Blame SOURCES/coolkey-1.1.0-p15-coverity.patch

dab6d7
diff -up ./src/coolkey/object.cpp.p15-coverity ./src/coolkey/object.cpp
dab6d7
--- ./src/coolkey/object.cpp.p15-coverity	2015-07-06 18:02:34.604191118 -0700
dab6d7
+++ ./src/coolkey/object.cpp	2015-07-06 19:06:04.432062377 -0700
dab6d7
@@ -1558,7 +1558,7 @@ unsigned long GetBits(const CKYByte *ent
dab6d7
    /* turn the flags into an int */
dab6d7
    for (i=0; i < entrySize; i++) {
dab6d7
 	CKYByte c = rev[entry[i]];
dab6d7
-	bits  = bits | (c << i*8);
dab6d7
+	bits  = bits | (((unsigned long)c) << (i*8));
dab6d7
    }
dab6d7
    return bits | bitFlag;
dab6d7
 }
dab6d7
@@ -1585,8 +1585,8 @@ CKYStatus PK15ObjectPath::setObjectPath(
dab6d7
     if (entry == NULL) { return CKYINVALIDDATA; }
dab6d7
     tagSize = entry - current;
dab6d7
     current += entrySize + tagSize;
dab6d7
+    if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
     size -= (entrySize +tagSize);
dab6d7
-    if (size < 0) { return CKYINVALIDDATA; }
dab6d7
     status = CKYBuffer_Replace(&path, 0, entry, entrySize);
dab6d7
     if (status != CKYSUCCESS) {
dab6d7
 	return status;
dab6d7
@@ -1598,8 +1598,8 @@ CKYStatus PK15ObjectPath::setObjectPath(
dab6d7
 	if (entry == NULL) { return CKYINVALIDDATA; }
dab6d7
 	tagSize = entry - current;
dab6d7
 	current += entrySize + tagSize;
dab6d7
+	if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
 	size -= (entrySize +tagSize);
dab6d7
-	if (size < 0) { return CKYINVALIDDATA; }
dab6d7
 	if (entrySize > 5) { return CKYINVALIDDATA; }
dab6d7
 	for (index = 0, i=0; i < entrySize; i++) {
dab6d7
 	    index = (index << 8) + (unsigned int) entry[i];
dab6d7
@@ -1612,8 +1612,8 @@ CKYStatus PK15ObjectPath::setObjectPath(
dab6d7
 	if (entry == NULL) { return CKYINVALIDDATA; }
dab6d7
 	tagSize = entry - current;
dab6d7
 	current += entrySize + tagSize;
dab6d7
+	if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
 	size -= (entrySize +tagSize);
dab6d7
-	if (size < 0) { return CKYINVALIDDATA; }
dab6d7
 	if (entrySize > 5) { return CKYINVALIDDATA; }
dab6d7
 	for (length = 0, i=0; i < entrySize; i++) {
dab6d7
 	    length = (length << 8) + (unsigned int) entry[i];
dab6d7
@@ -1741,8 +1741,8 @@ set_key_type:
dab6d7
     /* point current to the next section (cass attributes)  */
dab6d7
     tagSize = commonAttributes - current;
dab6d7
     current += commonSize + tagSize;
dab6d7
+    if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
     currentSize -= (commonSize +tagSize);
dab6d7
-    if (currentSize < 0) { return CKYINVALIDDATA; }
dab6d7
 
dab6d7
     /* get the CKA_LABEL */
dab6d7
     if (commonAttributes[0] != ASN1_UTF8_STRING) { return CKYINVALIDDATA; }
dab6d7
@@ -1835,8 +1835,8 @@ PK15Object::completeCertObject(const CKY
dab6d7
     /* point current to the next section (type attributes)  */
dab6d7
     tagSize = commonCertAttributes - current;
dab6d7
     current += commonSize + tagSize;
dab6d7
+    if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
     currentSize -= (commonSize +tagSize);
dab6d7
-    if (currentSize < 0) { return CKYINVALIDDATA; }
dab6d7
 
