|
 |
5385de |
From 44b429df9ac4bb8ad84a090fee1bd70d83adcf23 Mon Sep 17 00:00:00 2001
|
|
|
5385de |
From: Greg Hudson <ghudson@mit.edu>
|
|
|
5385de |
Date: Sat, 20 Jul 2019 00:51:52 -0400
|
|
|
5385de |
Subject: [PATCH] Fix Coverity defects in soft-pkcs11 test code
|
|
|
5385de |
|
|
|
5385de |
Nothing in the code removes objects from soft_token.object.obs, so
|
|
|
5385de |
simplify add_st_object() not to search for an empty slot. Avoid using
|
|
|
5385de |
random() by using a counter for session handles and just the array
|
|
|
5385de |
slot number for object handles. Add a helper get_rcfilename() to
|
|
|
5385de |
facilitate checking the result of asprintf(). Properly initialize ap
|
|
|
5385de |
in sprintf_fill(). Close the file handle in read_conf_file().
|
|
|
5385de |
|
|
|
5385de |
(cherry picked from commit b4831515b2f3b6fd7d7fd4bff4558c10c710891d)
|
|
|
5385de |
(cherry picked from commit 28db01445d2807d51b5045c0a04d5e49905de504)
|
|
|
5385de |
---
|
|
|
5385de |
src/tests/softpkcs11/main.c | 102 +++++++++++++++++++-----------------
|
|
|
5385de |
1 file changed, 53 insertions(+), 49 deletions(-)
|
|
|
5385de |
|
|
|
5385de |
diff --git a/src/tests/softpkcs11/main.c b/src/tests/softpkcs11/main.c
|
|
|
5385de |
index 5255323d3..2d1448ca2 100644
|
|
|
5385de |
--- a/src/tests/softpkcs11/main.c
|
|
|
5385de |
+++ b/src/tests/softpkcs11/main.c
|
|
|
5385de |
@@ -78,6 +78,7 @@ compat_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e,
|
|
|
5385de |
(BL) = i2d_##T((S), &p); \
|
|
|
5385de |
if ((BL) <= 0) { \
|
|
|
5385de |
free((B)); \
|
|
|
5385de |
+ (B) = NULL; \
|
|
|
5385de |
(R) = EINVAL; \
|
|
|
5385de |
} \
|
|
|
5385de |
} \
|
|
|
5385de |
@@ -149,6 +150,7 @@ static struct soft_token {
|
|
|
5385de |
} state[10];
|
|
|
5385de |
#define MAX_NUM_SESSION (sizeof(soft_token.state)/sizeof(soft_token.state[0]))
|
|
|
5385de |
FILE *logfile;
|
|
|
5385de |
+ CK_SESSION_HANDLE next_session_handle;
|
|
|
5385de |
} soft_token;
|
|
|
5385de |
|
|
|
5385de |
static void
|
|
|
5385de |
@@ -179,6 +181,7 @@ snprintf_fill(char *str, int size, char fillchar, const char *fmt, ...)
