giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #571 from frankmorgner/label 

Fixes accessing fixed size arrays
This commit is contained in:
Frank Morgner 2015-10-14 18:56:29 +02:00
parent ee5915700c a6b36507a3
commit 851e0a24ff
13 changed files with 100 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libopensc/pkcs15-data.c
View File

@ -157,7 +157,7 @@ int sc_pkcs15_encode_dodf_entry(sc_context_t *ctx,
size_t label_len;
info = (struct sc_pkcs15_data_info *) obj->data;
label_len = strlen(info->app_label);
label_len = strnlen(info->app_label, sizeof info->app_label);
sc_copy_asn1_entry(c_asn1_com_data_attr, asn1_com_data_attr);
sc_copy_asn1_entry(c_asn1_type_data_attr, asn1_type_data_attr);

6
src/libopensc/pkcs15-sc-hsm.c
View File

@ -298,10 +298,10 @@ int sc_pkcs15emu_sc_hsm_encode_cvc(sc_pkcs15_card_t * p15card,
}
sc_format_asn1_entry(asn1_cvc_body , &cvc->cpi, NULL, 1);
lencar = strlen(cvc->car);
lencar = strnlen(cvc->car, sizeof cvc->car);
sc_format_asn1_entry(asn1_cvc_body + 1, &cvc->car, &lencar, 1);
sc_format_asn1_entry(asn1_cvc_body + 2, &asn1_cvc_pubkey, NULL, 1);
lenchr = strlen(cvc->chr);
lenchr = strnlen(cvc->chr, sizeof cvc->chr);
sc_format_asn1_entry(asn1_cvc_body + 3, &cvc->chr, &lenchr, 1);
sc_format_asn1_entry(asn1_cvcert , &asn1_cvc_body, NULL, 1);
@ -846,7 +846,7 @@ static int sc_pkcs15emu_sc_hsm_init (sc_pkcs15_card_t * p15card)
if (appinfo->label == NULL)
LOG_FUNC_RETURN(card->ctx, SC_ERROR_OUT_OF_MEMORY);
len = strlen(devcert.chr); /* Strip last 5 digit sequence number from CHR */
len = strnlen(devcert.chr, sizeof devcert.chr); /* Strip last 5 digit sequence number from CHR */
assert(len >= 8);
len -= 5;

4
src/libopensc/pkcs15.c
View File

@ -1505,8 +1505,8 @@ compare_obj_data_name(struct sc_pkcs15_object *obj, const char *app_label, const
if (obj->type != SC_PKCS15_TYPE_DATA_OBJECT)
return 0;
return !strcmp(cinfo->app_label, app_label) &&
!strcmp(obj->label, label);
return !strncmp(cinfo->app_label, app_label, sizeof cinfo->app_label) &&
!strncmp(obj->label, label, sizeof obj->label);
}

