|
|
dab6d7 |
diff -up ./src/coolkey/object.cpp.p15-coverity ./src/coolkey/object.cpp
|
|
|
dab6d7 |
--- ./src/coolkey/object.cpp.p15-coverity 2015-07-06 18:02:34.604191118 -0700
|
|
|
dab6d7 |
+++ ./src/coolkey/object.cpp 2015-07-06 19:06:04.432062377 -0700
|
|
|
dab6d7 |
@@ -1558,7 +1558,7 @@ unsigned long GetBits(const CKYByte *ent
|
|
|
dab6d7 |
/* turn the flags into an int */
|
|
|
dab6d7 |
for (i=0; i < entrySize; i++) {
|
|
|
dab6d7 |
CKYByte c = rev[entry[i]];
|
|
|
dab6d7 |
- bits = bits | (c << i*8);
|
|
|
dab6d7 |
+ bits = bits | (((unsigned long)c) << (i*8));
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
return bits | bitFlag;
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
@@ -1585,8 +1585,8 @@ CKYStatus PK15ObjectPath::setObjectPath(
|
|
|
dab6d7 |
if (entry == NULL) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
tagSize = entry - current;
|
|
|
dab6d7 |
current += entrySize + tagSize;
|
|
|
dab6d7 |
+ if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
size -= (entrySize +tagSize);
|
|
|
dab6d7 |
- if (size < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
status = CKYBuffer_Replace(&path, 0, entry, entrySize);
|
|
|
dab6d7 |
if (status != CKYSUCCESS) {
|
|
|
dab6d7 |
return status;
|
|
|
dab6d7 |
@@ -1598,8 +1598,8 @@ CKYStatus PK15ObjectPath::setObjectPath(
|
|
|
dab6d7 |
if (entry == NULL) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
tagSize = entry - current;
|
|
|
dab6d7 |
current += entrySize + tagSize;
|
|
|
dab6d7 |
+ if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
size -= (entrySize +tagSize);
|
|
|
dab6d7 |
- if (size < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
if (entrySize > 5) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
for (index = 0, i=0; i < entrySize; i++) {
|
|
|
dab6d7 |
index = (index << 8) + (unsigned int) entry[i];
|
|
|
dab6d7 |
@@ -1612,8 +1612,8 @@ CKYStatus PK15ObjectPath::setObjectPath(
|
|
|
dab6d7 |
if (entry == NULL) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
tagSize = entry - current;
|
|
|
dab6d7 |
current += entrySize + tagSize;
|
|
|
dab6d7 |
+ if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
size -= (entrySize +tagSize);
|
|
|
dab6d7 |
- if (size < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
if (entrySize > 5) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
for (length = 0, i=0; i < entrySize; i++) {
|
|
|
dab6d7 |
length = (length << 8) + (unsigned int) entry[i];
|
|
|
dab6d7 |
@@ -1741,8 +1741,8 @@ set_key_type:
|
|
|
dab6d7 |
/* point current to the next section (cass attributes) */
|
|
|
dab6d7 |
tagSize = commonAttributes - current;
|
|
|
dab6d7 |
current += commonSize + tagSize;
|
|
|
dab6d7 |
+ if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
currentSize -= (commonSize +tagSize);
|
|
|
dab6d7 |
- if (currentSize < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
|
|
|
dab6d7 |
/* get the CKA_LABEL */
|
|
|
dab6d7 |
if (commonAttributes[0] != ASN1_UTF8_STRING) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
@@ -1835,8 +1835,8 @@ PK15Object::completeCertObject(const CKY
|
|
|
dab6d7 |
/* point current to the next section (type attributes) */
|
|
|
dab6d7 |
tagSize = commonCertAttributes - current;
|
|
|
dab6d7 |
current += commonSize + tagSize;
|
|
|
dab6d7 |
+ if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
currentSize -= (commonSize +tagSize);
|
|
|
dab6d7 |
- if (currentSize < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
|
|
|
dab6d7 |
/* get the id */
|
|
|
dab6d7 |
if (commonCertAttributes[0] != ASN1_OCTET_STRING) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
@@ -1907,8 +1907,8 @@ PK15Object::completeAuthObject(const CKY
|
|
|
dab6d7 |
if (commonAuthAttributes == NULL) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
