|
 |
b4dd4c |
From 8a8db182af533a43b4d478d28af8623035475d68 Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:05:10 +0200
|
|
|
b4dd4c |
Subject: [PATCH 01/10] debug: Work around cppcheck false-positives
|
|
|
b4dd4c |
|
|
|
b4dd4c |
https://trac.cppcheck.net/ticket/8794
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
common/debug.h | 6 +++---
|
|
|
b4dd4c |
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/common/debug.h b/common/debug.h
|
|
|
b4dd4c |
index 255c62c..7ea36f3 100644
|
|
|
b4dd4c |
--- a/common/debug.h
|
|
|
b4dd4c |
+++ b/common/debug.h
|
|
|
b4dd4c |
@@ -71,13 +71,13 @@ void p11_debug_precond (const char *format,
|
|
|
b4dd4c |
#endif
|
|
|
b4dd4c |
|
|
|
b4dd4c |
#define return_val_if_fail(x, v) \
|
|
|
b4dd4c |
- do { if (!(x)) { \
|
|
|
b4dd4c |
+ do { if (x) { } else { \
|
|
|
b4dd4c |
p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \
|
|
|
b4dd4c |
return v; \
|
|
|
b4dd4c |
} } while (false)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
#define return_if_fail(x) \
|
|
|
b4dd4c |
- do { if (!(x)) { \
|
|
|
b4dd4c |
+ do { if (x) { } else { \
|
|
|
b4dd4c |
p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \
|
|
|
b4dd4c |
return; \
|
|
|
b4dd4c |
} } while (false)
|
|
|
b4dd4c |
@@ -100,7 +100,7 @@ void p11_debug_precond (const char *format,
|
|
|
b4dd4c |
} while (false)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
#define warn_if_fail(x) \
|
|
|
b4dd4c |
- do { if (!(x)) { \
|
|
|
b4dd4c |
+ do { if (x) { } else { \
|
|
|
b4dd4c |
p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \
|
|
|
b4dd4c |
} } while (false)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From c76197ddbbd0c29adc2bceff2ee9f740f71d134d Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:06:56 +0200
|
|
|
b4dd4c |
Subject: [PATCH 02/10] build: Call va_end() always when leaving the function
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
common/attrs.c | 4 +++-
|
|
|
b4dd4c |
common/compat.c | 5 ++++-
|
|
|
b4dd4c |
common/path.c | 5 ++++-
|
|
|
b4dd4c |
trust/parser.c | 4 +++-
|
|
|
b4dd4c |
4 files changed, 14 insertions(+), 4 deletions(-)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/common/attrs.c b/common/attrs.c
|
|
|
b4dd4c |
index aa91891..a387a66 100644
|
|
|
b4dd4c |
--- a/common/attrs.c
|
|
|
b4dd4c |
+++ b/common/attrs.c
|
|
|
b4dd4c |
@@ -538,8 +538,10 @@ buffer_append_printf (p11_buffer *buffer,
|
|
|
b4dd4c |
va_list va;
|
|
|
b4dd4c |
|
|
|
b4dd4c |
va_start (va, format);
|
|
|
b4dd4c |
- if (vasprintf (&string, format, va) < 0)
|
|
|
b4dd4c |
+ if (vasprintf (&string, format, va) < 0) {
|
|
|
b4dd4c |
+ va_end (va);
|
|
|
b4dd4c |
return_if_reached ();
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
va_end (va);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
p11_buffer_add (buffer, string, -1);
|
|
|
b4dd4c |
diff --git a/common/compat.c b/common/compat.c
|
|
|
b4dd4c |
index 5a9702d..48614fa 100644
|
|
|
b4dd4c |
--- a/common/compat.c
|
|
|
b4dd4c |
+++ b/common/compat.c
|
|
|
b4dd4c |
@@ -525,7 +525,10 @@ strconcat (const char *first,
|
|
|
b4dd4c |
for (arg = first; arg; arg = va_arg (va, const char*)) {