80
src/minidriver/minidriver.c
View File

@ -114,7 +114,6 @@ HINSTANCE g_inst;
#define MAGIC_SESSION_PIN "opensc-minidriver"
struct md_directory {
unsigned char parent[9];
unsigned char name[9];
CARD_DIRECTORY_ACCESS_CONDITION acl;
@ -126,7 +125,6 @@ struct md_directory {
};
struct md_file {
unsigned char parent[9];
unsigned char name[9];
CARD_FILE_ACCESS_CONDITION acl;
@ -541,7 +539,8 @@ md_fs_find_directory(PCARD_DATA pCardData, struct md_directory *parent, char *na
else {
dir = parent->subdirs;
while(dir) {
if (!strcmp(dir->name, name))
if (strlen(name) > sizeof dir->name
|| !strncmp(dir->name, name, sizeof dir->name))
break;
dir = dir->next;
}
@ -621,7 +620,8 @@ md_fs_find_file(PCARD_DATA pCardData, char *parent, char *name, struct md_file *
}
for (file = dir->files; file!=NULL;) {
if (!strcmp(file->name, name))
if (sizeof file->name < strlen(name)
|| !strncmp(file->name, name, sizeof file->name))
break;
file = file->next;
}
@ -726,7 +726,8 @@ md_fs_delete_file(PCARD_DATA pCardData, char *parent, char *name)
return SCARD_E_FILE_NOT_FOUND;
}
if (!strcmp(dir->files->name, name)) {
if (sizeof dir->files->name < strlen(name)
|| !strncmp(dir->files->name, name, sizeof dir->files->name)) {
file_to_rm = dir->files;
dir->files = dir->files->next;
md_fs_free_file(pCardData, file_to_rm);
@ -736,7 +737,8 @@ md_fs_delete_file(PCARD_DATA pCardData, char *parent, char *name)
for (file = dir->files; file!=NULL; file = file->next) {
if (!file->next)
break;
if (!strcmp(file->next->name, name)) {
if (sizeof file->next->name < strlen(name)
|| !strncmp(file->next->name, name, sizeof file->next->name)) {
file_to_rm = file->next;
file->next = file->next->next;
md_fs_free_file(pCardData, file_to_rm);
@ -859,13 +861,13 @@ md_pkcs15_encode_cmapfile(PCARD_DATA pCardData, unsigned char **out, size_t *out
struct md_pkcs15_container cont = vs->p15_containers[idx];
int rv;
if (!cont.id.len && !strlen(cont.guid))
if (!cont.id.len && cont.guid[0] == '\0')
continue;
sc_copy_asn1_entry(c_asn1_md_container_attrs, asn1_md_container_attrs);
sc_copy_asn1_entry(c_asn1_md_container, asn1_md_container);
guid_len = strlen(cont.guid);
guid_len = strnlen(cont.guid, sizeof cont.guid);
flags_len = sizeof(size_t);
sc_format_asn1_entry(asn1_md_container_attrs + 0, &cont.index, NULL, 1);
sc_format_asn1_entry(asn1_md_container_attrs + 1, &cont.id, NULL, 1);
@ -938,8 +940,8 @@ md_pkcs15_update_containers(PCARD_DATA pCardData, unsigned char *blob, size_t si
cont->flags = pp->bFlags;
cont->size_sign = pp->wSigKeySizeBits;
cont->size_key_exchange = pp->wKeyExchangeKeySizeBits;
logprintf(pCardData, 3, "update P15 containers: touch container (idx:%i,id:%s,guid:%s,flags:%X)\n",
idx, sc_pkcs15_print_id(&cont->id),cont->guid,cont->flags);
logprintf(pCardData, 3, "update P15 containers: touch container (idx:%i,id:%s,guid:%.*s,flags:%X)\n",
idx, sc_pkcs15_print_id(&cont->id),(int)sizeof cont->guid,cont->guid,cont->flags);
}
}
@ -962,7 +964,7 @@ md_pkcs15_update_container_from_do(PCARD_DATA pCardData, struct sc_pkcs15_object
rv = sc_pkcs15_read_data_object(vs->p15card, (struct sc_pkcs15_data_info *)dobj->data, &ddata);
if (rv) {
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%s') returned %i\n", dobj->label, rv);
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%.*s') returned %i\n", (int) sizeof dobj->label, dobj->label, rv);
return SCARD_F_INTERNAL_ERROR;
}
@ -989,7 +991,7 @@ md_pkcs15_update_container_from_do(PCARD_DATA pCardData, struct sc_pkcs15_object
for (idx=0; idx<MD_MAX_KEY_CONTAINERS && vs->p15_containers[idx].prkey_obj; idx++) {
if (sc_pkcs15_compare_id(&id, &vs->p15_containers[idx].id)) {
snprintf(vs->p15_containers[idx].guid, sizeof(vs->p15_containers[idx].guid),
"%s", dobj->label);
"%.*s", (int) sizeof dobj->label, dobj->label);
vs->p15_containers[idx].flags = flags;
logprintf(pCardData, 2, "Set container's guid to '%s' and flags to 0x%X\n",