tagSize = commonAuthAttributes - current;
|
|
|
dab6d7 |
current += commonSize + tagSize;
|
|
|
dab6d7 |
+ if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
currentSize -= (commonSize + tagSize);
|
|
|
dab6d7 |
- if (currentSize < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
if (commonAuthAttributes[0] != ASN1_OCTET_STRING) {
|
|
|
dab6d7 |
return CKYINVALIDDATA;
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
@@ -1930,8 +1930,8 @@ PK15Object::completeAuthObject(const CKY
|
|
|
dab6d7 |
if (commonAuthAttributes == NULL) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
tagSize = commonAuthAttributes - current;
|
|
|
dab6d7 |
current += commonSize + tagSize;
|
|
|
dab6d7 |
- currentSize -= (commonSize +tagSize);
|
|
|
dab6d7 |
- if (currentSize < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ currentSize -= (commonSize + tagSize);
|
|
|
dab6d7 |
/*
|
|
|
dab6d7 |
* parse the Pin Auth Attributes
|
|
|
dab6d7 |
* pinFlags BIT_STRING
|
|
|
dab6d7 |
@@ -2093,8 +2093,8 @@ PK15Object::completeKeyObject(const CKYB
|
|
|
dab6d7 |
/* point current to the next section (sublcass attributes) */
|
|
|
dab6d7 |
tagSize = commonKeyAttributes - current;
|
|
|
dab6d7 |
current += commonSize + tagSize;
|
|
|
dab6d7 |
- currentSize -= (commonSize +tagSize);
|
|
|
dab6d7 |
- if (currentSize < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ currentSize -= (commonSize + tagSize);
|
|
|
dab6d7 |
|
|
|
dab6d7 |
/* get the id */
|
|
|
dab6d7 |
if (commonKeyAttributes[0] != ASN1_OCTET_STRING) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
@@ -2263,8 +2263,8 @@ CKYStatus PK15Object::completePrivKeyObj
|
|
|
dab6d7 |
/* point current to the next section (type attributes) */
|
|
|
dab6d7 |
tagSize = commonPrivKeyAttributes - current;
|
|
|
dab6d7 |
current += commonSize + tagSize;
|
|
|
dab6d7 |
+ if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
currentSize -= (commonSize +tagSize);
|
|
|
dab6d7 |
- if (currentSize < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
|
|
|
dab6d7 |
/* subjectName */
|
|
|
dab6d7 |
if (commonPrivKeyAttributes[0] == ASN1_SEQUENCE) {
|
|
|
dab6d7 |
@@ -2385,8 +2385,8 @@ PK15Object::completePubKeyObject(const C
|
|
|
dab6d7 |
/* point current to the next section (type attributes) */
|
|
|
dab6d7 |
tagSize = commonPubKeyAttributes - current;
|
|
|
dab6d7 |
current += commonSize + tagSize;
|
|
|
dab6d7 |
- currentSize -= (commonSize +tagSize);
|
|
|
dab6d7 |
- if (currentSize < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ currentSize -= (commonSize + tagSize);
|
|
|
dab6d7 |
|
|
|
dab6d7 |
/* subjectName */
|
|
|
dab6d7 |
if (commonPubKeyAttributes[0] == ASN1_SEQUENCE) {
|
|
|
dab6d7 |
@@ -2535,8 +2535,8 @@ PK15Object::completeRawPublicKey(const C
|
|
|
dab6d7 |
if (entry == NULL) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
tagSize = entry - current;
|
|
|
dab6d7 |
current += entrySize + tagSize;
|
|
|
dab6d7 |
+ if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
size -= (entrySize +tagSize);
|
|
|
dab6d7 |
- if (size < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
if ((entry[0] == 0) && (entrySize > 1)) {
|
|
|
dab6d7 |
entry++; entrySize--;
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
@@ -2548,8 +2548,8 @@ PK15Object::completeRawPublicKey(const C
|
|
|
dab6d7 |
if (entry == NULL) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
tagSize = entry - current;
|
|
|
dab6d7 |
current += entrySize + tagSize;
|
|
|
dab6d7 |
- size -= (entrySize +tagSize);
|
|
|
dab6d7 |
- if (size < 0) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
|
|
|
dab6d7 |
+ size -= (entrySize + tagSize);
|
|
|
dab6d7 |
if ((entry[0] == 0) && (entrySize > 1)) {
|
|
|
dab6d7 |
entry++; entrySize--;
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