|
|
|
b4dd4c |
size_t old_length = length;
|
|
|
b4dd4c |
length += strlen (arg);
|
|
|
b4dd4c |
- return_val_if_fail (length >= old_length, NULL);
|
|
|
b4dd4c |
+ if (length < old_length) {
|
|
|
b4dd4c |
+ va_end (va);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
|
|
|
b4dd4c |
va_end (va);
|
|
|
b4dd4c |
diff --git a/common/path.c b/common/path.c
|
|
|
b4dd4c |
index 5cf0e1a..17a6230 100644
|
|
|
b4dd4c |
--- a/common/path.c
|
|
|
b4dd4c |
+++ b/common/path.c
|
|
|
b4dd4c |
@@ -218,7 +218,10 @@ p11_path_build (const char *path,
|
|
|
b4dd4c |
while (path != NULL) {
|
|
|
b4dd4c |
size_t old_len = len;
|
|
|
b4dd4c |
len += strlen (path) + 1;
|
|
|
b4dd4c |
- return_val_if_fail (len >= old_len, NULL);
|
|
|
b4dd4c |
+ if (len < old_len) {
|
|
|
b4dd4c |
+ va_end (va);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
path = va_arg (va, const char *);
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
va_end (va);
|
|
|
b4dd4c |
diff --git a/trust/parser.c b/trust/parser.c
|
|
|
b4dd4c |
index f92cdc9..e912c3a 100644
|
|
|
b4dd4c |
--- a/trust/parser.c
|
|
|
b4dd4c |
+++ b/trust/parser.c
|
|
|
b4dd4c |
@@ -697,8 +697,10 @@ p11_parser_formats (p11_parser *parser,
|
|
|
b4dd4c |
func = va_arg (va, parser_func);
|
|
|
b4dd4c |
if (func == NULL)
|
|
|
b4dd4c |
break;
|
|
|
b4dd4c |
- if (!p11_array_push (formats, func))
|
|
|
b4dd4c |
+ if (!p11_array_push (formats, func)) {
|
|
|
b4dd4c |
+ va_end (va);
|
|
|
b4dd4c |
return_if_reached ();
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
va_end (va);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From b10dadce5a3c921149b2c9fe0dec614f8076ebda Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:10:05 +0200
|
|
|
b4dd4c |
Subject: [PATCH 03/10] build: Free memory before return{,_val}_if_* macros
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
p11-kit/iter.c | 5 ++++-
|
|
|
b4dd4c |
p11-kit/proxy.c | 10 ++++++++--
|
|
|
b4dd4c |
trust/asn1.c | 15 ++++++++++++---
|
|
|
b4dd4c |
trust/builder.c | 5 ++++-
|
|
|
b4dd4c |
trust/index.c | 10 ++++++++--
|
|
|
b4dd4c |
trust/persist.c | 5 ++++-
|
|
|
b4dd4c |
trust/save.c | 29 +++++++++++++++++++++++++----
|
|
|
b4dd4c |
trust/session.c | 10 ++++++++--
|
|
|
b4dd4c |
trust/token.c | 5 ++++-
|
|
|
b4dd4c |
9 files changed, 77 insertions(+), 17 deletions(-)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/p11-kit/iter.c b/p11-kit/iter.c
|
|
|
b4dd4c |
index 0e4ca6e..d1ffd91 100644
|
|
|
b4dd4c |
--- a/p11-kit/iter.c
|
|
|
b4dd4c |
+++ b/p11-kit/iter.c
|
|
|
b4dd4c |
@@ -157,7 +157,10 @@ p11_kit_iter_new (P11KitUri *uri,
|
|
|
b4dd4c |
return_val_if_fail (iter != NULL, NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
iter->modules = p11_array_new (NULL);
|
|
|
b4dd4c |
- return_val_if_fail (iter->modules != NULL, NULL);
|
|
|
b4dd4c |
+ if (iter->modules == NULL) {
|
|
|
b4dd4c |
+ p11_kit_iter_free (iter);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
iter->want_writable = !!(behavior & P11_KIT_ITER_WANT_WRITABLE);
|
|
|
b4dd4c |
iter->preload_results = !(behavior & P11_KIT_ITER_BUSY_SESSIONS);
|
|
|
b4dd4c |
diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c