vs->p15_containers[idx].guid, flags);
@ -1018,7 +1020,7 @@ md_pkcs15_default_container_from_do(PCARD_DATA pCardData, struct sc_pkcs15_objec
rv = sc_pkcs15_read_data_object(vs->p15card, (struct sc_pkcs15_data_info *)dobj->data, &ddata);
if (rv) {
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%s') returned %i\n", dobj->label, rv);
logprintf(pCardData, 2, "sc_pkcs15_read_data_object('%.*s') returned %i\n", (int) sizeof dobj->label, dobj->label, rv);
return SCARD_F_INTERNAL_ERROR;
}
@ -1060,7 +1062,7 @@ md_pkcs15_delete_object(PCARD_DATA pCardData, struct sc_pkcs15_object *obj)
if (!obj)
return SCARD_S_SUCCESS;
logprintf(pCardData, 3, "MdDeleteObject('%s',type:0x%X) called\n", obj->label, obj->type);
logprintf(pCardData, 3, "MdDeleteObject('%.*s',type:0x%X) called\n", (int) sizeof obj->label, obj->label, obj->type);
rv = sc_lock(card);
if (rv) {
@ -1535,7 +1537,7 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
cont->size_key_exchange = prkey_info->modulus_length;
}
logprintf(pCardData, 7, "Container[%i]'s guid=%s\n", ii, cont->guid);
logprintf(pCardData, 7, "Container[%i]'s guid=%.*s\n", ii, (int) sizeof cont->guid, cont->guid);
logprintf(pCardData, 7, "Container[%i]'s key-exchange:%i, sign:%i\n", ii, cont->size_key_exchange, cont->size_sign);
cont->id = prkey_info->id;
@ -1543,10 +1545,10 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
/* Try to find the friend objects: certficate and public key */
if (!sc_pkcs15_find_cert_by_id(vs->p15card, &cont->id, &cont->cert_obj))
logprintf(pCardData, 2, "found certificate friend '%s'\n", cont->cert_obj->label);
logprintf(pCardData, 2, "found certificate friend '%.*s'\n", (int) sizeof cont->cert_obj->label, cont->cert_obj->label);
if (!sc_pkcs15_find_pubkey_by_id(vs->p15card, &cont->id, &cont->pubkey_obj))
logprintf(pCardData, 2, "found public key friend '%s'\n", cont->pubkey_obj->label);
logprintf(pCardData, 2, "found public key friend '%.*s'\n", (int) sizeof cont->pubkey_obj->label, cont->pubkey_obj->label);
}
if (conts_num) {
@ -1569,8 +1571,8 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
if (strcmp(dinfo->app_label, MD_DATA_APPLICAITON_NAME))
continue;
logprintf(pCardData, 2, "Found 'DATA' object '%s'\n", dobjs[ii]->label);
if (!strcmp(dobjs[ii]->label, MD_DATA_DEFAULT_CONT_LABEL)) {
logprintf(pCardData, 2, "Found 'DATA' object '%.*s'\n", (int) sizeof dobjs[ii]->label, dobjs[ii]->label);
if (!strncmp(dobjs[ii]->label, MD_DATA_DEFAULT_CONT_LABEL, sizeof dobjs[ii]->label)) {
default_cont = dobjs[ii];
continue;
}
@ -1916,20 +1918,20 @@ md_pkcs15_generate_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, DWORD ke
sc_pkcs15init_set_p15card(profile, vs->p15card);
cont = &(vs->p15_containers[idx]);
if (strlen(cont->guid)) {
logprintf(pCardData, 3, "MdGenerateKey(): generate key(idx:%i,guid:%s)\n", idx, cont->guid);
if (cont->guid[0] != '\0') {
logprintf(pCardData, 3, "MdGenerateKey(): generate key(idx:%i,guid:%.*s)\n", idx, (int) sizeof cont->guid, cont->guid);
keygen_args.prkey_args.guid = cont->guid;
keygen_args.prkey_args.guid_len = strlen(cont->guid);
keygen_args.prkey_args.guid_len = strnlen(cont->guid, sizeof cont->guid);
}
if (md_is_guid_as_id(pCardData)) {
if (strlen(cont->guid) > sizeof(keygen_args.prkey_args.id.value)) {
if (strnlen(cont->guid, sizeof cont->guid) > sizeof(keygen_args.prkey_args.id.value)) {
logprintf(pCardData, 3, "MdGenerateKey(): cannot set ID -- invalid GUID length\n");
goto done;
}
memcpy(keygen_args.prkey_args.id.value, cont->guid, strlen(cont->guid));
keygen_args.prkey_args.id.len = strlen(cont->guid);
memcpy(keygen_args.prkey_args.id.value, cont->guid, strnlen(cont->guid, sizeof cont->guid));
keygen_args.prkey_args.id.len = strnlen(cont->guid, sizeof cont->guid);
logprintf(pCardData, 3, "MdGenerateKey(): use ID:%s\n", sc_pkcs15_print_id(&keygen_args.prkey_args.id));
}