@@ -2682,11 +2682,11 @@ DEREncodedTokenInfo::DEREncodedTokenInfo
|
|
|
dab6d7 |
if (entry == NULL) return;
|
|
|
dab6d7 |
tagSize = entry - current;
|
|
|
dab6d7 |
current += tagSize + entrySize;
|
|
|
dab6d7 |
+ if (size < tagSize + entrySize) return;
|
|
|
dab6d7 |
size -= tagSize + entrySize;
|
|
|
dab6d7 |
if (entrySize < 1) {
|
|
|
dab6d7 |
version = *entry;
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
- if (size < 0) return;
|
|
|
dab6d7 |
|
|
|
dab6d7 |
/* get the serial number */
|
|
|
dab6d7 |
if (current[0] != ASN1_OCTET_STRING) { return ; }
|
|
|
dab6d7 |
@@ -2729,6 +2729,8 @@ DEREncodedTokenInfo::DEREncodedTokenInfo
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
|
|
|
dab6d7 |
/* parsing flags */
|
|
|
dab6d7 |
+#ifdef notdef
|
|
|
dab6d7 |
+ /* we arn't using this right now, keep it for future reference */
|
|
|
dab6d7 |
if (current[0] == ASN1_BIT_STRING) {
|
|
|
dab6d7 |
/* recordinfo parsing would go here */
|
|
|
dab6d7 |
unsigned long bits;
|
|
|
dab6d7 |
@@ -2739,6 +2741,7 @@ DEREncodedTokenInfo::DEREncodedTokenInfo
|
|
|
dab6d7 |
size -= tagSize + entrySize;
|
|
|
dab6d7 |
bits = GetBits(entry, entrySize,8,2);
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
+#endif
|
|
|
dab6d7 |
return;
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
|
|
|
dab6d7 |
diff -up ./src/coolkey/slot.cpp.p15-coverity ./src/coolkey/slot.cpp
|
|
|
dab6d7 |
--- ./src/coolkey/slot.cpp.p15-coverity 2015-07-06 18:02:34.606191081 -0700
|
|
|
dab6d7 |
+++ ./src/coolkey/slot.cpp 2015-07-06 18:02:34.610191006 -0700
|
|
|
dab6d7 |
@@ -3714,7 +3714,6 @@ void
|
|
|
dab6d7 |
Slot::attemptP15Login(CK_USER_TYPE user)
|
|
|
dab6d7 |
{
|
|
|
dab6d7 |
PinCache *pinCachePtr = userPinCache(user);
|
|
|
dab6d7 |
- const CKYBuffer *path;
|
|
|
dab6d7 |
|
|
|
dab6d7 |
if (user == CKU_USER) {
|
|
|
dab6d7 |
loggedIn = false;
|
|
|
dab6d7 |
@@ -3729,7 +3728,6 @@ Slot::attemptP15Login(CK_USER_TYPE user)
|
|
|
dab6d7 |
"No PKCS #15 auth object for user %d\n", user);
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
|
|
|
dab6d7 |
- path = auth[user]->getObjectPath().getPath();
|
|
|
dab6d7 |
status = selectPath(auth[user]->getObjectPath().getPath(), &result);
|
|
|
dab6d7 |
if( status == CKYSCARDERR ) {
|
|
|
dab6d7 |
handleConnectionError();
|
|
|
dab6d7 |
diff -up ./src/libckyapplet/cky_applet.c.p15-coverity ./src/libckyapplet/cky_applet.c
|
|
|
dab6d7 |
--- ./src/libckyapplet/cky_applet.c.p15-coverity 2015-07-06 18:02:34.606191081 -0700
|
|
|
dab6d7 |
+++ ./src/libckyapplet/cky_applet.c 2015-07-06 18:02:34.610191006 -0700
|
|
|
dab6d7 |
@@ -1361,6 +1361,9 @@ P15Applet_SignDecrypt(CKYCardConnection
|
|
|
dab6d7 |
appendLength = length;
|
|
|
dab6d7 |
} else {
|
|
|
dab6d7 |
ret = CKYBuffer_Reserve(&tmp, length);
|
|
|
dab6d7 |
+ if (ret != CKYSUCCESS) {
|
|
|
dab6d7 |
+ goto done;
|
|
|
dab6d7 |
+ }
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
CKYBuffer_AppendBuffer(&tmp, data, offset, appendLength);
|
|
|
dab6d7 |
pso.chain = 0;
|
|
|
dab6d7 |
diff -up ./src/libckyapplet/cky_base.c.p15-coverity ./src/libckyapplet/cky_base.c
|
|
|
dab6d7 |
--- ./src/libckyapplet/cky_base.c.p15-coverity 2015-07-06 18:02:34.607191062 -0700
|
|
|
dab6d7 |
+++ ./src/libckyapplet/cky_base.c 2015-07-06 18:02:34.610191006 -0700
|
|
|
dab6d7 |
@@ -736,7 +736,7 @@ CKYAPDU_SetShortReceiveLen(CKYAPDU *apdu
|
|
|
dab6d7 |
CKYStatus ret;
|
|
|
dab6d7 |
|
|
|
dab6d7 |
if (recvlen <= CKYAPDU_MAX_DATA_LEN) {
|
|
|
dab6d7 |
- return APDU_SetReceiveLen(apdu, (CKYByte)(recvlen & 0xff));
|
|
|
dab6d7 |
+ return CKYAPDU_SetReceiveLen(apdu, (CKYByte)(recvlen & 0xff));
|
|
|
dab6d7 |
}
|
|
|
dab6d7 |
ret = CKYBuffer_Resize(&apdu->apduBuf, CKYAPDU_HEADER_LEN+2);
|
|
|
dab6d7 |
if (ret != CKYSUCCESS) {
|