|
|
|
5385de |
{
|
|
|
5385de |
int len;
|
|
|
5385de |
va_list ap;
|
|
|
5385de |
+ va_start(ap, fmt);
|
|
|
5385de |
len = vsnprintf(str, size, fmt, ap);
|
|
|
5385de |
va_end(ap);
|
|
|
5385de |
if (len < 0 || len > size)
|
|
|
5385de |
@@ -344,7 +347,13 @@ static struct st_object *
|
|
|
5385de |
add_st_object(void)
|
|
|
5385de |
{
|
|
|
5385de |
struct st_object *o, **objs;
|
|
|
5385de |
- int i;
|
|
|
5385de |
+
|
|
|
5385de |
+ objs = realloc(soft_token.object.objs,
|
|
|
5385de |
+ (soft_token.object.num_objs + 1) *
|
|
|
5385de |
+ sizeof(soft_token.object.objs[0]));
|
|
|
5385de |
+ if (objs == NULL)
|
|
|
5385de |
+ return NULL;
|
|
|
5385de |
+ soft_token.object.objs = objs;
|
|
|
5385de |
|
|
|
5385de |
o = malloc(sizeof(*o));
|
|
|
5385de |
if (o == NULL)
|
|
|
5385de |
@@ -352,26 +361,9 @@ add_st_object(void)
|
|
|
5385de |
memset(o, 0, sizeof(*o));
|
|
|
5385de |
o->attrs = NULL;
|
|
|
5385de |
o->num_attributes = 0;
|
|
|
5385de |
+ o->object_handle = soft_token.object.num_objs;
|
|
|
5385de |
|
|
|
5385de |
- for (i = 0; i < soft_token.object.num_objs; i++) {
|
|
|
5385de |
- if (soft_token.object.objs == NULL) {
|
|
|
5385de |
- soft_token.object.objs[i] = o;
|
|
|
5385de |
- break;
|
|
|
5385de |
- }
|
|
|
5385de |
- }
|
|
|
5385de |
- if (i == soft_token.object.num_objs) {
|
|
|
5385de |
- objs = realloc(soft_token.object.objs,
|
|
|
5385de |
- (soft_token.object.num_objs + 1) * sizeof(soft_token.object.objs[0]));
|
|
|
5385de |
- if (objs == NULL) {
|
|
|
5385de |
- free(o);
|
|
|
5385de |
- return NULL;
|
|
|
5385de |
- }
|
|
|
5385de |
- soft_token.object.objs = objs;
|
|
|
5385de |
- soft_token.object.objs[soft_token.object.num_objs++] = o;
|
|
|
5385de |
- }
|
|
|
5385de |
- soft_token.object.objs[i]->object_handle =
|
|
|
5385de |
- (random() & (~OBJECT_ID_MASK)) | i;
|
|
|
5385de |
-
|
|
|
5385de |
+ soft_token.object.objs[soft_token.object.num_objs++] = o;
|
|
|
5385de |
return o;
|
|
|
5385de |
}
|
|
|
5385de |
|
|
|
5385de |
@@ -797,6 +789,8 @@ read_conf_file(const char *fn)
|
|
|
5385de |
|
|
|
5385de |
add_certificate(label, cert, key, id, anchor);
|
|
|
5385de |
}
|
|
|
5385de |
+
|
|
|
5385de |
+ fclose(f);
|
|
|
5385de |
}
|
|
|
5385de |
|
|
|
5385de |
static CK_RV
|
|
|
5385de |
@@ -806,19 +800,47 @@ func_not_supported(void)
|
|
|
5385de |
return CKR_FUNCTION_NOT_SUPPORTED;
|
|
|
5385de |
}
|
|
|
5385de |
|
|
|
5385de |
+static char *
|
|
|
5385de |
+get_rcfilename()
|
|
|
5385de |
+{
|
|
|
5385de |
+ struct passwd *pw;
|
|
|
5385de |
+ const char *home = NULL;
|
|
|
5385de |
+ char *fn;
|
|
|
5385de |
+
|
|
|
5385de |
+ if (getuid() == geteuid()) {
|
|
|
5385de |
+ fn = getenv("SOFTPKCS11RC");
|
|
|
5385de |
+ if (fn != NULL)
|
|
|
5385de |
+ return strdup(fn);
|
|
|
5385de |
+
|
|
|
5385de |
+ home = getenv("HOME");
|
|
|
5385de |
+ }
|
|
|
5385de |
+
|
|
|
5385de |
+ if (home == NULL) {
|
|
|
5385de |
+ pw = getpwuid(getuid());
|
|
|
5385de |
+ if (pw != NULL)
|
|
|
5385de |
+ home = pw->pw_dir;
|
|
|
5385de |
+ }
|
|
|
5385de |
+
|
|
|
5385de |