@ -1948,8 +1950,8 @@ md_pkcs15_generate_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, DWORD ke
cont->index = idx;
cont->flags = CONTAINER_MAP_VALID_CONTAINER;
logprintf(pCardData, 3, "MdGenerateKey(): generated key(idx:%i,id:%s,guid:%s)\n",
idx, sc_pkcs15_print_id(&cont->id),cont->guid);
logprintf(pCardData, 3, "MdGenerateKey(): generated key(idx:%i,id:%s,guid:%.*s)\n",
idx, sc_pkcs15_print_id(&cont->id),(int) sizeof cont->guid, cont->guid);
dwret = SCARD_S_SUCCESS;
done:
@ -2049,23 +2051,23 @@ md_pkcs15_store_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, BYTE *blob,
sc_pkcs15init_set_p15card(profile, vs->p15card);
cont = &(vs->p15_containers[idx]);
if (strlen(cont->guid)) {
if (cont->guid[0] != '\0') {
logprintf(pCardData, 3, "MdStoreKey(): store key(idx:%i,id:%s,guid:%s)\n", idx, sc_pkcs15_print_id(&cont->id), cont->guid);
prkey_args.guid = cont->guid;
prkey_args.guid_len = strlen(cont->guid);
prkey_args.guid_len = strnlen(cont->guid, sizeof cont->guid);
}
if (md_is_guid_as_id(pCardData)) {
if (strlen(cont->guid) > sizeof(prkey_args.id.value)) {
if (strnlen(cont->guid, sizeof cont->guid) > sizeof(prkey_args.id.value)) {
logprintf(pCardData, 3, "MdStoreKey(): cannot set ID -- invalid GUID length\n");
goto done;
}
memcpy(prkey_args.id.value, cont->guid, strlen(cont->guid));
prkey_args.id.len = strlen(cont->guid);
memcpy(prkey_args.id.value, cont->guid, strnlen(cont->guid, sizeof cont->guid));
prkey_args.id.len = strnlen(cont->guid, sizeof cont->guid);
memcpy(pubkey_args.id.value, cont->guid, strlen(cont->guid));
pubkey_args.id.len = strlen(cont->guid);
memcpy(pubkey_args.id.value, cont->guid, strnlen(cont->guid, sizeof cont->guid));
pubkey_args.id.len = strnlen(cont->guid, sizeof cont->guid);
logprintf(pCardData, 3, "MdStoreKey(): use ID:%s\n", sc_pkcs15_print_id(&prkey_args.id));
}
@ -2092,7 +2094,7 @@ md_pkcs15_store_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, BYTE *blob,
cont->index = idx;
cont->flags |= CONTAINER_MAP_VALID_CONTAINER;
logprintf(pCardData, 3, "MdStoreKey(): stored key(idx:%i,id:%s,guid:%s)\n", idx, sc_pkcs15_print_id(&cont->id),cont->guid);
logprintf(pCardData, 3, "MdStoreKey(): stored key(idx:%i,id:%s,guid:%.*s)\n", idx, sc_pkcs15_print_id(&cont->id),(int) sizeof cont->guid,cont->guid);
dwret = SCARD_S_SUCCESS;
done:
@ -2606,7 +2608,7 @@ DWORD WINAPI CardGetContainerInfo(__in PCARD_DATA pCardData, __in BYTE bContaine
if (!pubkey_der.value && cont->pubkey_obj) {
struct sc_pkcs15_pubkey *pubkey = NULL;
logprintf(pCardData, 1, "now read public key '%s'\n", cont->pubkey_obj->label);
logprintf(pCardData, 1, "now read public key '%.*s'\n", (int) sizeof cont->pubkey_obj->label, cont->pubkey_obj->label);
rv = sc_pkcs15_read_pubkey(vs->p15card, cont->pubkey_obj, &pubkey);
if (!rv) {
rv = sc_pkcs15_encode_pubkey(vs->ctx, pubkey, &pubkey_der.value, &pubkey_der.len);
@ -2630,7 +2632,7 @@ DWORD WINAPI CardGetContainerInfo(__in PCARD_DATA pCardData, __in BYTE bContaine
if (!pubkey_der.value && cont->cert_obj) {
struct sc_pkcs15_cert *cert = NULL;
logprintf(pCardData, 1, "now read certificate '%s'\n", cont->cert_obj->label);
logprintf(pCardData, 1, "now read certificate '%.*s'\n", (int) sizeof cont->cert_obj->label, cont->cert_obj->label);
rv = sc_pkcs15_read_certificate(vs->p15card, (struct sc_pkcs15_cert_info *)(cont->cert_obj->data), &cert);
if(!rv) {
rv = sc_pkcs15_encode_pubkey(vs->ctx, cert->key, &pubkey_der.value, &pubkey_der.len);
@ -3120,8 +3122,8 @@ DWORD WINAPI CardEnumFiles(__in PCARD_DATA pCardData,
file = dir->files;
for (offs = 0; file != NULL && offs < sizeof(mstr) - 10;) {
logprintf(pCardData, 2, "enum files(): file name '%s'\n", file->name);
strcpy(mstr+offs, file->name);
offs += strlen(file->name) + 1;
strncpy(mstr+offs, file->name, sizeof file->name);
offs += strnlen(file->name, sizeof file->name) + 1;
file = file->next;
}
offs += 1;

