_OK)
if (rv != CKR_OK) {
fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
return -1;
}
}
callback(objects, template, template_size, object_handles[i]);

View File

@ -103,16 +103,19 @@ int is_pss_mechanism(CK_MECHANISM_TYPE mech);
#define P11TEST_PASS(info) do { _P11TEST_FINALIZE(info, "pass") } while(0);
#define P11TEST_FAIL(info, msg, ...) do { \
if (info->log.fd && info->log.in_test) { \
fprintf(info->log.fd, ",\n\t\"fail_reason\": \"" msg "\"", ##__VA_ARGS__); \
} \
_P11TEST_FINALIZE(info, "fail") \
fail_msg(msg, ##__VA_ARGS__); \
if (info->log.fd && info->log.in_test) { \
fprintf(info->log.fd, ",\n\t\"fail_reason\": \"" msg "\"", ##__VA_ARGS__); \
} \
_P11TEST_FINALIZE(info, "fail") \
fail_msg(msg, ##__VA_ARGS__); \
exit(1); \
} while (0);
#define P11TEST_DATA_ROW(info, cols, ...) if (info->log.fd) { \
if (info->log.in_test == 0) \
if (info->log.in_test == 0) {\
fail_msg("Can't add data outside of the test");\
exit(1); \
} \
if (info->log.in_data == 0) {\
fprintf(info->log.fd, ",\n\t\"data\": [");\
info->log.in_data = 1;\

View File

@ -546,8 +546,10 @@ int sign_verify_test(test_cert_t *o, token_info_t *info, test_mech_t *mech,
CK_ULONG sign_length = 0;
int rv = 0;
if (message_length > strlen(SHORT_MESSAGE_TO_SIGN))
if (message_length > strlen(SHORT_MESSAGE_TO_SIGN)) {
fail_msg("Truncate is longer than the actual message");
return -1;
}
if (o->private_handle == CK_INVALID_HANDLE) {
debug_print(" [SKIP %s ] Missing private key", o->id_str);

View File

@ -23,7 +23,9 @@
#include "p11test_helpers.h"
#include "p11test_loader.h"
int open_session(token_info_t *info) {
int
open_session(token_info_t *info)
{
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
CK_RV rv;
@ -31,56 +33,65 @@ int open_session(token_info_t *info) {
CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR,
&info->session_handle);
if(rv != CKR_OK)
if (rv != CKR_OK) {
return 1;
}
debug_print("Session was successfully created");
return 0;
}
int initialize_cryptoki(token_info_t *info) {
int
initialize_cryptoki(token_info_t *info)
{
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
CK_RV rv;
rv = function_pointer->C_Initialize(NULL_PTR);
if(rv != CKR_OK){
fprintf(stderr,"Could not initialize CRYPTOKI!\n");
if (rv != CKR_OK) {
fprintf(stderr, "Could not initialize CRYPTOKI!\n");
return 1;
}
if(get_slot_with_card(info)) {
if (get_slot_with_card(info)) {
function_pointer->C_Finalize(NULL_PTR);
fprintf(stderr,"There is no card present in reader.\n");
fprintf(stderr, "There is no card present in reader.\n");
return 1;
}
return 0;
}
int token_initialize(void **state) {
int token_initialize(void **state)
{
token_info_t *info = (token_info_t *) *state;
if(initialize_cryptoki(info)) {
if (initialize_cryptoki(info)) {
debug_print("CRYPTOKI couldn't be initialized");
return 1;
}
return 0;
}
void logfile_init(token_info_t *info) {
if (token.log.outfile == NULL)
void logfile_init(token_info_t *info)
{
if (token.log.outfile == NULL) {
return;
}
if ((info->log.fd = fopen(token.log.outfile, "w")) == NULL)
if ((info->log.fd = fopen(token.log.outfile, "w")) == NULL) {
fail_msg("Couldn't open file for test results.");
exit(1);
}
fprintf(info->log.fd, "{\n\"time\": 0,\n\"results\": [");
info->log.in_test = 0;
info->log.first = 1;
}
void logfile_finalize(token_info_t *info) {
if (info == NULL || info->log.fd == NULL)
void logfile_finalize(token_info_t *info)
{
if (info == NULL || info->log.fd == NULL) {
return;
}
/* Make sure the JSON object for test is closed */
if (info->log.in_test) {
@ -94,7 +105,6 @@ void logfile_finalize(token_info_t *info) {
int group_setup(void **state)
{
token_info_t * info = calloc(sizeof(token_info_t), 1);
assert_non_null(info);
@ -107,6 +117,7 @@ int group_setup(void **state)
if (load_pkcs11_module(info, token.library_path)) {
free(info);
fail_msg("Could not load module!\n");
exit(1);
}
logfile_init(info);
@ -115,8 +126,8 @@ int group_setup(void **state)
return 0;
}
int group_teardown(void **state) {
int group_teardown(void **state)
{
token_info_t *info = (token_info_t *) *state;
debug_print("Clearing state after group tests!");
// XXX do not finalize already Finalized
@ -134,13 +145,14 @@ int group_teardown(void **state) {
return 0;
}
int prepare_token(token_info_t *info) {
if(initialize_cryptoki(info)) {
int prepare_token(token_info_t *info)
{
if (initialize_cryptoki(info)) {
debug_print("CRYPTOKI couldn't be initialized");
return 1;
}
if(open_session(info)) {
if (open_session(info)) {
debug_print("Could not open session to token!");
return 1;
}
@ -148,7 +160,8 @@ int prepare_token(token_info_t *info) {
return 0;
}
int finalize_token(token_info_t *info) {
int finalize_token(token_info_t *info)
{
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
info->session_handle = 0;
@ -159,26 +172,31 @@ int finalize_token(token_info_t *info) {
return 0;
}
int user_login_setup(void **state) {
int user_login_setup(void **state)
{
token_info_t *info = (token_info_t *) *state;
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
CK_RV rv;
if (prepare_token(info))
if (prepare_token(info)) {
fail_msg("Could not prepare token.\n");
exit(1);
}
debug_print("Logging in to the token!");
rv = function_pointer->C_Login(info->session_handle, CKU_USER,
token.pin, token.pin_length);
if(rv != CKR_OK)
if (rv != CKR_OK) {
fail_msg("Could not login to token with user PIN '%s'\n", token.pin);
exit(1);
}
return 0;
}
int after_test_cleanup(void **state) {
int after_test_cleanup(void **state)
{
token_info_t *info = (token_info_t *) *state;
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
@ -189,16 +207,20 @@ int after_test_cleanup(void **state) {
return 0;
}
int token_setup(void **state) {
int token_setup(void **state)
{
token_info_t *info = (token_info_t *) *state;
if(prepare_token(info))
if (prepare_token(info)) {
fail_msg("Could not prepare token.\n");
exit(1);
}
return 0;
}
int token_cleanup(void **state) {
int token_cleanup(void **state)
{
token_info_t *info = (token_info_t *) *state;
finalize_token(info);