+ if (home == NULL)
|
|
|
5385de |
+ return strdup("/etc/soft-token.rc");
|
|
|
5385de |
+
|
|
|
5385de |
+ if (asprintf(&fn, "%s/.soft-token.rc", home) < 0)
|
|
|
5385de |
+ return NULL;
|
|
|
5385de |
+ return fn;
|
|
|
5385de |
+}
|
|
|
5385de |
+
|
|
|
5385de |
CK_RV
|
|
|
5385de |
C_Initialize(CK_VOID_PTR a)
|
|
|
5385de |
{
|
|
|
5385de |
CK_C_INITIALIZE_ARGS_PTR args = a;
|
|
|
5385de |
size_t i;
|
|
|
5385de |
+ char *fn;
|
|
|
5385de |
|
|
|
5385de |
st_logf("Initialize\n");
|
|
|
5385de |
|
|
|
5385de |
OpenSSL_add_all_algorithms();
|
|
|
5385de |
ERR_load_crypto_strings();
|
|
|
5385de |
|
|
|
5385de |
- srandom(getpid() ^ time(NULL));
|
|
|
5385de |
-
|
|
|
5385de |
for (i = 0; i < MAX_NUM_SESSION; i++) {
|
|
|
5385de |
soft_token.state[i].session_handle = CK_INVALID_HANDLE;
|
|
|
5385de |
soft_token.state[i].find.attributes = NULL;
|
|
|
5385de |
@@ -850,31 +872,13 @@ C_Initialize(CK_VOID_PTR a)
|
|
|
5385de |
st_logf("\tFlags\t%04x\n", (unsigned int)args->flags);
|
|
|
5385de |
}
|
|
|
5385de |
|
|
|
5385de |
- {
|
|
|
5385de |
- char *fn = NULL, *home = NULL;
|
|
|
5385de |
-
|
|
|
5385de |
- if (getuid() == geteuid()) {
|
|
|
5385de |
- fn = getenv("SOFTPKCS11RC");
|
|
|
5385de |
- if (fn)
|
|
|
5385de |
- fn = strdup(fn);
|
|
|
5385de |
- home = getenv("HOME");
|
|
|
5385de |
- }
|
|
|
5385de |
- if (fn == NULL && home == NULL) {
|
|
|
5385de |
- struct passwd *pw = getpwuid(getuid());
|
|
|
5385de |
- if(pw != NULL)
|
|
|
5385de |
- home = pw->pw_dir;
|
|
|
5385de |
- }
|
|
|
5385de |
- if (fn == NULL) {
|
|
|
5385de |
- if (home)
|
|
|
5385de |
- asprintf(&fn, "%s/.soft-token.rc", home);
|
|
|
5385de |
- else
|
|
|
5385de |
- fn = strdup("/etc/soft-token.rc");
|
|
|
5385de |
- }
|
|
|
5385de |
-
|
|
|
5385de |
- read_conf_file(fn);
|
|
|
5385de |
- free(fn);
|
|
|
5385de |
- }
|
|
|
5385de |
+ soft_token.next_session_handle = 0;
|
|
|
5385de |
|
|
|
5385de |
+ fn = get_rcfilename();
|
|
|
5385de |
+ if (fn == NULL)
|
|
|
5385de |
+ return CKR_DEVICE_MEMORY;
|
|
|
5385de |
+ read_conf_file(fn);
|
|
|
5385de |
+ free(fn);
|
|
|
5385de |
return CKR_OK;
|
|
|
5385de |
}
|
|
|
5385de |
|
|
|
5385de |
@@ -1082,8 +1086,7 @@ C_OpenSession(CK_SLOT_ID slotID,
|
|
|
5385de |
|
|
|
5385de |
soft_token.open_sessions++;
|
|
|
5385de |
|
|
|
5385de |
- soft_token.state[i].session_handle =
|
|
|
5385de |
- (CK_SESSION_HANDLE)(random() & 0xfffff);
|
|
|
5385de |
+ soft_token.state[i].session_handle = soft_token.next_session_handle++;
|
|
|
5385de |
*phSession = soft_token.state[i].session_handle;
|
|
|
5385de |
|
|
|
5385de |
return CKR_OK;
|
|
|
5385de |
@@ -1152,7 +1155,8 @@ C_Login(CK_SESSION_HANDLE hSession,
|
|
|
5385de |
VERIFY_SESSION_HANDLE(hSession, NULL);
|
|
|
5385de |
|
|
|
5385de |
if (pPin != NULL_PTR) {
|
|
|
5385de |
- asprintf(&pin, "%.*s", (int)ulPinLen, pPin);
|
|
|
5385de |
+ if (asprintf(&pin, "%.*s", (int)ulPinLen, pPin) < 0)
|
|
|
5385de |
+ return CKR_DEVICE_MEMORY;
|
|
|
5385de |
st_logf("type: %d password: %s\n", (int)userType, pin);
|
|
|
5385de |
}
|
|
|
5385de |
|