36
src/pkcs11/framework-pkcs15.c
View File

@ -967,7 +967,7 @@ pkcs15_init_slot(struct sc_pkcs15_card *p15card, struct sc_pkcs11_slot *slot,
}
else {
if (auth->label[0])
snprintf(label, sizeof(label), "%s (%s)", p15card->tokeninfo->label, auth->label);
snprintf(label, sizeof(label), "%s (%.*s)", p15card->tokeninfo->label, (int) sizeof auth->label, auth->label);
else
snprintf(label, sizeof(label), "%s", p15card->tokeninfo->label);
slot->token_info.flags |= CKF_LOGIN_REQUIRED;
@ -1156,7 +1156,7 @@ _add_pin_related_objects(struct sc_pkcs11_slot *slot, struct sc_pkcs15_object *p
struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info *)pin_obj->data;
unsigned i;
sc_log(context, "Add objects related to PIN('%s',ID:%s)", pin_obj->label, sc_pkcs15_print_id(&pin_info->auth_id));
sc_log(context, "Add objects related to PIN('%.*s',ID:%s)", (int) sizeof pin_obj->label, pin_obj->label, sc_pkcs15_print_id(&pin_info->auth_id));
for (i=0; i < fw_data->num_objects; i++) {
struct pkcs15_any_object *obj = fw_data->objects[i];
@ -1167,7 +1167,7 @@ _add_pin_related_objects(struct sc_pkcs11_slot *slot, struct sc_pkcs15_object *p
* not private. Just ignore those... */
if (!(obj->p15_object->flags & SC_PKCS15_CO_FLAG_PRIVATE))
continue;
sc_log(context, "ObjID(%p,%s,%x):%s", obj, obj->p15_object->label,
sc_log(context, "ObjID(%p,%.*s,%x):%s", obj, (int) sizeof obj->p15_object->label, obj->p15_object->label,
obj->p15_object->type, sc_pkcs15_print_id(&obj->p15_object->auth_id));
if (!sc_pkcs15_compare_id(&pin_info->auth_id, &obj->p15_object->auth_id)) {
sc_log(context, "Ignoring object %d", i);
@ -1175,15 +1175,15 @@ _add_pin_related_objects(struct sc_pkcs11_slot *slot, struct sc_pkcs15_object *p
}
if (is_privkey(obj)) {
sc_log(context, "Slot:%p, obj:%p Adding private key %d to PIN '%s'", slot, obj, i, pin_obj->label);
sc_log(context, "Slot:%p, obj:%p Adding private key %d to PIN '%.*s'", slot, obj, i, (int) sizeof pin_obj->label, pin_obj->label);
pkcs15_add_object(slot, obj, NULL);
}
else if (is_data(obj)) {
sc_log(context, "Slot:%p Adding data object %d to PIN '%s'", slot, i, pin_obj->label);
sc_log(context, "Slot:%p Adding data object %d to PIN '%.*s'", slot, i, (int) sizeof pin_obj->label, pin_obj->label);
pkcs15_add_object(slot, obj, NULL);
}
else if (is_cert(obj)) {
sc_log(context, "Slot:%p Adding cert object %d to PIN '%s'", slot, i, pin_obj->label);
sc_log(context, "Slot:%p Adding cert object %d to PIN '%.*s'", slot, i, (int) sizeof pin_obj->label, pin_obj->label);
pkcs15_add_object(slot, obj, NULL);
}
else {
@ -1233,7 +1233,7 @@ _add_public_objects(struct sc_pkcs11_slot *slot, struct pkcs15_fw_data *fw_data,
if (obj->p15_object->auth_id.len && !(is_pubkey(obj) || is_cert(obj)))
continue;
sc_log(context, "Add public object(%p,%s,%x)", obj, obj->p15_object->label, obj->p15_object->type);
sc_log(context, "Add public object(%p,%.*s,%x)", obj, (int) sizeof obj->p15_object->label, obj->p15_object->label, obj->p15_object->type);
pkcs15_add_object(slot, obj, NULL);
if (move_to_fw && move_to_fw != fw_data && move_to_fw->num_objects < MAX_OBJECTS) {
@ -1306,7 +1306,7 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
/* Check if a slot could be created with this PIN */
if (!_is_slot_auth_object(pin_info))
continue;
sc_log(context, "Found authentication object '%s'", auths[i]->label);
sc_log(context, "Found authentication object '%.*s'", (int) sizeof auths[i]->label, auths[i]->label);
rv = pkcs15_create_slot(p11card, fw_data, auths[i], app_info, &islot);
if (rv != CKR_OK)
@ -1337,13 +1337,13 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
sc_log(context, "User/Sign PINs %p/%p", auth_user_pin, auth_sign_pin);
if (fauo && auth_user_pin && !memcmp(fauo->data, auth_user_pin->data, sizeof(struct sc_pkcs15_auth_info))) {
/* Add objects from the non-first application to the FW data of the first slot */
sc_log(context, "Add objects to existing slot created for PIN '%s'", fauo->label);
sc_log(context, "Add objects to existing slot created for PIN '%.*s'", (int) sizeof fauo->label, fauo->label);
_add_pin_related_objects(*first_slot, fauo, fw_data, ffda);
slot = *first_slot;
}
else if (auth_user_pin) {
/* For the UserPIN of the first slot create slot */
sc_log(context, "Create slot for User PIN '%s'", auth_user_pin->label);
sc_log(context, "Create slot for User PIN '%.*s'", (int) sizeof auth_user_pin->label, auth_user_pin->label);
rv = pkcs15_create_slot(p11card, fw_data, auth_user_pin, app_info, &slot);
if (rv != CKR_OK)
return CKR_OK; /* no more slots available for this card */
@ -1355,7 +1355,7 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
if (auth_sign_pin && auth_user_pin) {
struct sc_pkcs11_slot *sign_slot = NULL;
sc_log(context, "Create slot for Sign PIN '%s'", auth_sign_pin->label);
sc_log(context, "Create slot for Sign PIN '%.*s'", (int) sizeof auth_sign_pin->label, auth_sign_pin->label);
rv = pkcs15_create_slot(p11card, fw_data, auth_sign_pin, app_info, &sign_slot);
if (rv != CKR_OK)
return CKR_OK; /* no more slots available for this card */
@ -1641,7 +1641,7 @@ pkcs15_change_pin(struct sc_pkcs11_slot *slot,
if (!auth_info)
return CKR_USER_PIN_NOT_INITIALIZED;
sc_log(context, "Change '%s' (ref:%i,type:%i)", pin_obj->label, auth_info->attrs.pin.reference, login_user);
sc_log(context, "Change '%.*s' (ref:%i,type:%i)", (int) sizeof pin_obj->label, pin_obj->label, auth_info->attrs.pin.reference, login_user);
if (p11card->card->reader->capabilities & SC_READER_CAP_PIN_PAD) {
/* pPin should be NULL in case of a pin pad reader, but
* some apps (e.g. older Netscapes) don't know about it.
@ -3151,7 +3151,7 @@ pkcs15_cert_get_attribute(struct sc_pkcs11_session *session, void *object, CK_AT
*(CK_BBOOL*)attr->pValue = FALSE;
break;
case CKA_LABEL:
len = strlen(cert->cert_p15obj->label);
len = strnlen(cert->cert_p15obj->label, sizeof cert->cert_p15obj->label);
check_attribute_buffer(attr, len);
memcpy(attr->pValue, cert->cert_p15obj->label, len);
break;
@ -3420,7 +3420,7 @@ pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session,
*(CK_BBOOL*)attr->pValue = FALSE;
break;
case CKA_LABEL:
len = strlen(prkey->prv_p15obj->label);
len = strnlen(prkey->prv_p15obj->label, sizeof prkey->prv_p15obj->label);
check_attribute_buffer(attr, len);
memcpy(attr->pValue, prkey->prv_p15obj->label, len);
break;
@ -3904,12 +3904,12 @@ pkcs15_pubkey_get_attribute(struct sc_pkcs11_session *session, void *object, CK_
break;
case CKA_LABEL:
if (pubkey->pub_p15obj) {
len = strlen(pubkey->pub_p15obj->label);
len = strnlen(pubkey->pub_p15obj->label, sizeof pubkey->pub_p15obj->label);
check_attribute_buffer(attr, len);
memcpy(attr->pValue, pubkey->pub_p15obj->label, len);
}
else if (cert && cert->cert_p15obj) {
len = strlen(cert->cert_p15obj->label);
len = strnlen(cert->cert_p15obj->label, sizeof cert->cert_p15obj->label);
check_attribute_buffer(attr, len);
memcpy(attr->pValue, cert->cert_p15obj->label, len);
}
@ -4127,7 +4127,7 @@ pkcs15_dobj_get_attribute(struct sc_pkcs11_session *session, void *object, CK_AT
*(CK_BBOOL*)attr->pValue = (dobj->base.p15_object->flags & 0x02) != 0;
break;
case CKA_LABEL:
len = strlen(dobj->base.p15_object->label);
len = strnlen(dobj->base.p15_object->label, sizeof dobj->base.p15_object->label);
check_attribute_buffer(attr, len);
memcpy(attr->pValue, dobj->base.p15_object->label, len);
break;
@ -4262,7 +4262,7 @@ pkcs15_skey_get_attribute(struct sc_pkcs11_session *session,
/*TODO Why no definition of the flag */
break;
case CKA_LABEL:
len = strlen(skey->base.p15_object->label);
len = strnlen(skey->base.p15_object->label, sizeof skey->base.p15_object->label);
check_attribute_buffer(attr, len);
memcpy(attr->pValue, skey->base.p15_object->label, len);
break;

