rpms / opensc

Clone
Source Code
GIT

Files

  1.   3c4a1b3cfb8205fd8a908ef85674006892d59a10
  2.   SOURCES
  3.   opensc-0.19.0-coverity.patch
Blob Blame History Raw 
diff --git a/src/libopensc/card-epass2003.c b/src/libopensc/card-epass2003.c
index 49b593f9..299520d6 100644
--- a/src/libopensc/card-epass2003.c
+++ b/src/libopensc/card-epass2003.c
@@ -1846,11 +1846,6 @@ epass2003_process_fci(struct sc_card *card, sc_file_t * file, const u8 * buf, si
 				case 0x04:
 					file->ef_structure = SC_FILE_EF_LINEAR_FIXED;
 					break;
-				case 0x03:
-				case 0x05:
-				case 0x06:
-				case 0x07:
-					break;
 				default:
 					break;
 				}
diff --git a/src/libopensc/card-iasecc.c b/src/libopensc/card-iasecc.c
index 254f8aa5..7eb3f5d0 100644
--- a/src/libopensc/card-iasecc.c
+++ b/src/libopensc/card-iasecc.c
@@ -2406,7 +2406,11 @@ iasecc_pin_reset(struct sc_card *card, struct sc_pin_cmd_data *data, int *tries_
 		sc_format_path("3F00", &path);
 		path.type = SC_PATH_TYPE_FILE_ID;
 		rv = iasecc_select_file(card, &path, NULL);
-		LOG_TEST_RET(ctx, rv, "Unable to select MF");
+		if (rv != SC_SUCCESS) {
+			sc_file_free(save_current);
+			sc_log(ctx, "Unable to select MF");
+			LOG_FUNC_RETURN(ctx, rv);
+		}
 	}
 
 	memset(&sdo, 0, sizeof(sdo));
@@ -3478,9 +3482,12 @@ iasecc_get_free_reference(struct sc_card *card, struct iasecc_ctl_get_free_refer
 
 			sc_log(ctx, "found empty key slot %i", idx);
 			break;
+		} else if (rv != SC_SUCCESS) {
+			iasecc_sdo_free(card, sdo);
+
+			sc_log(ctx, "get new key reference failed");
+			LOG_FUNC_RETURN(ctx, rv);
 		}
-		else
-			LOG_TEST_RET(ctx, rv, "get new key reference failed");
 
 		sz = *(sdo->docp.size.value + 0) * 0x100 + *(sdo->docp.size.value + 1);
 		sc_log(ctx,
diff --git a/src/libopensc/card-muscle.c b/src/libopensc/card-muscle.c
index c91b8d5e..be5b9f14 100644
--- a/src/libopensc/card-muscle.c
+++ b/src/libopensc/card-muscle.c
@@ -455,6 +455,7 @@ static int _listFile(mscfs_file_t *file, int reset, void *udata)
 static int muscle_init(sc_card_t *card)
 {
 	muscle_private_t *priv;
+	int r;
 
 	card->name = "MuscleApplet";
 	card->drv_data = malloc(sizeof(muscle_private_t));
@@ -478,7 +479,10 @@ static int muscle_init(sc_card_t *card)
 	card->caps |= SC_CARD_CAP_RNG;
 
 	/* Card type detection */
-	_sc_match_atr(card, muscle_atrs, &card->type);
+	r = _sc_match_atr(card, muscle_atrs, &card->type);
+	if (r < 0) {
+		sc_log(card->ctx, "Failed to match the ATRs");
+	}
 	if(card->type == SC_CARD_TYPE_MUSCLE_ETOKEN_72K) {
 		card->caps |= SC_CARD_CAP_APDU_EXT;
 	}
diff --git a/src/libopensc/card-piv.c b/src/libopensc/card-piv.c
index 61acedc8..a678b768 100644
--- a/src/libopensc/card-piv.c
+++ b/src/libopensc/card-piv.c
@@ -922,7 +922,11 @@ piv_get_data(sc_card_t * card, int enumtag, u8 **buf, size_t *buf_len)
 	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
 	sc_log(card->ctx, "#%d", enumtag);
 
-	sc_lock(card); /* do check len and get data in same transaction */
+	r = sc_lock(card); /* do check len and get data in same transaction */
+	if (r != SC_SUCCESS) {
+		sc_log(card->ctx, "sc_lock failed");
+		return r;
+	}
 