|
|
|
b4dd4c |
index b7fb63d..abe7935 100644
|
|
|
b4dd4c |
--- a/p11-kit/proxy.c
|
|
|
b4dd4c |
+++ b/p11-kit/proxy.c
|
|
|
b4dd4c |
@@ -267,7 +267,10 @@ proxy_create (Proxy **res, CK_FUNCTION_LIST **loaded,
|
|
|
b4dd4c |
py->forkid = p11_forkid;
|
|
|
b4dd4c |
|
|
|
b4dd4c |
py->inited = modules_dup (loaded);
|
|
|
b4dd4c |
- return_val_if_fail (py->inited != NULL, CKR_HOST_MEMORY);
|
|
|
b4dd4c |
+ if (py->inited == NULL) {
|
|
|
b4dd4c |
+ proxy_free (py, 0);
|
|
|
b4dd4c |
+ return_val_if_reached (CKR_HOST_MEMORY);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
rv = p11_kit_modules_initialize (py->inited, NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
@@ -320,7 +323,10 @@ proxy_create (Proxy **res, CK_FUNCTION_LIST **loaded,
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
|
|
|
b4dd4c |
py->sessions = p11_dict_new (p11_dict_ulongptr_hash, p11_dict_ulongptr_equal, NULL, free);
|
|
|
b4dd4c |
- return_val_if_fail (py->sessions != NULL, CKR_HOST_MEMORY);
|
|
|
b4dd4c |
+ if (py->sessions == NULL) {
|
|
|
b4dd4c |
+ proxy_free (py, 1);
|
|
|
b4dd4c |
+ return_val_if_reached (CKR_HOST_MEMORY);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
py->refs = 1;
|
|
|
b4dd4c |
|
|
|
b4dd4c |
*res = py;
|
|
|
b4dd4c |
diff --git a/trust/asn1.c b/trust/asn1.c
|
|
|
b4dd4c |
index dd1812d..5ce682d 100644
|
|
|
b4dd4c |
--- a/trust/asn1.c
|
|
|
b4dd4c |
+++ b/trust/asn1.c
|
|
|
b4dd4c |
@@ -285,11 +285,17 @@ p11_asn1_cache_new (void)
|
|
|
b4dd4c |
return_val_if_fail (cache != NULL, NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
cache->defs = p11_asn1_defs_load ();
|
|
|
b4dd4c |
- return_val_if_fail (cache->defs != NULL, NULL);
|
|
|
b4dd4c |
+ if (cache->defs == NULL) {
|
|
|
b4dd4c |
+ p11_asn1_cache_free (cache);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
cache->items = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal,
|
|
|
b4dd4c |
NULL, free_asn1_item);
|
|
|
b4dd4c |
- return_val_if_fail (cache->items != NULL, NULL);
|
|
|
b4dd4c |
+ if (cache->items == NULL) {
|
|
|
b4dd4c |
+ p11_asn1_cache_free (cache);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
return cache;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
@@ -342,7 +348,10 @@ p11_asn1_cache_take (p11_asn1_cache *cache,
|
|
|
b4dd4c |
item->length = der_len;
|
|
|
b4dd4c |
item->node = node;
|
|
|
b4dd4c |
item->struct_name = strdup (struct_name);
|
|
|
b4dd4c |
- return_if_fail (item->struct_name != NULL);
|
|
|
b4dd4c |
+ if (item->struct_name == NULL) {
|
|
|
b4dd4c |
+ free_asn1_item (item);
|
|
|
b4dd4c |
+ return_if_reached ();
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
if (!p11_dict_set (cache->items, (void *)der, item))
|
|
|
b4dd4c |
return_if_reached ();
|
|
|
b4dd4c |
diff --git a/trust/builder.c b/trust/builder.c
|
|
|
b4dd4c |
index 742c544..d819dc8 100644
|
|
|
b4dd4c |
--- a/trust/builder.c
|
|
|
b4dd4c |
+++ b/trust/builder.c
|
|
|
b4dd4c |
@@ -187,7 +187,10 @@ p11_builder_new (int flags)
|
|
|
b4dd4c |
return_val_if_fail (builder != NULL, NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
builder->asn1_cache = p11_asn1_cache_new ();