14
src/pkcs15init/pkcs15-lib.c
View File

@ -809,7 +809,7 @@ sc_pkcs15init_add_app(struct sc_card *card, struct sc_profile *profile,
* For this, create a 'virtual' AUTH object 'SO PIN', accessible by the card specific part,
* but not yet written into the on-card PKCS#15.
*/
sc_log(ctx, "Add virtual SO_PIN('%s',flags:%X,reference:%i,path:'%s')", pin_obj->label,
sc_log(ctx, "Add virtual SO_PIN('%.*s',flags:%X,reference:%i,path:'%s')", (int) sizeof pin_obj->label, pin_obj->label,
pin_attrs->flags, pin_attrs->reference, sc_print_path(&pin_ainfo.path));
r = sc_pkcs15_add_object(p15card, pin_obj);
LOG_TEST_RET(ctx, r, "Failed to add 'SOPIN' AUTH object");
@ -1005,7 +1005,7 @@ sc_pkcs15init_store_pin(struct sc_pkcs15_card *p15card, struct sc_profile *profi
auth_info->auth_id = args->auth_id;
/* Now store the PINs */
sc_log(ctx, "Store PIN(%s,authID:%s)", pin_obj->label, sc_pkcs15_print_id(&auth_info->auth_id));
sc_log(ctx, "Store PIN(%.*s,authID:%s)", (int) sizeof pin_obj->label, pin_obj->label, sc_pkcs15_print_id(&auth_info->auth_id));
r = sc_pkcs15init_create_pin(p15card, profile, pin_obj, args);
if (r < 0)
sc_pkcs15_free_object(pin_obj);
@ -1676,7 +1676,7 @@ sc_pkcs15init_store_certificate(struct sc_pkcs15_card *p15card,
cert_info->path = existing_path;
}
sc_log(ctx, "Store cert(%s,ID:%s,der(%p,%i))", object->label,
sc_log(ctx, "Store cert(%.*s,ID:%s,der(%p,%i))", (int) sizeof object->label, object->label,
sc_pkcs15_print_id(&cert_info->id), args->der_encoded.value, args->der_encoded.len);
if (!profile->pkcs15.direct_certificates)
@ -1825,8 +1825,8 @@ sc_pkcs15init_get_pin_reference(struct sc_pkcs15_card *p15card,
struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *)auth_objs[ii]->data;
struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin;
sc_log(ctx, "check PIN(%s,auth_method:%i,type:%i,reference:%i,flags:%X)",
auth_objs[ii]->label, auth_info->auth_method, pin_attrs->type,
sc_log(ctx, "check PIN(%.*s,auth_method:%i,type:%i,reference:%i,flags:%X)",
(int) sizeof auth_objs[ii]->label, auth_objs[ii]->label, auth_info->auth_method, pin_attrs->type,
pin_attrs->reference, pin_attrs->flags);
/* Find out if there is AUTH pkcs15 object with given 'type' and 'reference' */
if (auth_info->auth_method == auth_method && pin_attrs->reference == reference)
@ -3305,11 +3305,11 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
if (!r && pin_obj) {
memcpy(&auth_info, pin_obj->data, sizeof(auth_info));
sc_log(ctx, "found PIN object '%s'", pin_obj->label);
sc_log(ctx, "found PIN object '%.*s'", (int) sizeof pin_obj->label, pin_obj->label);
}
if (pin_obj) {
sc_log(ctx, "PIN object '%s'; pin_obj->content.len:%i", pin_obj->label, pin_obj->content.len);
sc_log(ctx, "PIN object '%.*s'; pin_obj->content.len:%i", (int) sizeof pin_obj->label, pin_obj->label, pin_obj->content.len);
if (pin_obj->content.value && pin_obj->content.len) {
if (pin_obj->content.len > pinsize)
LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "PIN buffer is too small");

