From f641ebd24829fbbb8d9a87c47eb21ee7141a7fa2 Mon Sep 17 00:00:00 2001 From: Viktor Tarasov Date: Sun, 29 Sep 2013 20:21:23 +0200 Subject: [PATCH] fixed errors reported by cppcheck: part 1 partially applied the pull request #182 from Frank Morgner -- updated the common frameworks source files --- src/common/libpkcs11.c | 4 +++- src/common/simclist.c | 3 ++- src/libopensc/asn1.c | 11 ++++++----- src/libopensc/pkcs15-algo.c | 12 ++++++++---- src/libopensc/pkcs15.c | 10 ++++++++-- src/libopensc/reader-ctapi.c | 5 ++++- src/minidriver/minidriver.c | 8 +++++--- src/pkcs11/framework-pkcs15.c | 1 + src/pkcs15init/pkcs15-lib.c | 4 +++- src/scconf/scconf.c | 7 ++++++- src/scconf/write.c | 6 ++++-- src/tests/base64.c | 19 +++++++++++-------- src/tools/opensc-tool.c | 9 ++++++++- src/tools/pkcs15-tool.c | 3 +++ src/tools/util.c | 2 +- 15 files changed, 73 insertions(+), 31 deletions(-) diff --git a/src/common/libpkcs11.c b/src/common/libpkcs11.c index 35933fef..f8c70a72 100644 --- a/src/common/libpkcs11.c +++ b/src/common/libpkcs11.c @@ -36,8 +36,10 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs) mod = calloc(1, sizeof(*mod)); mod->_magic = MAGIC; - if (mspec == NULL) + if (mspec == NULL) { + free(mod); return NULL; + } mod->handle = sc_dlopen(mspec); if (mod->handle == NULL) { fprintf(stderr, "sc_dlopen failed: %s\n", sc_dlerror()); diff --git a/src/common/simclist.c b/src/common/simclist.c index 96737568..15a66e23 100644 --- a/src/common/simclist.c +++ b/src/common/simclist.c @@ -178,6 +178,7 @@ static inline struct list_entry_s *list_findpos(const list_t *restrict l, int po #define READ_ERRCHECK(fd, msgbuf, msglen) do { \ if (read(fd, msgbuf, msglen) != msglen) { \ /*errno = EPROTO;*/ \ + free(buf); \ return -1; \ } \ } while (0); @@ -1199,7 +1200,7 @@ int list_dump_filedescriptor(const list_t *restrict l, int fd, size_t *restrict int list_restore_filedescriptor(list_t *restrict l, int fd, size_t *restrict len) { struct list_dump_header_s header; unsigned long cnt; - void *buf; + void *buf = NULL; uint32_t elsize, totreadlen, totmemorylen; memset(& header, 0, sizeof(header)); diff --git a/src/libopensc/asn1.c b/src/libopensc/asn1.c index 447045a0..29b515b7 100644 --- a/src/libopensc/asn1.c +++ b/src/libopensc/asn1.c @@ -209,7 +209,8 @@ static void sc_asn1_print_object_id(const u8 * buf, size_t buflen) { struct sc_object_id oid; int i = 0; - char sbuf[256]; + char tmp[12]; + char sbuf[(sizeof tmp)*SC_MAX_OBJECT_ID_OCTETS]; if (sc_asn1_decode_object_id(buf, buflen, &oid)) { printf("decode error"); @@ -218,7 +219,6 @@ static void sc_asn1_print_object_id(const u8 * buf, size_t buflen) sbuf[0] = 0; for (i = 0; (i < SC_MAX_OBJECT_ID_OCTETS) && (oid.value[i] != -1); i++) { - char tmp[12]; if (i) strcat(sbuf, "."); @@ -1016,7 +1016,7 @@ static int asn1_encode_se_info(sc_context_t *ctx, struct sc_pkcs15_sec_env_info **se, size_t se_num, unsigned char **buf, size_t *bufsize, int depth) { - unsigned char *ptr = NULL, *out = NULL; + unsigned