|
|
|
b4dd4c |
- return_val_if_fail (builder->asn1_cache, NULL);
|
|
|
b4dd4c |
+ if (builder->asn1_cache == NULL) {
|
|
|
b4dd4c |
+ p11_builder_free (builder);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
builder->asn1_defs = p11_asn1_cache_defs (builder->asn1_cache);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
builder->flags = flags;
|
|
|
b4dd4c |
diff --git a/trust/index.c b/trust/index.c
|
|
|
b4dd4c |
index f4b6b4b..6a8e535 100644
|
|
|
b4dd4c |
--- a/trust/index.c
|
|
|
b4dd4c |
+++ b/trust/index.c
|
|
|
b4dd4c |
@@ -170,10 +170,16 @@ p11_index_new (p11_index_build_cb build,
|
|
|
b4dd4c |
index->objects = p11_dict_new (p11_dict_ulongptr_hash,
|
|
|
b4dd4c |
p11_dict_ulongptr_equal,
|
|
|
b4dd4c |
NULL, free_object);
|
|
|
b4dd4c |
- return_val_if_fail (index->objects != NULL, NULL);
|
|
|
b4dd4c |
+ if (index->objects == NULL) {
|
|
|
b4dd4c |
+ p11_index_free (index);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
index->buckets = calloc (NUM_BUCKETS, sizeof (index_bucket));
|
|
|
b4dd4c |
- return_val_if_fail (index->buckets != NULL, NULL);
|
|
|
b4dd4c |
+ if (index->buckets == NULL) {
|
|
|
b4dd4c |
+ p11_index_free (index);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
return index;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
diff --git a/trust/persist.c b/trust/persist.c
|
|
|
b4dd4c |
index 887b316..569cea1 100644
|
|
|
b4dd4c |
--- a/trust/persist.c
|
|
|
b4dd4c |
+++ b/trust/persist.c
|
|
|
b4dd4c |
@@ -89,7 +89,10 @@ p11_persist_new (void)
|
|
|
b4dd4c |
return_val_if_fail (persist != NULL, NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
persist->constants = p11_constant_reverse (true);
|
|
|
b4dd4c |
- return_val_if_fail (persist->constants != NULL, NULL);
|
|
|
b4dd4c |
+ if (persist->constants == NULL) {
|
|
|
b4dd4c |
+ free (persist);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
return persist;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
diff --git a/trust/save.c b/trust/save.c
|
|
|
b4dd4c |
index abff864..8184e13 100644
|
|
|
b4dd4c |
--- a/trust/save.c
|
|
|
b4dd4c |
+++ b/trust/save.c
|
|
|
b4dd4c |
@@ -68,6 +68,8 @@ static char * make_unique_name (const char *bare,
|
|
|
b4dd4c |
const char *extension,
|
|
|
b4dd4c |
int (*check) (void *, char *),
|
|
|
b4dd4c |
void *data);
|
|
|
b4dd4c |
+static void filo_free (p11_save_file *file);
|
|
|
b4dd4c |
+static void dir_free (p11_save_dir *dir);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
bool
|
|
|
b4dd4c |
p11_save_write_and_finish (p11_save_file *file,
|
|
|
b4dd4c |
@@ -114,9 +116,15 @@ p11_save_open_file (const char *path,
|
|
|
b4dd4c |
return_val_if_fail (file != NULL, NULL);
|
|
|
b4dd4c |
file->temp = temp;
|
|
|
b4dd4c |
file->bare = strdup (path);
|
|
|
b4dd4c |
- return_val_if_fail (file->bare != NULL, NULL);
|
|
|
b4dd4c |
+ if (file->bare == NULL) {
|
|
|
b4dd4c |
+ filo_free (file);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
file->extension = strdup (extension);
|
|
|
b4dd4c |
- return_val_if_fail (file->extension != NULL, NULL);
|
|
|
b4dd4c |
+ if (file->extension == NULL) {
|
|
|
b4dd4c |