6
src/pkcs15init/pkcs15-oberthur.c
View File

@ -436,7 +436,7 @@ cosm_create_pin(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
pin_attrs = &auth_info->attrs.pin;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "create '%s'; ref 0x%X; flags %X", pin_obj->label, pin_attrs->reference, pin_attrs->flags);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "create '%.*s'; ref 0x%X; flags %X", (int) sizeof pin_obj->label, pin_obj->label, pin_attrs->reference, pin_attrs->flags);
if (sc_profile_get_file(profile, COSM_TITLE "-AppDF", &pin_file) < 0)
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCONSISTENT_PROFILE, "\""COSM_TITLE"-AppDF\" not defined");
@ -794,11 +794,11 @@ cosm_emu_update_any_df(struct sc_profile *profile, struct sc_pkcs15_card *p15car
SC_FUNC_CALLED(ctx, 1);
switch(op) {
case SC_AC_OP_ERASE:
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; erase object('%s',type:%X)", object->label, object->type);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; erase object('%.*s',type:%X)", (int) sizeof object->label, object->label, object->type);
rv = awp_update_df_delete(p15card, profile, object);
break;
case SC_AC_OP_CREATE:
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; create object('%s',type:%X)", object->label, object->type);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Update DF; create object('%.*s',type:%X)", (int) sizeof object->label, object->label, object->type);
rv = awp_update_df_create(p15card, profile, object);
break;
}

4
src/pkcs15init/pkcs15-sc-hsm.c
View File

@ -260,8 +260,8 @@ static int sc_hsm_generate_key(struct sc_profile *profile, struct sc_pkcs15_card
memset(&cvc, 0, sizeof(cvc));
strcpy(cvc.car, "UTCA00001");
strcpy(cvc.chr, "UTTM00001");
strlcpy(cvc.car, "UTCA00001", sizeof cvc.car);
strlcpy(cvc.chr, "UTTM00001", sizeof cvc.chr);
switch(object->type) {
case SC_PKCS15_TYPE_PRKEY_RSA:

4
src/tests/pintest.c
View File

@ -60,11 +60,11 @@ static int ask_and_verify_pin(struct sc_pkcs15_object *pin_obj)
u8 *pass;
if (pin_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {
printf("Skipping unblocking pin [%s]\n", pin_obj->label);
printf("Skipping unblocking pin [%.*s]\n", (int) sizeof pin_obj->label, pin_obj->label);
return 0;
}
sprintf(prompt, "Please enter PIN code [%s]: ", pin_obj->label);
sprintf(prompt, "Please enter PIN code [%.*s]: ", (int) sizeof pin_obj->label, pin_obj->label);
pass = (u8 *) getpass(prompt);
if (SC_SUCCESS != sc_lock(card))

2
src/tests/print.c
View File

@ -260,7 +260,7 @@ void sc_test_print_object(const struct sc_pkcs15_object *obj)
printf("%s", kind);
if (obj->label[0])
printf(" [%s]\n", obj->label);
printf(" [%.*s]\n", (int) sizeof obj->label, obj->label);
else
printf(" (no label)\n");
printf("\tCom. Flags : ");

2
src/tools/pkcs15-crypt.c
View File

@ -140,7 +140,7 @@ static char * get_pin(struct sc_pkcs15_object *obj)
return strdup(opt_pincode);
}
sprintf(buf, "Enter PIN [%s]: ", obj->label);
sprintf(buf, "Enter PIN [%.*s]: ", (int) sizeof obj->label, obj->label);
while (1) {
pincode = getpass(buf);
if (strlen(pincode) == 0)

4
src/tools/pkcs15-init.c
View File

@ -1015,7 +1015,7 @@ is_cacert_already_present(struct sc_pkcs15init_certargs *args)
if (!cinfo->authority)
continue;
if (strcmp(args->label, objs[i]->label))
if (strncmp(args->label, objs[i]->label, sizeof objs[i]->label))
continue;
/* XXX we should also match the usage field here */
@ -2852,7 +2852,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
if (opt_no_prompt)
return SC_ERROR_OBJECT_NOT_FOUND;
if (0 < strnlen(pin_obj->label, sizeof pin_obj->label))
if (pin_obj->label[0])
snprintf(pin_label, sizeof(pin_label), "User PIN [%s]", pin_obj->label);
else
snprintf(pin_label, sizeof(pin_label), "User PIN");

