diff options
author | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-17 19:18:45 +0000 |
---|---|---|
committer | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-17 19:18:45 +0000 |
commit | bb80327183474dacbb5235832cf910612fed0abc (patch) | |
tree | 854a572aea8c6ccbd11675fb980a7b2fb419da3f /pki/base | |
parent | 60117528f8cd63418492baf83878bb4fdebcbf2e (diff) | |
download | pki-bb80327183474dacbb5235832cf910612fed0abc.tar.gz pki-bb80327183474dacbb5235832cf910612fed0abc.tar.xz pki-bb80327183474dacbb5235832cf910612fed0abc.zip |
Fixed bugzilla bug #717643 - Fopen without NULL check and other Coverity issues
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2152 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base')
-rw-r--r-- | pki/base/native-tools/src/p7tool/p7tool.c | 5 | ||||
-rw-r--r-- | pki/base/native-tools/src/p7tool/secutil.c | 10 | ||||
-rw-r--r-- | pki/base/native-tools/src/setpin/setpin.c | 96 | ||||
-rw-r--r-- | pki/base/native-tools/src/setpin/setpin_options.c | 15 | ||||
-rw-r--r-- | pki/base/native-tools/src/setpin/setpin_options.h | 1 | ||||
-rw-r--r-- | pki/base/native-tools/src/tkstool/key.c | 4 | ||||
-rw-r--r-- | pki/base/native-tools/src/tkstool/random.c | 6 | ||||
-rw-r--r-- | pki/base/native-tools/src/tkstool/secutil.c | 10 |
8 files changed, 94 insertions, 53 deletions
diff --git a/pki/base/native-tools/src/p7tool/p7tool.c b/pki/base/native-tools/src/p7tool/p7tool.c index 1cc6769f0..9ab6023ff 100644 --- a/pki/base/native-tools/src/p7tool/p7tool.c +++ b/pki/base/native-tools/src/p7tool/p7tool.c @@ -263,6 +263,11 @@ DecodeAndPrintFile(FILE *out, PRFileDesc *in, char *progName, int ascii, sprintf(filename, "%s%d.der", prefix, i); outFile = fopen(filename, "wb"); + if (outFile == NULL) { + fprintf(out, "Couldn't open '%s' file for writing\n", filename); + i = -1; + break; + } nb = fwrite((char *) cert, 1, items[i]->len, outFile); fclose(outFile); diff --git a/pki/base/native-tools/src/p7tool/secutil.c b/pki/base/native-tools/src/p7tool/secutil.c index 695ce2401..45d2a242c 100644 --- a/pki/base/native-tools/src/p7tool/secutil.c +++ b/pki/base/native-tools/src/p7tool/secutil.c @@ -186,6 +186,7 @@ SECU_GetPasswordString(void *arg, char *prompt) output = fopen(consoleName, "w"); if (output == NULL) { fprintf(stderr, "Error opening output terminal for write\n"); + fclose(input); return NULL; } @@ -341,6 +342,7 @@ secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg) output = fopen(consoleName, "w"); if (output == NULL) { PR_fprintf(PR_STDERR, "Error opening output terminal for write\n"); + fclose(input); return NULL; } @@ -3544,15 +3546,13 @@ SECU_DerSignDataCRL(PRArenaPool *arena, CERTSignedData *sd, if (rv) goto loser; /* Fill out SignedData object */ - PORT_Memset(sd, 0, sizeof(sd)); + PORT_Memset(sd, 0, sizeof(*sd)); sd->data.data = buf; sd->data.len = len; sd->signature.data = it.data; sd->signature.len = it.len << 3; /* convert to bit string */ - if (!sd->signatureAlgorithm.parameters.data) { - rv = SECOID_SetAlgorithmID(arena, &sd->signatureAlgorithm, algID, 0); - if (rv) goto loser; - } + rv = SECOID_SetAlgorithmID(arena, &sd->signatureAlgorithm, algID, 0); + if (rv) goto loser; return rv; diff --git a/pki/base/native-tools/src/setpin/setpin.c b/pki/base/native-tools/src/setpin/setpin.c index f219f0584..f1bf6a8c7 100644 --- a/pki/base/native-tools/src/setpin/setpin.c +++ b/pki/base/native-tools/src/setpin/setpin.c @@ -147,7 +147,8 @@ char * trim_strdup(char *s) void readInputFile() { int more_to_read=1; - char *thedn, *thepin; + char *thedn = NULL; + char *thepin = NULL; int linenum=0; pinHashTable = PL_NewHashTable(256, @@ -168,9 +169,6 @@ void readInputFile() { char *n; char *checkdn; - thedn = NULL; - thepin = NULL; - do { n = fgets(line,4096,input); linenum++; @@ -226,6 +224,14 @@ void readInputFile() { fprintf(stderr," ...ignoring\n"); } } + if (thedn != NULL) { + free(thedn); + thedn = NULL; + } + if (thepin != NULL) { + free(thepin); + thepin = NULL; + } } while (more_to_read); } } @@ -251,7 +257,7 @@ int main(int ac, char **av) { "then run:\n %s optfile=<svr_root>/bin/cert/tools/setpin.conf\n", programName); fprintf(stderr,"\nUsage: %s option=value ... option=value\n\n", programName); - for (i=0; i< 200; i+=2) { + for (i = 0; i < valid_args_len; i += 2) { if (valid_args[i]) { fprintf(stderr,"%13s : %s\n",valid_args[i],valid_args[i+1]); } else { @@ -821,15 +827,16 @@ void processSearchResults(LDAPMessage *r) { if (generatedPassword == NULL || (strlen(generatedPassword) == 0)) { generatedPassword = newPassword(); } + if (generatedPassword == NULL || (strlen(generatedPassword) == 0)) { + errcode=13; + exitError("Couldn't generate password."); + } /* should we hash the password? */ if (o_hash) { /* we hash the DN of the user and the PIN together */ - if (hashbuf_source) { - free(hashbuf_source); - } if (o_debug) { fprintf(stderr,"checking salt attribute...\n"); } @@ -846,7 +853,10 @@ void processSearchResults(LDAPMessage *r) { hashbuf_source = malloc(strlen(saltval) + strlen(generatedPassword) + 10); - + if (hashbuf_source == NULL) { + errcode=12; + exitError("Couldn't allocate 'hashbuf_source'."); + } strcpy(hashbuf_source,saltval); strcat(hashbuf_source,generatedPassword); @@ -899,6 +909,11 @@ void processSearchResults(LDAPMessage *r) { } pindata = hashbuf_dest; + + if (hashbuf_source != NULL) { + free(hashbuf_source); + hashbuf_source = NULL; + } } else { pindata = generatedPassword; pindatasize = strlen(generatedPassword); @@ -1177,40 +1192,45 @@ void testpingen() { /* last spot is used to hold invalid chars */ totals = malloc(sizeof(int)*(charpoolsize+1)); - for (i=0;i<(charpoolsize);i++) { - totals[i] = 0; - } - totals[charpoolsize]=0; - for (i=0;i<256;i++) { - index[i] = 255; /* indicates->invalid */ - } - for (i=0;i<charpoolsize;i++) { - index[(int)(charpool[i])] = i; - } - - for (i=0;i<count;i++) { - pw = newPassword(); - if (o_debug) { - fprintf(output,"%d:%s\n",i+1,pw); + if (totals != NULL) { + for (i=0;i<(charpoolsize);i++) { + totals[i] = 0; } - pwlen = strlen(pw); - for (j=0;j<pwlen;j++) { - c = pw[j]; - if (index[(int)c] == 255) { - printf("\ninvalid char found: %02x %c\n",c,c); - totals[charpoolsize]++; - } - else { - totals[index[(int)c]]++; + totals[charpoolsize]=0; + for (i=0;i<256;i++) { + index[i] = 255; /* indicates->invalid */ + } + for (i=0;i<charpoolsize;i++) { + index[(int)(charpool[i])] = i; + } + + for (i=0;i<count;i++) { + pw = newPassword(); + if (pw != NULL) { + if (o_debug) { + fprintf(output,"%d:%s\n",i+1,pw); + } + pwlen = strlen(pw); + for (j=0;j<pwlen;j++) { + c = pw[j]; + if (index[(int)c] == 255) { + printf("\ninvalid char found: %02x %c\n",c,c); + totals[charpoolsize]++; + } + else { + totals[index[(int)c]]++; + } + } + free(pw); } } - free(pw); - } - for (i=0;i<charpoolsize;i++) { - fprintf(output,"%c: %10d\n",charpool[i],totals[i]); + for (i=0;i<charpoolsize;i++) { + fprintf(output,"%c: %10d\n",charpool[i],totals[i]); + } + fprintf(output,"invalid: %10d\n",totals[charpoolsize]); + free(totals); } - fprintf(output,"invalid: %10d\n",totals[charpoolsize]); } diff --git a/pki/base/native-tools/src/setpin/setpin_options.c b/pki/base/native-tools/src/setpin/setpin_options.c index e5e622a0b..6f06efa69 100644 --- a/pki/base/native-tools/src/setpin/setpin_options.c +++ b/pki/base/native-tools/src/setpin/setpin_options.c @@ -28,6 +28,7 @@ extern int OPT_getValue(char *option, char **output); extern void exitError(char *errstring); +extern int errcode; #define PW_DEFAULT_LENGTH 6 @@ -65,6 +66,7 @@ char *valid_args[] = { NULL }; +int valid_args_len = sizeof(valid_args)/sizeof(char *); int i_length, i_minlength, i_maxlength; @@ -183,6 +185,10 @@ void validateOptions() { char *errbuf; errbuf = (char *)malloc(2048); + if (errbuf == NULL) { + errcode=13; + exitError("Couldn't allocate 'errbuf'."); + } if (o_nickname && equals(o_ssl,"no")) { sprintf(errbuf,"specifying nickname doesn't make sense with no SSL"); @@ -236,7 +242,10 @@ void validateOptions() { } } - if (o_testpingen) return; + if (o_testpingen) { + free(errbuf); + return; + } if (!o_host || equals(o_host,"")) { strcpy(errbuf,"host missing"); @@ -254,6 +263,7 @@ void validateOptions() { } if (o_setup != NULL) { + free(errbuf); return; } @@ -275,10 +285,13 @@ void validateOptions() { goto loser; } if (equals(o_hash,"none")) o_hash = NULL; + free(errbuf); return ; loser: + errcode=14; + free(errbuf); exitError(errbuf); } diff --git a/pki/base/native-tools/src/setpin/setpin_options.h b/pki/base/native-tools/src/setpin/setpin_options.h index 2f9952cdc..45373f356 100644 --- a/pki/base/native-tools/src/setpin/setpin_options.h +++ b/pki/base/native-tools/src/setpin/setpin_options.h @@ -43,6 +43,7 @@ extern char *o_certdb,*o_nickname,*o_binddn,*o_bindpw,*o_bindpwfile,*o_filter,*o *o_pinmanager,*o_pinmanagerpwd,*o_schemachange; extern char *valid_args[]; +extern int valid_args_len; extern void setDefaultOptions(); extern void getOptions(); diff --git a/pki/base/native-tools/src/tkstool/key.c b/pki/base/native-tools/src/tkstool/key.c index 72d2f025c..4fd37963b 100644 --- a/pki/base/native-tools/src/tkstool/key.c +++ b/pki/base/native-tools/src/tkstool/key.c @@ -810,7 +810,9 @@ TKS_GenerateSessionKeyShare( char *sessionKeyShareName, PRIntn i = 0; PRIntn KCVLen = KCV_LENGTH; PRUint8 *KCV = NULL; - SECItem hexSessionKeyShare; + SECItem hexSessionKeyShare = { siBuffer, + NULL, + 0 }; SECStatus rvKCV = SECFailure; SECStatus sessionKeyShareStatus = SECFailure; SECStatus status = SECFailure; diff --git a/pki/base/native-tools/src/tkstool/random.c b/pki/base/native-tools/src/tkstool/random.c index 38de32095..49dfb525e 100644 --- a/pki/base/native-tools/src/tkstool/random.c +++ b/pki/base/native-tools/src/tkstool/random.c @@ -67,7 +67,7 @@ UpdateRNG( void ) /* Get random noise from keyboard strokes */ randbuf = ( char * ) PORT_Alloc( RAND_BUF_LENGTH ); count = 0; - while( count < NUM_KEYSTROKES+1 ) { + while( randbuf != NULL && count < NUM_KEYSTROKES+1 ) { #ifdef VMS c = GENERIC_GETCHAR_NOECHO(); #elif XP_UNIX @@ -82,7 +82,7 @@ UpdateRNG( void ) PK11_RandomUpdate( /* data */ randbuf, - /* length in bytes */ sizeof( randbuf ) ); + /* length in bytes */ RAND_BUF_LENGTH ); if( c != randbuf[0] ) { randbuf[0] = c; @@ -103,7 +103,7 @@ UpdateRNG( void ) } } - free( randbuf ); + if (randbuf != NULL) free (randbuf); FPS "\n\n"); FPS "Finished.\n"); diff --git a/pki/base/native-tools/src/tkstool/secutil.c b/pki/base/native-tools/src/tkstool/secutil.c index 610a723c3..16e142e04 100644 --- a/pki/base/native-tools/src/tkstool/secutil.c +++ b/pki/base/native-tools/src/tkstool/secutil.c @@ -185,6 +185,7 @@ SECU_GetPasswordString(void *arg, char *prompt) output = fopen(consoleName, "w"); if (output == NULL) { fprintf(stderr, "Error opening output terminal for write\n"); + fclose(input); return NULL; } @@ -339,6 +340,7 @@ secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg) output = fopen(consoleName, "w"); if (output == NULL) { PR_fprintf(PR_STDERR, "Error opening output terminal for write\n"); + fclose(input); return NULL; } @@ -3541,15 +3543,13 @@ SECU_DerSignDataCRL(PRArenaPool *arena, CERTSignedData *sd, if (rv) goto loser; /* Fill out SignedData object */ - PORT_Memset(sd, 0, sizeof(sd)); + PORT_Memset(sd, 0, sizeof(*sd)); sd->data.data = buf; sd->data.len = len; sd->signature.data = it.data; sd->signature.len = it.len << 3; /* convert to bit string */ - if (!sd->signatureAlgorithm.parameters.data) { - rv = SECOID_SetAlgorithmID(arena, &sd->signatureAlgorithm, algID, 0); - if (rv) goto loser; - } + rv = SECOID_SetAlgorithmID(arena, &sd->signatureAlgorithm, algID, 0); + if (rv) goto loser; return rv; |