+ filo_free (file);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
file->flags = flags;
|
|
|
b4dd4c |
file->fd = fd;
|
|
|
b4dd4c |
|
|
|
b4dd4c |
@@ -166,6 +174,13 @@ filo_free (p11_save_file *file)
|
|
|
b4dd4c |
free (file);
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
|
|
|
b4dd4c |
+static void
|
|
|
b4dd4c |
+dir_free (p11_save_dir *dir) {
|
|
|
b4dd4c |
+ p11_dict_free (dir->cache);
|
|
|
b4dd4c |
+ free (dir->path);
|
|
|
b4dd4c |
+ free (dir);
|
|
|
b4dd4c |
+}
|
|
|
b4dd4c |
+
|
|
|
b4dd4c |
#ifdef OS_UNIX
|
|
|
b4dd4c |
|
|
|
b4dd4c |
static int
|
|
|
b4dd4c |
@@ -349,10 +364,16 @@ p11_save_open_directory (const char *path,
|
|
|
b4dd4c |
return_val_if_fail (dir != NULL, NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
dir->path = strdup (path);
|
|
|
b4dd4c |
- return_val_if_fail (dir->path != NULL, NULL);
|
|
|
b4dd4c |
+ if (dir->path == NULL) {
|
|
|
b4dd4c |
+ dir_free (dir);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
dir->cache = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, free, NULL);
|
|
|
b4dd4c |
- return_val_if_fail (dir->cache != NULL, NULL);
|
|
|
b4dd4c |
+ if (dir->cache == NULL) {
|
|
|
b4dd4c |
+ dir_free (dir);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
dir->flags = flags;
|
|
|
b4dd4c |
return dir;
|
|
|
b4dd4c |
diff --git a/trust/session.c b/trust/session.c
|
|
|
b4dd4c |
index b93a5c3..d464394 100644
|
|
|
b4dd4c |
--- a/trust/session.c
|
|
|
b4dd4c |
+++ b/trust/session.c
|
|
|
b4dd4c |
@@ -59,12 +59,18 @@ p11_session_new (p11_token *token)
|
|
|
b4dd4c |
session->handle = p11_module_next_id ();
|
|
|
b4dd4c |
|
|
|
b4dd4c |
session->builder = p11_builder_new (P11_BUILDER_FLAG_NONE);
|
|
|
b4dd4c |
- return_val_if_fail (session->builder, NULL);
|
|
|
b4dd4c |
+ if (session->builder == NULL) {
|
|
|
b4dd4c |
+ p11_session_free (session);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
session->index = p11_index_new (p11_builder_build, NULL, NULL,
|
|
|
b4dd4c |
p11_builder_changed,
|
|
|
b4dd4c |
session->builder);
|
|
|
b4dd4c |
- return_val_if_fail (session->index != NULL, NULL);
|
|
|
b4dd4c |
+ if (session->index == NULL) {
|
|
|
b4dd4c |
+ p11_session_free (session);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
session->token = token;
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/trust/token.c b/trust/token.c
|
|
|
b4dd4c |
index 4cbcc77..fd3b043 100644
|
|
|
b4dd4c |
--- a/trust/token.c
|
|
|
b4dd4c |
+++ b/trust/token.c
|
|
|
b4dd4c |
@@ -829,7 +829,10 @@ p11_token_new (CK_SLOT_ID slot,
|
|
|
b4dd4c |
return_val_if_fail (token != NULL, NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
token->builder = p11_builder_new (P11_BUILDER_FLAG_TOKEN);
|
|
|
b4dd4c |
- return_val_if_fail (token->builder != NULL, NULL);
|
|
|
b4dd4c |
+ if (token->builder == NULL) {
|
|
|
b4dd4c |
+ p11_token_free (token);
|
|
|
b4dd4c |
+ return_val_if_reached (NULL);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
token->index = p11_index_new (on_index_build,
|
|
|
b4dd4c |
on_index_store,
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From 06323aed926ddc67bd18ed98e5af92035a8e3d39 Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:14:46 +0200
