giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pkcs15-oberthur: fix memory leakage

This commit is contained in:
Viktor Tarasov 2015-05-07 22:33:39 +02:00
parent ac84d282b1
commit d636338eaf
1 changed files with 39 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
src/pkcs15init/pkcs15-oberthur-awp.c
View File

@ -279,7 +279,10 @@ awp_create_container_record (struct sc_pkcs15_card *p15card, struct sc_profile *
memset(buff, 0, list_file->record_length);
rv = awp_new_container_entry(p15card, buff, list_file->record_length);
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot create container");
if (rv < 0) {
free(buff);
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot create container");
}
*(buff + 0) = (acc->pubkey_id >> 8) & 0xFF;
*(buff + 1) = acc->pubkey_id & 0xFF;
@ -289,7 +292,6 @@ awp_create_container_record (struct sc_pkcs15_card *p15card, struct sc_profile *
*(buff + 5) = acc->cert_id & 0xFF;
rv = sc_select_file(p15card->card, &list_file->path, NULL);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "rv:%i", rv);
if (rv == SC_ERROR_FILE_NOT_FOUND)
rv = sc_pkcs15init_create_file(profile, p15card, list_file);
@ -297,10 +299,6 @@ awp_create_container_record (struct sc_pkcs15_card *p15card, struct sc_profile *
rv = sc_append_record(p15card->card, buff, list_file->record_length, SC_RECORD_BY_REC_NR);
free(buff);
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "return after failure");
rv = 0;
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
}
@ -358,14 +356,15 @@ awp_update_container_entry (struct sc_pkcs15_card *p15card, struct sc_profile *p
if (rec > list_file->record_count) {
rv = awp_new_container_entry(p15card, buff, list_file->record_length);
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot create container");
}
else {
rv = sc_select_file(p15card->card, &list_file->path, NULL);
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot select list_file");
rv = sc_read_record(p15card->card, rec, buff, list_file->record_length, SC_RECORD_BY_REC_NR);
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot read record");
if (!rv)
rv = sc_read_record(p15card->card, rec, buff, list_file->record_length, SC_RECORD_BY_REC_NR);
}
if (rv < 0) {
free(buff);
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
}
switch (type) {
@ -390,7 +389,8 @@ awp_update_container_entry (struct sc_pkcs15_card *p15card, struct sc_profile *p
*(buff + offs + 5) = file_id & 0xFF;
break;
default:
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCORRECT_PARAMETERS, "invalid object type");
free(buff);
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INCORRECT_PARAMETERS);
}
if (rec > list_file->record_count) {
@ -403,14 +403,9 @@ awp_update_container_entry (struct sc_pkcs15_card *p15card, struct sc_profile *p
}
else {
rv = sc_update_record(p15card->card, rec, buff, list_file->record_length, SC_RECORD_BY_REC_NR);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "rv:%i", rv);
}
free(buff);
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "return after failure");
rv = 0;
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
}
@ -443,17 +438,14 @@ awp_update_container(struct sc_pkcs15_card *p15card, struct sc_profile *profile,
rv = awp_new_file(p15card, profile, COSM_CONTAINER_LIST, 0, &clist, NULL);
if (rv)
goto done;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "contaner cfile(rcount:%i,rlength:%i)", clist->record_count, clist->record_length);
rv = sc_select_file(p15card->card, &clist->path, &file);
if (rv)
goto done;
file->record_length = clist->record_length;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "contaner file(rcount:%i,rlength:%i)", file->record_count, file->record_length);
if (type == SC_PKCS15_TYPE_PRKEY_RSA || type == COSM_TYPE_PRKEY_RSA) {