 	/* assert(enumtag >= 0 && enumtag < PIV_OBJ_LAST_ENUM); */
 
@@ -1481,7 +1485,7 @@ static int piv_get_key(sc_card_t *card, unsigned int alg_id, u8 **key, size_t *l
 	FILE *f = NULL;
 	char * keyfilename = NULL;
 	size_t expected_keylen;
-	size_t keylen;
+	size_t keylen, readlen;
 	u8 * keybuf = NULL;
 	u8 * tkey = NULL;
 
@@ -1530,11 +1534,12 @@ static int piv_get_key(sc_card_t *card, unsigned int alg_id, u8 **key, size_t *l
 	}
 	keybuf[fsize] = 0x00;    /* in case it is text need null */
 
-	if (fread(keybuf, 1, fsize, f) != fsize) {
+	if ((readlen = fread(keybuf, 1, fsize, f)) != fsize) {
 		sc_log(card->ctx, " Unable to read key\n");
 		r = SC_ERROR_WRONG_LENGTH;
 		goto err;
 	}
+	keybuf[readlen] = '\0';
 
 	tkey = malloc(expected_keylen);
 	if (!tkey) {
@@ -2126,14 +2131,16 @@ piv_get_serial_nr_from_CHUI(sc_card_t* card, sc_serial_number_t* serial)
 				/* test if guid and the fascn starts with ;9999 (in ISO 4bit + parity code) */
 				if (!(gbits && fascn[0] == 0xD4 && fascn[1] == 0xE7
 						    && fascn[2] == 0x39 && (fascn[3] | 0x7F) == 0xFF)) {
-					serial->len = fascnlen < SC_MAX_SERIALNR ? fascnlen : SC_MAX_SERIALNR;
+					/* fascnlen is 25 */
+					serial->len = fascnlen;
 					memcpy (serial->value, fascn, serial->len);
 					r = SC_SUCCESS;
 					gbits = 0; /* set to skip using guid below */
 				}
 			}
 			if (guid && gbits) {
-				serial->len = guidlen < SC_MAX_SERIALNR ? guidlen : SC_MAX_SERIALNR;
+				/* guidlen is 16 */
+				serial->len = guidlen;
 				memcpy (serial->value, guid, serial->len);
 				r = SC_SUCCESS;
 			}
@@ -2981,7 +2988,7 @@ static int piv_match_card(sc_card_t *card)
 
 static int piv_match_card_continued(sc_card_t *card)
 {
-	int i;
+	int i, r;
 	int type  = -1;
 	piv_private_data_t *priv = NULL;
 	int saved_type = card->type;
@@ -3080,7 +3087,13 @@ static int piv_match_card_continued(sc_card_t *card)
 		if(piv_objects[i].flags & PIV_OBJECT_NOT_PRESENT)
 			priv->obj_cache[i].flags |= PIV_OBJ_CACHE_NOT_PRESENT;
 
-	sc_lock(card);
+	r = sc_lock(card);
+	if (r != SC_SUCCESS) {
+		sc_debug(card->ctx, SC_LOG_DEBUG_VERBOSE, "sc_lock failed\n");
+		piv_finish(card);
+		card->type = saved_type;
+		return 0;
+	}
 
 	/*
 	 * detect if active AID is PIV. NIST 800-73 says Only one PIV application per card
@@ -3464,7 +3477,11 @@ piv_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data, int *tries_left)
 	if (data->cmd == SC_PIN_CMD_VERIFY && data->pin_type == SC_AC_CONTEXT_SPECIFIC) {
 		priv->context_specific = 1;
 		sc_log(card->ctx,"Starting CONTEXT_SPECIFIC verify");
-		sc_lock(card);
+		r = sc_lock(card);
+		if (r != SC_SUCCESS) {
+			sc_log(card->ctx, "sc_lock failed");
+			return r;
+		}
 	}
 
 	priv->pin_cmd_verify = 1; /* tell piv_check_sw its a verify to save sw1, sw2 */
diff --git a/src/libopensc/ctx.c b/src/libopensc/ctx.c
index 626686a7..f24a61ca 100644
--- a/src/libopensc/ctx.c
+++ b/src/libopensc/ctx.c
@@ -452,6 +452,10 @@ static void *load_dynamic_driver(sc_context_t *ctx, void **dll, const char *name
 	const char *(*modversion)(void) = NULL;
 	const char *(**tmodv)(void) = &modversion;
 