|
|
|
b4dd4c |
Subject: [PATCH 04/10] build: Check return value of p11_dict_set
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
p11-kit/proxy.c | 3 ++-
|
|
|
b4dd4c |
p11-kit/rpc-server.c | 6 +++++-
|
|
|
b4dd4c |
trust/module.c | 3 ++-
|
|
|
b4dd4c |
3 files changed, 9 insertions(+), 3 deletions(-)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c
|
|
|
b4dd4c |
index abe7935..11e6165 100644
|
|
|
b4dd4c |
--- a/p11-kit/proxy.c
|
|
|
b4dd4c |
+++ b/p11-kit/proxy.c
|
|
|
b4dd4c |
@@ -612,7 +612,8 @@ proxy_C_OpenSession (CK_X_FUNCTION_LIST *self,
|
|
|
b4dd4c |
sess->wrap_slot = map.wrap_slot;
|
|
|
b4dd4c |
sess->real_session = *handle;
|
|
|
b4dd4c |
sess->wrap_session = ++state->last_handle; /* TODO: Handle wrapping, and then collisions */
|
|
|
b4dd4c |
- p11_dict_set (state->px->sessions, &sess->wrap_session, sess);
|
|
|
b4dd4c |
+ if (!p11_dict_set (state->px->sessions, &sess->wrap_session, sess))
|
|
|
b4dd4c |
+ warn_if_reached ();
|
|
|
b4dd4c |
*handle = sess->wrap_session;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
|
|
|
b4dd4c |
index 2db3524..3a8991d 100644
|
|
|
b4dd4c |
--- a/p11-kit/rpc-server.c
|
|
|
b4dd4c |
+++ b/p11-kit/rpc-server.c
|
|
|
b4dd4c |
@@ -2226,7 +2226,11 @@ p11_kit_remote_serve_tokens (const char **tokens,
|
|
|
b4dd4c |
p11_message_err (error, "couldn't subclass filter");
|
|
|
b4dd4c |
goto out;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
- p11_dict_set (filters, module, filter);
|
|
|
b4dd4c |
+ if (!p11_dict_set (filters, module, filter)) {
|
|
|
b4dd4c |
+ error = EINVAL;
|
|
|
b4dd4c |
+ p11_message_err (error, "couldn't register filter");
|
|
|
b4dd4c |
+ goto out;
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
|
|
|
b4dd4c |
for (i = 0; i < n_tokens; i++) {
|
|
|
b4dd4c |
diff --git a/trust/module.c b/trust/module.c
|
|
|
b4dd4c |
index e09113b..24cda87 100644
|
|
|
b4dd4c |
--- a/trust/module.c
|
|
|
b4dd4c |
+++ b/trust/module.c
|
|
|
b4dd4c |
@@ -1321,7 +1321,8 @@ find_objects_match (CK_ATTRIBUTE *attrs,
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
value = memdup (oid->pValue, oid->ulValueLen);
|
|
|
b4dd4c |
return_val_if_fail (value != NULL, false);
|
|
|
b4dd4c |
- p11_dict_set (find->extensions, value, value);
|
|
|
b4dd4c |
+ if (!p11_dict_set (find->extensions, value, value))
|
|
|
b4dd4c |
+ warn_if_reached ();
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From 213ea0815ef45411bf6c134918b79d2aad69c1dc Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:16:12 +0200
|
|
|
b4dd4c |
Subject: [PATCH 05/10] build: Check return value of p11_rpc_buffer_get_uint64
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
p11-kit/rpc-client.c | 3 ++-
|
|
|
b4dd4c |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/p11-kit/rpc-client.c b/p11-kit/rpc-client.c
|
|
|
b4dd4c |
index 0dd4525..e202e37 100644
|
|
|
b4dd4c |
--- a/p11-kit/rpc-client.c
|
|
|
b4dd4c |
+++ b/p11-kit/rpc-client.c
|
|
|
b4dd4c |
@@ -371,7 +371,8 @@ proto_read_ulong_array (p11_rpc_message *msg, CK_ULONG_PTR arr,
|
|
|
b4dd4c |
|
|
|
b4dd4c |