char *ptr = NULL, *out = NULL, *p; size_t ptrlen = 0, outlen = 0, idx; int ret; @@ -1038,11 +1038,12 @@ static int asn1_encode_se_info(sc_context_t *ctx, if (ret != SC_SUCCESS) goto err; - out = (unsigned char *) realloc(out, outlen + ptrlen); - if (!out) { + p = (unsigned char *) realloc(out, outlen + ptrlen); + if (!p) { ret = SC_ERROR_OUT_OF_MEMORY; goto err; } + out = p; memcpy(out + outlen, ptr, ptrlen); outlen += ptrlen; free(ptr); diff --git a/src/libopensc/pkcs15-algo.c b/src/libopensc/pkcs15-algo.c index 9a9d93e4..6f43435f 100644 --- a/src/libopensc/pkcs15-algo.c +++ b/src/libopensc/pkcs15-algo.c @@ -281,14 +281,18 @@ asn1_decode_ec_params(sc_context_t *ctx, void **paramp, sc_format_asn1_entry(asn1_ec_params + 1, &curve, 0, 0); /* Some signature algorithms will not have any data */ - if (buflen == 0 || buf == NULL ) + if (buflen == 0 || buf == NULL) { + free(ecp); return 0; + } r = sc_asn1_decode_choice(ctx, asn1_ec_params, buf, buflen, NULL, NULL); /* r = index into asn1_ec_params */ -sc_debug(ctx, SC_LOG_DEBUG_ASN1, "DEE - asn1_decode_ec_params r=%d", r); - if (r < 0) + sc_debug(ctx, SC_LOG_DEBUG_ASN1, "DEE - asn1_decode_ec_params r=%d", r); + if (r < 0) { + free(ecp); return r; + } if (r <= 1) { ecp->der = malloc(buflen); @@ -297,7 +301,7 @@ sc_debug(ctx, SC_LOG_DEBUG_ASN1, "DEE - asn1_decode_ec_params r=%d", r); ecp->der_len = buflen; -sc_debug(ctx, SC_LOG_DEBUG_ASN1, "DEE - asn1_decode_ec_params paramp=%p %p:%d %d", + sc_debug(ctx, SC_LOG_DEBUG_ASN1, "DEE - asn1_decode_ec_params paramp=%p %p:%d %d", ecp, ecp->der, ecp->der_len, ecp->type); memcpy(ecp->der, buf, buflen); /* copy der parameters */ } else diff --git a/src/libopensc/pkcs15.c b/src/libopensc/pkcs15.c index 96238814..dbb5f667 100644 --- a/src/libopensc/pkcs15.c +++ b/src/libopensc/pkcs15.c @@ -1854,7 +1854,7 @@ int sc_pkcs15_encode_df(sc_context_t *ctx, struct sc_pkcs15_df *df, u8 **buf_out, size_t *bufsize_out) { - u8 *buf = NULL, *tmp = NULL; + u8 *buf = NULL, *tmp = NULL, *p; size_t bufsize = 0, tmpsize; const struct sc_pkcs15_object *obj; int (* func)(sc_context_t *, const struct sc_pkcs15_object *nobj, @@ -1897,7 +1897,13 @@ int sc_pkcs15_encode_df(sc_context_t *ctx, free(buf); return r; } - buf = (u8 *) realloc(buf, bufsize + tmpsize); + p = (u8 *) realloc(buf, bufsize + tmpsize); + if (!p) { + free(tmp); + free(buf); + return SC_ERROR_OUT_OF_MEMORY; + } + buf = p; memcpy(buf + bufsize, tmp, tmpsize); free(tmp); bufsize += tmpsize; diff --git a/src/libopensc/reader-ctapi.c b/src/libopensc/reader-ctapi.c index 7caea901..c85c560f 100644 --- a/src/libopensc/reader-ctapi.c +++ b/src/libopensc/reader-ctapi.c @@ -386,8 +386,11 @@ static int ctapi_load_module(sc_context_t *ctx, reader = calloc(1, sizeof(sc_reader_t)); priv = calloc(1, sizeof(struct ctapi_private_data)); - if (!priv) + if (!priv || !reader) { + free(reader); + free(priv); return SC_ERROR_OUT_OF_MEMORY; + } reader->drv_data = priv; reader->ops = &ctapi_ops; reader->driver = &ctapi_drv; diff --git a/src/minidriver/minidriver.c b/src/minidriver/minidriver.c index d35c7077..118f1dcf 100644 --- a/src/minidriver/minidriver.c +++ b/src/minidriver/minidriver.c @@ -774,7 +774,7 @@ static DWORD md_pkcs15_encode_cmapfile(PCARD_DATA pCardData, unsigned char **out, size_t *out_len) { VENDOR_SPECIFIC *vs; - unsigned char *encoded, *ret; + unsigned char *encoded, *ret, *p; size_t guid_len, encoded_len, flags_len, ret_len; int idx; @@ -814,11 +814,13 @@ md_pkcs15_encode_cmapfile(PCARD_DATA pCardData, unsigned char **out, size_t *out return SCARD_F_INTERNAL_ERROR; } - ret = realloc(ret, ret_len + encoded_len); - if (!ret) { + p = realloc(ret, ret_len + encoded_len); + if (!p) { logprintf(pCardData, 3, "MdEncodeCMapFile(): realloc failed\n"); + free(ret); return SCARD_E_NO_MEMORY; } + ret = p; memcpy(ret + ret_len, encoded, encoded_len); free(encoded); ret_len += encoded_len; diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c index 02fd6129..fdc8d142 100644 --- a/src/pkcs11/framework-pkcs15.c +++ b/src/pkcs11/framework-pkcs15.c @@ -2082,6 +2082,7 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile rv = CKR_OK; out: + free(key_obj); return rv; } diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c index 4523b4a6..b2f12b20 100644 --- a/src/pkcs15init/pkcs15-lib.c +++ b/src/pkcs15init/pkcs15-lib.c @@ -1520,8 +1520,10 @@ sc_pkcs15init_store_public_key(struct sc_pkcs15_card *p15card, /* FIXME: malloc() call in pkcs15init, but free() call * in libopensc (sc_pkcs15_free_prkey_info) */ key_info->params.data = malloc(key_info->params.len); - if (!key_info->params.data) + if (!key_info->params.data) { + /* FIXME free object with sc_pkcs15init_delete_object */ return SC_ERROR_OUT_OF_MEMORY; + } keyinfo_gostparams = key_info->params.data; keyinfo_gostparams->gostr3410 = keyargs->params.gost.gostr3410; keyinfo_gostparams->gostr3411 = keyargs->params.gost.gostr3411; diff --git a/src/scconf/scconf.c b/src/scconf/scconf.c index d24c7d77..402b6799 100644 --- a/src/scconf/scconf.c +++ b/src/scconf/scconf.c @@ -97,7 +97,12 @@ scconf_block **scconf_find_blocks(const scconf_context * config, const scconf_bl } size = 0; alloc_size = 10; - blocks = (scconf_block **) realloc(blocks, sizeof(scconf_block *) * alloc_size); + tmp = (scconf_block **) realloc(blocks, sizeof(scconf_block *) * alloc_size); + if (!tmp) { + free(blocks); + return NULL; + } + blocks = tmp; for (item = block->items; item; item = item->next) { if (item->type == SCCONF_ITEM_TYPE_BLOCK && diff --git a/src/scconf/write.c b/src/scconf/write.c index 9c963e54..7ef3a2d7 100644 --- a/src/scconf/write.c +++ b/src/scconf/write.c @@ -83,10 +83,12 @@ static char *scconf_list_get_string(scconf_list * list) } len = 0; alloc_len = 1024; - buffer = (char *) realloc(buffer, alloc_len); - if (!buffer) { + tmp = (char *) realloc(buffer, alloc_len); + if (!tmp) { + free(buffer); return strdup(""); } + buffer = tmp; memset(buffer, 0, alloc_len); while (list) { datalen = strlen(list->data); diff --git a/src/tests/base64.c b/src/tests/base64.c index 8b37722a..ec9583dc 100644 --- a/src/tests/base64.c +++ b/src/tests/base64.c @@ -7,34 +7,37 @@ int main(int argc, char *argv[]) { - int len; - FILE *inf; + int len, r = 1; + FILE *inf = NULL; u8 buf[8192]; u8 outbuf[8192]; if (argc != 2) { fprintf(stderr, "Usage: base64 \n"); - return 1; + goto err; } inf = fopen(argv[1], "r"); if (inf == NULL) { perror(argv[1]); - return 1; + goto err; } len = fread(buf, 1, sizeof(buf), inf); if (len < 0) { perror("fread"); - return 1; + goto err; } if (len == 8192) { fprintf(stderr, "Too long input file.\n"); - return 1; + goto err; } len = sc_base64_decode((const char *) buf, outbuf, sizeof(outbuf)); if (len < 0) { fprintf(stderr, "Base64 decoding failed: %s\n", sc_strerror(len)); - return 1; + goto err; } fwrite(outbuf, len, 1, stdout); - return 0; + r = 0; +err: + fclose(inf); + return r; } diff --git a/src/tools/opensc-tool.c b/src/tools/opensc-tool.c index 71721a8a..c1676988 100644 --- a/src/tools/opensc-tool.c +++ b/src/tools/opensc-tool.c @@ -656,6 +656,7 @@ int main(int argc, char * const argv[]) int action_count = 0; const char *opt_driver = NULL; const char *opt_conf_entry = NULL; + char **p; sc_context_param_t ctx_param; setbuf(stderr, NULL); @@ -695,8 +696,14 @@ int main(int argc, char * const argv[]) action_count++; break; case 's': - opt_apdus = (char **) realloc(opt_apdus, + p = (char **) realloc(opt_apdus, (opt_apdu_count + 1) * sizeof(char *)); + if (!p) { + fprintf(stderr, "Not enough memory\n"); + err = 1; + goto end; + } + opt_apdus = p; opt_apdus[opt_apdu_count] = optarg; do_send_apdu++; if (opt_apdu_count == 0) diff --git a/src/tools/pkcs15-tool.c b/src/tools/pkcs15-tool.c index e279b4b1..4102d630 100644 --- a/src/tools/pkcs15-tool.c +++ b/src/tools/pkcs15-tool.c @@ -1342,6 +1342,7 @@ static int unblock_pin(void) if (puk == NULL && verbose) printf("PUK value will be prompted with pinpad.\n"); + /* FIXME should OPENSSL_cleanse on pin/puk data */ pin = opt_pin ? opt_pin : opt_newpin; while (pin == NULL) { u8 *pin2; @@ -1369,6 +1370,7 @@ static int unblock_pin(void) r = sc_pkcs15_unblock_pin(p15card, pin_obj, puk, puk ? strlen((char *) puk) : 0, pin, pin ? strlen((char *) pin) : 0); + /* FIXME must free the puk somewhere */ if (r == SC_ERROR_PIN_CODE_INCORRECT) { fprintf(stderr, "PUK code incorrect; tries left: %d\n", pinfo->tries_left); return 3; @@ -1462,6 +1464,7 @@ static int change_pin(void) } if (verbose) printf("PIN code changed successfully.\n"); + /* FIXME must free the pincode somewhere */ return 0; } diff --git a/src/tools/util.c b/src/tools/util.c index df09ed6a..b8b83b08 100644 --- a/src/tools/util.c +++ b/src/tools/util.c @@ -275,7 +275,7 @@ void util_print_usage_and_die(const char *app_name, const struct option options[ const char * util_acl_to_str(const sc_acl_entry_t *e) { - static char line[80], buf[10]; + static char line[80], buf[20]; unsigned int acl; if (e == NULL)