dab6d7
     /* get the id */
dab6d7
     if (commonCertAttributes[0] != ASN1_OCTET_STRING) { return CKYINVALIDDATA; }
dab6d7
@@ -1907,8 +1907,8 @@ PK15Object::completeAuthObject(const CKY
dab6d7
 	if (commonAuthAttributes == NULL) { return CKYINVALIDDATA; }
dab6d7
 	tagSize = commonAuthAttributes - current;
dab6d7
 	current += commonSize + tagSize;
dab6d7
+	if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
 	currentSize -= (commonSize + tagSize);
dab6d7
-	if (currentSize < 0) { return CKYINVALIDDATA; }
dab6d7
 	if (commonAuthAttributes[0] != ASN1_OCTET_STRING) {
dab6d7
 	    return CKYINVALIDDATA;
dab6d7
 	}
dab6d7
@@ -1930,8 +1930,8 @@ PK15Object::completeAuthObject(const CKY
dab6d7
     if (commonAuthAttributes == NULL) { return CKYINVALIDDATA; }
dab6d7
     tagSize = commonAuthAttributes - current;
dab6d7
     current += commonSize + tagSize;
dab6d7
-    currentSize -= (commonSize +tagSize);
dab6d7
-    if (currentSize < 0) { return CKYINVALIDDATA; }
dab6d7
+    if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
+    currentSize -= (commonSize + tagSize);
dab6d7
     /*
dab6d7
      * parse the Pin Auth Attributes 
dab6d7
      *     pinFlags  BIT_STRING
dab6d7
@@ -2093,8 +2093,8 @@ PK15Object::completeKeyObject(const CKYB
dab6d7
     /* point current to the next section (sublcass attributes)  */
dab6d7
     tagSize = commonKeyAttributes - current;
dab6d7
     current += commonSize + tagSize;
dab6d7
-    currentSize -= (commonSize +tagSize);
dab6d7
-    if (currentSize < 0) { return CKYINVALIDDATA; }
dab6d7
+    if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
+    currentSize -= (commonSize + tagSize);
dab6d7
 
dab6d7
     /* get the id */
dab6d7
     if (commonKeyAttributes[0] != ASN1_OCTET_STRING) { return CKYINVALIDDATA; }
dab6d7
@@ -2263,8 +2263,8 @@ CKYStatus PK15Object::completePrivKeyObj
dab6d7
 	/* point current to the next section (type attributes)  */
dab6d7
 	tagSize = commonPrivKeyAttributes - current;
dab6d7
 	current += commonSize + tagSize;
dab6d7
+	if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
 	currentSize -= (commonSize +tagSize);
dab6d7
-	if (currentSize < 0) { return CKYINVALIDDATA; }
dab6d7
 
dab6d7
  	/* subjectName */
dab6d7
 	if (commonPrivKeyAttributes[0] == ASN1_SEQUENCE) {
dab6d7
@@ -2385,8 +2385,8 @@ PK15Object::completePubKeyObject(const C
dab6d7
 	/* point current to the next section (type attributes)  */
dab6d7
 	tagSize = commonPubKeyAttributes - current;
dab6d7
 	current += commonSize + tagSize;
dab6d7
-	currentSize -= (commonSize +tagSize);
dab6d7
-	if (currentSize < 0) { return CKYINVALIDDATA; }
dab6d7
+	if (currentSize < (commonSize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
+	currentSize -= (commonSize + tagSize);
dab6d7
 
dab6d7
  	/* subjectName */
dab6d7
 	if (commonPubKeyAttributes[0] == ASN1_SEQUENCE) {
dab6d7
@@ -2535,8 +2535,8 @@ PK15Object::completeRawPublicKey(const C
dab6d7
     if (entry == NULL) { return CKYINVALIDDATA; }
dab6d7
     tagSize = entry - current;
dab6d7
     current += entrySize + tagSize;
dab6d7
+    if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
     size -= (entrySize +tagSize);
dab6d7
-    if (size < 0) { return CKYINVALIDDATA; }
dab6d7
     if ((entry[0] == 0) && (entrySize > 1)) {
dab6d7
 	entry++; entrySize--;
dab6d7
     }
dab6d7
@@ -2548,8 +2548,8 @@ PK15Object::completeRawPublicKey(const C
dab6d7
     if (entry == NULL) { return CKYINVALIDDATA; }
dab6d7
     tagSize = entry - current;
dab6d7
     current += entrySize + tagSize;
dab6d7
-    size -= (entrySize +tagSize);
dab6d7
-    if (size < 0) { return CKYINVALIDDATA; }
dab6d7
+    if (size < (entrySize + tagSize)) { return CKYINVALIDDATA; }
dab6d7
+    size -= (entrySize + tagSize);
dab6d7
     if ((entry[0] == 0) && (entrySize > 1)) {
dab6d7
 	entry++; entrySize--;
dab6d7
     }
dab6d7
@@ -2682,11 +2682,11 @@ DEREncodedTokenInfo::DEREncodedTokenInfo
dab6d7
     if (entry == NULL) return;
dab6d7
     tagSize = entry - current;
dab6d7
     current += tagSize + entrySize;
dab6d7
+    if (size < tagSize + entrySize) return;
dab6d7
     size -= tagSize + entrySize;
dab6d7
     if (entrySize < 1) {
dab6d7
 	version = *entry;
dab6d7
     }
dab6d7
-    if (size < 0) return;
dab6d7
 