rec_offs = 0;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Append new record %i for private key", file->record_count + 1);
rv = awp_update_container_entry(p15card, profile, file, type, obj_id, file->record_count + 1, rec_offs);
goto done;
}
@ -490,46 +482,45 @@ awp_update_container(struct sc_pkcs15_card *p15card, struct sc_profile *profile,
struct sc_path path = private_path;
struct sc_file *ff = NULL;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "container contains PrKey %02X%02X", *(list + offs + 2), *(list + offs + 3));
path.value[path.len - 2] = *(list + offs + 2) | 0x01;
path.value[path.len - 1] = *(list + offs + 3);
rv = sc_select_file(p15card->card, &path, &ff);
if (rv)
continue;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "file id %X; size %i", ff->id, ff->size);
buff = malloc(ff->size);
if (!buff) {
rv = SC_ERROR_OUT_OF_MEMORY;
break;
}
rv = sc_pkcs15init_authenticate(profile, p15card, ff, SC_AC_OP_READ);
if (rv) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "sc_pkcs15init_authenticate(READ) failed");
sc_file_free(ff);
break;
}
rv = sc_read_binary(p15card->card, 0, buff, ff->size, 0);
if ((unsigned)rv == ff->size) {
rv = 0;
id_offs = 5 + *(buff+3);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "rec %i; id offset %i",rec, id_offs);
if (key_id->len == *(buff + id_offs) &&
!memcmp(key_id->value, buff + id_offs + 1, key_id->len)) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "found key file friend");
if (!rv)
rv = awp_update_container_entry(p15card, profile, file, type, obj_id, rec + 1, rec_offs);
buff = malloc(ff->size);
if (!buff)
rv = SC_ERROR_OUT_OF_MEMORY;
if (rv >= 0 && prkey_id) {
*prkey_id = *(list + offs + 2) * 0x100 + *(list + offs + 3);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "*prkey_id 0x%X", *prkey_id);
if (!rv) {
rv = sc_read_binary(p15card->card, 0, buff, ff->size, 0);
if ((unsigned)rv == ff->size) {
rv = 0;
id_offs = 5 + *(buff+3);
if (key_id->len == *(buff + id_offs) &&
!memcmp(key_id->value, buff + id_offs + 1, key_id->len)) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "found key file friend");
if (!rv)
rv = awp_update_container_entry(p15card, profile, file, type, obj_id, rec + 1, rec_offs);
if (rv >= 0 && prkey_id)
*prkey_id = *(list + offs + 2) * 0x100 + *(list + offs + 3);
}
}
}
free(buff);
sc_file_free(ff);
if (rv)
break;
}
}
}
@ -568,16 +559,15 @@ awp_set_certificate_info (struct sc_pkcs15_card *p15card,
blob_size = 2;
if (!(blob = malloc(blob_size))) {
r = SC_ERROR_OUT_OF_MEMORY;
goto done;
goto done;
}
/* TODO: cert flags */
*blob = (COSM_TAG_CERT >> 8) & 0xFF;
*(blob + 1) = COSM_TAG_CERT & 0xFF;
if (ci->label.len
&& ci->label.len != strlen(default_cert_label)
&& memcmp(ci->label.value, default_cert_label, strlen(default_cert_label)))
if (ci->label.len && ci->label.len != strlen(default_cert_label)
&& memcmp(ci->label.value, default_cert_label, strlen(default_cert_label)))
r = awp_update_blob(ctx, &blob, &blob_size, &ci->label, TLV_TYPE_LLV);
else
r = awp_update_blob(ctx, &blob, &blob_size, &ci->cn, TLV_TYPE_LLV);
@ -586,11 +576,11 @@ awp_set_certificate_info (struct sc_pkcs15_card *p15card,
r = awp_update_blob(ctx, &blob, &blob_size, &ci->id, TLV_TYPE_LLV);
if (r)
goto done;
goto done;
r = awp_update_blob(ctx, &blob, &blob_size, &ci->subject, TLV_TYPE_LLV);
if (r)
goto done;
goto done;
if (ci->issuer.len != ci->subject.len ||
memcmp(ci->issuer.value, ci->subject.value, ci->subject.len)) {
@ -1088,8 +1078,7 @@ awp_encode_data_info(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *ob
if (di->app.len) {
di->app.value = (unsigned char *)strdup(data_info->app_label);
if (!di->app.value)
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY,
"AWP encode data failed: cannot allocate App.Label");
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY);
}
r = sc_asn1_encode_object_id(&buf, &buflen, &data_info->app_oid);