+	if (dll == NULL) {
+		sc_log(ctx, "No dll parameter specified");
+		return NULL;
+	}
 	if (name == NULL) { /* should not occur, but... */
 		sc_log(ctx, "No module specified");
 		return NULL;
@@ -481,8 +485,8 @@ static void *load_dynamic_driver(sc_context_t *ctx, void **dll, const char *name
 		sc_dlclose(handle);
 		return NULL;
 	}
-	if (dll)
-		*dll = handle;
+
+	*dll = handle;
 	sc_log(ctx, "successfully loaded card driver '%s'", name);
 	return modinit(name);
 }
diff --git a/src/libopensc/iso7816.c b/src/libopensc/iso7816.c
index 718d92ff..6abd2d76 100644
--- a/src/libopensc/iso7816.c
+++ b/src/libopensc/iso7816.c
@@ -841,13 +841,18 @@ iso7816_set_security_env(struct sc_card *card,
 	if (env->flags & SC_SEC_ENV_FILE_REF_PRESENT) {
 		if (env->file_ref.len > 0xFF)
 			return SC_ERROR_INVALID_ARGUMENTS;
+		if (sizeof(sbuf) - (p - sbuf) < env->file_ref.len + 2)
+			return SC_ERROR_OFFSET_TOO_LARGE;
+
 		*p++ = 0x81;
 		*p++ = (u8) env->file_ref.len;
-		assert(sizeof(sbuf) - (p - sbuf) >= env->file_ref.len);
 		memcpy(p, env->file_ref.value, env->file_ref.len);
 		p += env->file_ref.len;
 	}
 	if (env->flags & SC_SEC_ENV_KEY_REF_PRESENT) {
+		if (sizeof(sbuf) - (p - sbuf) < env->key_ref_len + 2)
+			return SC_ERROR_OFFSET_TOO_LARGE;
+
 		if (env->flags & SC_SEC_ENV_KEY_REF_SYMMETRIC)
 			*p++ = 0x83;
 		else
@@ -855,7 +860,6 @@ iso7816_set_security_env(struct sc_card *card,
 		if (env->key_ref_len > 0xFF)
 			return SC_ERROR_INVALID_ARGUMENTS;
 		*p++ = env->key_ref_len & 0xFF;
-		assert(sizeof(sbuf) - (p - sbuf) >= env->key_ref_len);
 		memcpy(p, env->key_ref, env->key_ref_len);
 		p += env->key_ref_len;
 	}
diff --git a/src/libopensc/pkcs15-cac.c b/src/libopensc/pkcs15-cac.c
index 93032113..f34425a5 100644
--- a/src/libopensc/pkcs15-cac.c
+++ b/src/libopensc/pkcs15-cac.c
@@ -388,6 +388,7 @@ static int sc_pkcs15emu_cac_init(sc_pkcs15_card_t *p15card)
 			if (r == SC_SUCCESS) {
 				token_name = malloc (cn_len+1);
 				if (!token_name) {
+					free(cn_name);
 					r = SC_ERROR_OUT_OF_MEMORY;
 					goto fail;
 				}
diff --git a/src/libopensc/pkcs15-oberthur.c b/src/libopensc/pkcs15-oberthur.c
index 3415be7c..8c126e46 100644
--- a/src/libopensc/pkcs15-oberthur.c
+++ b/src/libopensc/pkcs15-oberthur.c
@@ -206,8 +206,10 @@ sc_oberthur_get_certificate_authority(struct sc_pkcs15_der *der, int *out_author
 	buf_mem.max = buf_mem.length = der->len;
 
 	bio = BIO_new(BIO_s_mem());
-	if(!bio)
+	if (!bio) {
+		free(buf_mem.data);
 		return SC_ERROR_OUT_OF_MEMORY;
+	}
 