/* We need to go ahead and read everything in all cases */
|
|
|
b4dd4c |
for (i = 0; i < num; ++i) {
|
|
|
b4dd4c |
- p11_rpc_buffer_get_uint64 (msg->input, &msg->parsed, &val;;
|
|
|
b4dd4c |
+ if (!p11_rpc_buffer_get_uint64 (msg->input, &msg->parsed, &val))
|
|
|
b4dd4c |
+ return PARSE_ERROR;
|
|
|
b4dd4c |
if (arr)
|
|
|
b4dd4c |
arr[i] = (CK_ULONG)val;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From 1f78cb0b4dd193ec1f1b2b424a497a6c2edec043 Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:16:51 +0200
|
|
|
b4dd4c |
Subject: [PATCH 06/10] rpc-server: p11_kit_remote_serve_tokens: Fix memleak
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
p11-kit/rpc-server.c | 5 +++++
|
|
|
b4dd4c |
1 file changed, 5 insertions(+)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
|
|
|
b4dd4c |
index 3a8991d..5b3dbf0 100644
|
|
|
b4dd4c |
--- a/p11-kit/rpc-server.c
|
|
|
b4dd4c |
+++ b/p11-kit/rpc-server.c
|
|
|
b4dd4c |
@@ -2285,6 +2285,11 @@ p11_kit_remote_serve_tokens (const char **tokens,
|
|
|
b4dd4c |
p11_kit_modules_release (modules);
|
|
|
b4dd4c |
if (error != 0)
|
|
|
b4dd4c |
errno = error;
|
|
|
b4dd4c |
+ if (uris) {
|
|
|
b4dd4c |
+ for (i = 0; i < n_tokens; i++)
|
|
|
b4dd4c |
+ p11_kit_uri_free (uris[i]);
|
|
|
b4dd4c |
+ free (uris);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
|
|
|
b4dd4c |
return ret;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From 033cd90806cb1e2eab7e799703757abc2f07052e Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:18:05 +0200
|
|
|
b4dd4c |
Subject: [PATCH 07/10] proxy: Fix null dereference when reusing slots
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
p11-kit/proxy.c | 5 ++++-
|
|
|
b4dd4c |
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c
|
|
|
b4dd4c |
index 11e6165..8eaf205 100644
|
|
|
b4dd4c |
--- a/p11-kit/proxy.c
|
|
|
b4dd4c |
+++ b/p11-kit/proxy.c
|
|
|
b4dd4c |
@@ -307,7 +307,10 @@ proxy_create (Proxy **res, CK_FUNCTION_LIST **loaded,
|
|
|
b4dd4c |
break;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
py->mappings[py->n_mappings].funcs = funcs;
|
|
|
b4dd4c |
- py->mappings[py->n_mappings].wrap_slot = j == n_mappings ? py->n_mappings + MAPPING_OFFSET : mappings[j].wrap_slot;
|
|
|
b4dd4c |
+ py->mappings[py->n_mappings].wrap_slot =
|
|
|
b4dd4c |
+ (n_mappings == 0 || j == n_mappings) ?
|
|
|
b4dd4c |
+ py->n_mappings + MAPPING_OFFSET :
|
|
|
b4dd4c |
+ mappings[j].wrap_slot;
|
|
|
b4dd4c |
py->mappings[py->n_mappings].real_slot = slots[i];
|
|
|
b4dd4c |
++py->n_mappings;
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From da73c2804b3ca962fa51473bb4c303a5ed32d4a1 Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Tue, 16 Oct 2018 18:20:12 +0200
|
|
|
b4dd4c |
Subject: [PATCH 08/10] trust: Set umask before calling mkstemp
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
trust/save.c | 3 +++
|
|
|
b4dd4c |
1 file changed, 3 insertions(+)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/trust/save.c b/trust/save.c
|
|
|
b4dd4c |
index 8184e13..bb77348 100644
|
|
|
b4dd4c |
--- a/trust/save.c
|
|
|
b4dd4c |
+++ b/trust/save.c
|
|
|
b4dd4c |
@@ -95,6 +95,7 @@ p11_save_open_file (const char *path,
|
|
|
b4dd4c |
{
|
|
|
b4dd4c |
p11_save_file *file;
|
|
|
b4dd4c |
char *temp;
|
|
|
b4dd4c |
+ mode_t mode;
|
|
|
b4dd4c |
int fd;
|
|
|
b4dd4c |
|
|
|
b4dd4c |
return_val_if_fail (path != NULL, NULL);
|
|
|
b4dd4c |
@@ -105,7 +106,9 @@ p11_save_open_file (const char *path,
|
|
|
b4dd4c |
if (asprintf (&temp, "%s%s.XXXXXX", path, extension) < 0)
|
|
|
b4dd4c |
return_val_if_reached (NULL);
|
|
|
b4dd4c |
|
|
|
b4dd4c |
+ mode = umask (0077);
|
|
|
b4dd4c |
fd = mkstemp (temp);
|
|
|
b4dd4c |
+ umask (mode);
|
|
|
b4dd4c |
if (fd < 0) {
|
|
|
b4dd4c |
p11_message_err (errno, "couldn't create file: %s%s", path, extension);
|
|
|
b4dd4c |
free (temp);
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From 6417780ebbbbb0f01ddb001b239347655fb98578 Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Wed, 17 Oct 2018 09:53:27 +0200
|
|
|
b4dd4c |
Subject: [PATCH 09/10] rpc-server: Check calloc failure
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
p11-kit/rpc-server.c | 4 ++++
|
|
|
b4dd4c |
1 file changed, 4 insertions(+)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
|
|
|
b4dd4c |
index 5b3dbf0..3216742 100644
|
|
|
b4dd4c |
--- a/p11-kit/rpc-server.c
|
|
|
b4dd4c |
+++ b/p11-kit/rpc-server.c
|
|
|
b4dd4c |
@@ -2219,6 +2219,10 @@ p11_kit_remote_serve_tokens (const char **tokens,
|
|
|
b4dd4c |
filter = p11_dict_get (filters, module);
|
|
|
b4dd4c |
if (filter == NULL) {
|
|
|
b4dd4c |
lower = calloc (1, sizeof (p11_virtual));
|
|
|
b4dd4c |
+ if (lower == NULL) {
|
|
|
b4dd4c |
+ error = ENOMEM;
|
|
|
b4dd4c |
+ goto out;
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
p11_virtual_init (lower, &p11_virtual_base, module, NULL);
|
|
|
b4dd4c |
filter = p11_filter_subclass (lower, NULL);
|
|
|
b4dd4c |
if (filter == NULL) {
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|
|
|
b4dd4c |
|
|
|
b4dd4c |
From 83e92c2f9575707083d8b0c70ef330e285d70836 Mon Sep 17 00:00:00 2001
|
|
|
b4dd4c |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
b4dd4c |
Date: Wed, 17 Oct 2018 09:53:46 +0200
|
|
|
b4dd4c |
Subject: [PATCH 10/10] trust: Check index->buckets is allocated on cleanup
|
|
|
b4dd4c |
|
|
|
b4dd4c |
---
|
|
|
b4dd4c |
trust/index.c | 8 +++++---
|
|
|
b4dd4c |
1 file changed, 5 insertions(+), 3 deletions(-)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
diff --git a/trust/index.c b/trust/index.c
|
|
|
b4dd4c |
index 6a8e535..2d1da29 100644
|
|
|
b4dd4c |
--- a/trust/index.c
|
|
|
b4dd4c |
+++ b/trust/index.c
|
|
|
b4dd4c |
@@ -193,9 +193,11 @@ p11_index_free (p11_index *index)
|
|
|
b4dd4c |
|
|
|
b4dd4c |
p11_dict_free (index->objects);
|
|
|
b4dd4c |
p11_dict_free (index->changes);
|
|
|
b4dd4c |
- for (i = 0; i < NUM_BUCKETS; i++)
|
|
|
b4dd4c |
- free (index->buckets[i].elem);
|
|
|
b4dd4c |
- free (index->buckets);
|
|
|
b4dd4c |
+ if (index->buckets) {
|
|
|
b4dd4c |
+ for (i = 0; i < NUM_BUCKETS; i++)
|
|
|
b4dd4c |
+ free (index->buckets[i].elem);
|
|
|
b4dd4c |
+ free (index->buckets);
|
|
|
b4dd4c |
+ }
|
|
|
b4dd4c |
free (index);
|
|
|
b4dd4c |
}
|
|
|
b4dd4c |
|
|
|
b4dd4c |
--
|
|
|
b4dd4c |
2.17.2
|
|
|
b4dd4c |
|