dab6d7
     /* get the serial number */
dab6d7
     if (current[0] != ASN1_OCTET_STRING) { return ; }
dab6d7
@@ -2729,6 +2729,8 @@ DEREncodedTokenInfo::DEREncodedTokenInfo
dab6d7
     }
dab6d7
 
dab6d7
     /* parsing flags */
dab6d7
+#ifdef notdef
dab6d7
+    /* we arn't using this right now, keep it for future reference */
dab6d7
     if (current[0] == ASN1_BIT_STRING) {
dab6d7
     /* recordinfo parsing would go here */
dab6d7
 	unsigned long bits;
dab6d7
@@ -2739,6 +2741,7 @@ DEREncodedTokenInfo::DEREncodedTokenInfo
dab6d7
 	size -= tagSize + entrySize;
dab6d7
 	bits = GetBits(entry, entrySize,8,2);
dab6d7
     }
dab6d7
+#endif
dab6d7
     return;
dab6d7
 }
dab6d7
 
dab6d7
diff -up ./src/coolkey/slot.cpp.p15-coverity ./src/coolkey/slot.cpp
dab6d7
--- ./src/coolkey/slot.cpp.p15-coverity	2015-07-06 18:02:34.606191081 -0700
dab6d7
+++ ./src/coolkey/slot.cpp	2015-07-06 18:02:34.610191006 -0700
dab6d7
@@ -3714,7 +3714,6 @@ void
dab6d7
 Slot::attemptP15Login(CK_USER_TYPE user)
dab6d7
 {
dab6d7
     PinCache *pinCachePtr  = userPinCache(user);
dab6d7
-    const CKYBuffer *path;
dab6d7
 
dab6d7
     if (user == CKU_USER) {
dab6d7
 	loggedIn = false;
dab6d7
@@ -3729,7 +3728,6 @@ Slot::attemptP15Login(CK_USER_TYPE user)
dab6d7
 			"No PKCS #15 auth object for user %d\n", user);
dab6d7
     }
dab6d7
 
dab6d7
-    path = auth[user]->getObjectPath().getPath();
dab6d7
     status = selectPath(auth[user]->getObjectPath().getPath(), &result);
dab6d7
     if( status == CKYSCARDERR )  {
dab6d7
 	handleConnectionError();
dab6d7
diff -up ./src/libckyapplet/cky_applet.c.p15-coverity ./src/libckyapplet/cky_applet.c
dab6d7
--- ./src/libckyapplet/cky_applet.c.p15-coverity	2015-07-06 18:02:34.606191081 -0700
dab6d7
+++ ./src/libckyapplet/cky_applet.c	2015-07-06 18:02:34.610191006 -0700
dab6d7
@@ -1361,6 +1361,9 @@ P15Applet_SignDecrypt(CKYCardConnection
dab6d7
 	appendLength = length;
dab6d7
     } else {
dab6d7
 	ret = CKYBuffer_Reserve(&tmp, length);
dab6d7
+	if (ret != CKYSUCCESS) {
dab6d7
+	    goto done;
dab6d7
+	}
dab6d7
     }
dab6d7
     CKYBuffer_AppendBuffer(&tmp, data, offset, appendLength);
dab6d7
     pso.chain = 0;
dab6d7
diff -up ./src/libckyapplet/cky_base.c.p15-coverity ./src/libckyapplet/cky_base.c
dab6d7
--- ./src/libckyapplet/cky_base.c.p15-coverity	2015-07-06 18:02:34.607191062 -0700
dab6d7
+++ ./src/libckyapplet/cky_base.c	2015-07-06 18:02:34.610191006 -0700
dab6d7
@@ -736,7 +736,7 @@ CKYAPDU_SetShortReceiveLen(CKYAPDU *apdu
dab6d7
     CKYStatus ret;
dab6d7
 
dab6d7
     if (recvlen <= CKYAPDU_MAX_DATA_LEN) {
dab6d7
-	return APDU_SetReceiveLen(apdu, (CKYByte)(recvlen & 0xff));
dab6d7
+	return CKYAPDU_SetReceiveLen(apdu, (CKYByte)(recvlen & 0xff));
dab6d7
     }
dab6d7
     ret = CKYBuffer_Resize(&apdu->apduBuf, CKYAPDU_HEADER_LEN+2);
dab6d7
     if (ret != CKYSUCCESS) {