 	BIO_set_mem_buf(bio, &buf_mem, BIO_NOCLOSE);
 	x = d2i_X509_bio(bio, 0);
diff --git a/src/pkcs15init/pkcs15-authentic.c b/src/pkcs15init/pkcs15-authentic.c
index ddccd032..0b6f9c17 100644
--- a/src/pkcs15init/pkcs15-authentic.c
+++ b/src/pkcs15init/pkcs15-authentic.c
@@ -355,7 +355,6 @@ authentic_sdo_allocate_prvkey(struct sc_profile *profile, struct sc_card *card,
 		sc_file_free(file);
 		LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot allocate 'sc_authentic_sdo'");
 	}
-	*out = sdo;
 
 	sdo->magic = AUTHENTIC_SDO_MAGIC;
 	sdo->docp.id = key_info->key_reference &  ~AUTHENTIC_OBJECT_REF_FLAG_LOCAL;
@@ -364,11 +363,16 @@ authentic_sdo_allocate_prvkey(struct sc_profile *profile, struct sc_card *card,
 	rv = authentic_docp_set_acls(card, file, authentic_v3_rsa_ac_ops,
 			sizeof(authentic_v3_rsa_ac_ops)/sizeof(authentic_v3_rsa_ac_ops[0]), &sdo->docp);
 	sc_file_free(file);
-	LOG_TEST_RET(ctx, rv, "Cannot set key ACLs from file");
+	if (rv != SC_SUCCESS) {
+		free(sdo);
+		sc_log(ctx, "Cannot set key ACLs from file");
+		LOG_FUNC_RETURN(ctx, rv);
+	}
 
 	sc_log(ctx, "sdo(mech:%X,id:%X,acls:%s)", sdo->docp.mech, sdo->docp.id,
 			sc_dump_hex(sdo->docp.acl_data, sdo->docp.acl_data_len));
 
+	*out = sdo;
 	LOG_FUNC_RETURN(ctx, SC_SUCCESS);
 }
 
diff --git a/src/pkcs15init/pkcs15-myeid.c b/src/pkcs15init/pkcs15-myeid.c
index 29f9aa22..10258667 100644
--- a/src/pkcs15init/pkcs15-myeid.c
+++ b/src/pkcs15init/pkcs15-myeid.c
@@ -232,6 +232,7 @@ myeid_create_dir(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_file_t *df
 		for (ii = 0; create_dfs[ii]; ii++) {
 			sc_log(ctx, "Create '%s'", create_dfs[ii]);
 
+			file = NULL;
 			r = sc_profile_get_file(profile, create_dfs[ii], &file);
 			sc_file_free(file);
 			if (r) {
@@ -433,7 +434,11 @@ _add_supported_algo(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
 		    unsigned operations, unsigned mechanism, const struct sc_object_id *oid)
 {
 	struct sc_supported_algo_info *algo;
+	struct sc_context *ctx = p15card->card->ctx;
 	algo = sc_pkcs15_get_supported_algo(p15card, operations, mechanism);
+	int rv;
+
+	LOG_FUNC_CALLED(ctx);
 	if (!algo) {
 		unsigned ref = 1, ii;
 
@@ -451,7 +456,10 @@ _add_supported_algo(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
 		}
 
 	}
-	sc_pkcs15_add_supported_algo_ref(object, algo);
+	rv = sc_pkcs15_add_supported_algo_ref(object, algo);
+	if (rv != SC_SUCCESS) {
+		sc_log(ctx, "Failed to add algorithms refs");
+	}
 }
 
 static void
@@ -742,7 +750,6 @@ myeid_generate_key(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
 			break;
 		default:
 			LOG_TEST_RET(ctx, SC_ERROR_INVALID_ARGUMENTS, "Unsupported key type");
-			break;
 	}
 
 	sc_log(ctx, "Generate key with ID:%s and path:%s",
diff --git a/src/pkcs15init/pkcs15-oberthur-awp.c b/src/pkcs15init/pkcs15-oberthur-awp.c
index f9c96373..9b12f06c 100644
--- a/src/pkcs15init/pkcs15-oberthur-awp.c
+++ b/src/pkcs15init/pkcs15-oberthur-awp.c
@@ -284,9 +284,10 @@ awp_create_container_record (struct sc_pkcs15_card *p15card, struct sc_profile *
 	memset(buff, 0, list_file->record_length);
 
 	rv = awp_new_container_entry(p15card, buff, list_file->record_length);
-	if (rv < 0)   {
+	if (rv < 0) {
 		free(buff);
-		SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot create container");
+		sc_log(ctx, "Cannot create container");
+		SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
 	}
 