34
src/tools/pkcs15-tool.c
View File

@ -233,7 +233,7 @@ static void print_cert_info(const struct sc_pkcs15_object *obj)
struct sc_pkcs15_cert *cert_parsed = NULL;
int rv;
printf("X.509 Certificate [%s]\n", obj->label);
printf("X.509 Certificate [%.*s]\n", (int) sizeof obj->label, obj->label);
print_common_flags(obj);
printf("\tAuthority : %s\n", cert_info->authority ? "yes" : "no");
printf("\tPath : %s\n", sc_print_path(&cert_info->path));
@ -435,7 +435,7 @@ static int read_data_object(void)
continue;
}
else {
if (strcmp(opt_data, cinfo->app_label) && strcmp(opt_data, objs[i]->label))
if (strcmp(opt_data, cinfo->app_label) && strncmp(opt_data, objs[i]->label, sizeof objs[i]->label))
continue;
}
@ -477,8 +477,8 @@ static int list_data_objects(void)
int idx;
struct sc_pkcs15_data_info *cinfo = (struct sc_pkcs15_data_info *) objs[i]->data;
if (0 < strnlen(objs[i]->label, sizeof objs[i]->label))
printf("Data object '%s'\n", objs[i]->label);
if (objs[i]->label[0] != '\0')
printf("Data object '%.*s'\n",(int) sizeof objs[i]->label, objs[i]->label);
else
printf("Data object <%i>\n", i);
printf("\tapplicationName: %s\n", cinfo->app_label);
@ -527,7 +527,7 @@ static void print_prkey_info(const struct sc_pkcs15_object *obj)
unsigned char guid[40];
size_t guid_len;
printf("Private %s Key [%s]\n", types[7 & obj->type], obj->label);
printf("Private %s Key [%.*s]\n", types[7 & obj->type], (int) sizeof obj->label, obj->label);
print_common_flags(obj);
printf("\tUsage : [0x%X]", prkey->usage);
for (i = 0; i < usage_count; i++)
@ -611,7 +611,7 @@ static void print_pubkey_info(const struct sc_pkcs15_object *obj)
const unsigned int af_count = NELEMENTS(access_flags);
int have_path = (pubkey->path.len != 0) || (pubkey->path.aid.len != 0);
printf("Public %s Key [%s]\n", types[7 & obj->type], obj->label);
printf("Public %s Key [%.*s]\n", types[7 & obj->type], (int) sizeof obj->label, obj->label);
print_common_flags(obj);
printf("\tUsage : [0x%X]", pubkey->usage);
for (i = 0; i < usage_count; i++)
@ -755,7 +755,7 @@ static void print_skey_info(const struct sc_pkcs15_object *obj)
unsigned char guid[40];
size_t guid_len;
printf("Secret %s Key [%s]\n", types[3 & obj->type], obj->label);
printf("Secret %s Key [%.*s]\n", types[3 & obj->type], (int) sizeof obj->label, obj->label);
print_common_flags(obj);
printf("\tUsage : [0x%X]", skey->usage);
for (i = 0; i < usage_count; i++)
@ -822,8 +822,8 @@ static void print_ssh_key(FILE *outf, const char * alg, struct sc_pkcs15_object
fprintf(outf,"---- BEGIN SSH2 PUBLIC KEY ----\n");
if (strnlen(obj->label, sizeof obj->label))
fprintf(outf,"Comment: \"%.*s\"\n", sizeof obj->label, obj->label);
if (obj->label[0] != '\0')
fprintf(outf,"Comment: \"%.*s\"\n", (int) sizeof obj->label, obj->label);
fprintf(outf,"%s", uu);
fprintf(outf,"---- END SSH2 PUBLIC KEY ----\n");
@ -834,8 +834,8 @@ static void print_ssh_key(FILE *outf, const char * alg, struct sc_pkcs15_object
if (r < 0)
return;
if (strnlen(obj->label, sizeof obj->label))
fprintf(outf,"ssh-%s %s %.*s\n", alg, uu, sizeof obj->label, obj->label);
if (obj->label[0] != '\0')
fprintf(outf,"ssh-%s %s %.*s\n", alg, uu, (int) sizeof obj->label, obj->label);
else
fprintf(outf,"ssh-%s %s\n", alg, uu);
}
@ -1107,11 +1107,11 @@ static u8 * get_pin(const char *prompt, sc_pkcs15_object_t *pin_obj)
if (opt_no_prompt) {
// defer entry of the PIN to the readers pinpad.
if (verbose)
printf("%s [%s]: entry deferred to the reader keypad\n", prompt, pin_obj->label);
printf("%s [%.*s]: entry deferred to the reader keypad\n", prompt, (int) sizeof pin_obj->label, pin_obj->label);
return NULL;
}
printf("%s [%s]: ", prompt, pin_obj->label);
printf("%s [%.*s]: ", prompt, (int) sizeof pin_obj->label, pin_obj->label);
if (pinfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
return NULL;
@ -1230,9 +1230,9 @@ static void print_pin_info(const struct sc_pkcs15_object *obj)
size_t i;
if (obj->type == SC_PKCS15_TYPE_AUTH_PIN)
printf("PIN [%s]\n", obj->label);
printf("PIN [%.*s]\n", (int) sizeof obj->label, obj->label);
else if (obj->type == SC_PKCS15_TYPE_AUTH_AUTHKEY)
printf("AuthKey [%s]\n", obj->label);
printf("AuthKey [%.*s]\n", (int) sizeof obj->label, obj->label);
print_common_flags(obj);
if (obj->auth_id.len)
@ -1297,7 +1297,7 @@ static int list_apps(FILE *fout)
for (i=0; i<p15card->card->app_count; i++) {
struct sc_app_info *info = p15card->card->app[i];
fprintf(fout, "Application '%s':\n", info->label);
fprintf(fout, "Application '%.*s':\n", (int) sizeof info->label, info->label);
fprintf(fout, "\tAID: ");
for(j=0;j<info->aid.len;j++)
fprintf(fout, "%02X", info->aid.value[j]);
@ -1671,7 +1671,7 @@ static int learn_card(void)
sc_path_t tpath;
struct sc_pkcs15_cert_info *cinfo = (struct sc_pkcs15_cert_info *) certs[i]->data;
printf("[%s]\n", certs[i]->label);
printf("[%.*s]\n", (int) sizeof certs[i]->label, certs[i]->label);
memset(&tpath, 0, sizeof(tpath));
tpath = cinfo->path;