 	*(buff + 0) = (acc->pubkey_id >> 8) & 0xFF;
diff --git a/src/tools/npa-tool-cmdline.c b/src/tools/npa-tool-cmdline.c
index 117c6cb1..26eed929 100644
--- a/src/tools/npa-tool-cmdline.c
+++ b/src/tools/npa-tool-cmdline.c
@@ -1685,7 +1685,14 @@ void update_multiple_arg(void *field, char ***orig_field,
   struct generic_list *tmp;
 
   if (prev_given && list) {
+    char **old = *orig_field;
+    char *old_field = field;
     *orig_field = (char **) realloc (*orig_field, (field_given + prev_given) * sizeof (char *));
+    if (*orig_field == NULL) {
+      free(*old);
+      fprintf(stderr, "Failed to allocate memory: aborting");
+      exit(1);
+    }
 
     switch(arg_type) {
     case ARG_INT:
@@ -1695,6 +1702,11 @@ void update_multiple_arg(void *field, char ***orig_field,
     default:
       break;
     };
+    if (*((void **)field) == NULL) {
+      free(old_field);
+      fprintf(stderr, "Failed to allocate memory: aborting");
+      exit(1);
+    }
     
     for (i = (prev_given - 1); i >= 0; --i)
       {
diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
index ac5292f9..7bc5a3ff 100644
--- a/src/tools/opensc-explorer.c
+++ b/src/tools/opensc-explorer.c
@@ -1399,7 +1399,7 @@ static int do_get(int argc, char **argv)
 	if (r == SC_SUCCESS)
 		r = sc_select_file(card, &path, &file);
 	sc_unlock(card);
-	if (r) {
+	if (r || file == NULL) {
 		check_ret(r, SC_AC_OP_SELECT, "unable to select file", current_file);
 		goto err;
 	}
diff --git a/src/tools/piv-tool.c b/src/tools/piv-tool.c
index 6dc8213d..23a58ce6 100644
--- a/src/tools/piv-tool.c
+++ b/src/tools/piv-tool.c
@@ -477,6 +477,7 @@ int main(int argc, char *argv[])
 	const char *key_info = NULL;
 	const char *admin_info = NULL;
 	sc_context_param_t ctx_param;
+	char **old_apdus = NULL;
 
 	setbuf(stderr, NULL);
 	setbuf(stdout, NULL);
@@ -493,9 +494,11 @@ int main(int argc, char *argv[])
 			action_count++;
 			break;
 		case 's':
+			old_apdus = opt_apdus;
 			opt_apdus = (char **) realloc(opt_apdus,
 					(opt_apdu_count + 1) * sizeof(char *));
 			if (!opt_apdus) {
+				free(old_apdus);
 				err = 1;
 				goto end;
 			}
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index 64525f6a..5795a8ba 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -2695,6 +2695,7 @@ static int write_object(CK_SESSION_HANDLE session)
 		if (!(f = fopen(opt_attr_from_file, "rb")))
 			util_fatal("Couldn't open file \"%s\"", opt_attr_from_file);
 		certdata_len = fread(certdata, 1, sizeof(certdata), f);
+		certdata[certdata_len] = '\0';
 		if (certdata_len < 0)
 			util_fatal("Couldn't read from file \"%s\"", opt_attr_from_file);
 		fclose(f);
diff --git a/src/tools/sc-hsm-tool.c b/src/tools/sc-hsm-tool.c
index 02cdfcc6..2b424cf7 100644
--- a/src/tools/sc-hsm-tool.c
+++ b/src/tools/sc-hsm-tool.c
@@ -1503,13 +1503,13 @@ static int unwrap_key(sc_card_t *card, int keyid, const char *inf, const char *p
 		return -1;
 	}
 
-	if ((keybloblen = fread(keyblob, 1, sizeof(keyblob), in)) < 0) {
+	keybloblen = fread(keyblob, 1, sizeof(keyblob), in);
+	fclose(in);
+	if (keybloblen < 0) {
 		perror(inf);
 		return -1;
 	}
 
-	fclose(in);
-
 	ptr = keyblob;
 	if ((sc_asn1_read_tag(&ptr, keybloblen, &cla, &tag, &len) != SC_SUCCESS)
 		   	|| ((cla & SC_ASN1_TAG_CONSTRUCTED) != SC_ASN1_TAG_CONSTRUCTED)

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation