-
Notifications
You must be signed in to change notification settings - Fork 713
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Coverity fixes from last run (though still not all of them) #982
Conversation
card-cac.c * CLANG_WARNING: The left operand of '<' is a garbage value card-coolkey.c * CLANG_WARNING: overwriting variable * CPPCHECK_WARNING: memory leak / overwrite variable * CLANG_WARNING: null pointer dereference * UNUSED_VALUE: unused return value card-gids.c * CLANG_WARNING: Branch condition evaluates to a garbage value * SIZEOF_MISMATCH: suspicious_sizeof card-myeid.c * RESOURCE_LEAK: Variable "buf" going out of scope leaks the storage it points to. * CLANG_WARNING: overwriting variable * (rewrite not to confuse coverity) pkcs15-cac.c * RESOURCE_LEAK: Variable "cert_out" going out of scope leaks the storage it points to. pkcs15-coolkey.c * UNUSED_VALUE: unused return value pkcs15-piv.c * RESOURCE_LEAK: Variable "cert_out" going out of scope leaks the storage it points to. pkcs15-sc-hsm.c * DEADCODE pkcs11/framework-pkcs15.c * RESOURCE_LEAK: Variable "p15_cert" going out of scope leaks the storage it points to. pkcs15init/pkcs15-lib.c * CLANG_WARNING: Assigned value is garbage or undefined pkcs15init/pkcs15-myeid.c * UNREACHABLE: Probably wrong placement of code block tests/p15dump.c * IDENTICAL_BRANCHES pkcs15-init.c * CLANG_WARNING: Potential leak of memory pointed to by 'args.der_encoded.value' pkcs15-tool.c * RESOURCE_LEAK: Variable "cert" going out of scope leaks the storage it points to. * MISSING_BREAK: The above case falls through to this one. sc-hsm-tool.c * CLANG_WARNING: Potential leak of memory pointed to by 'sp' westcos-tool.c * FORWARD_NULL: Passing null pointer "pin" to "unlock_pin", which dereferences it. * (rewrite not to confuse coverity)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, good work!
When calling sc_pkcs15_free_certificate
with NULL
, we will hit an assert
. So you should check for NULL before or remove the assert in the function.
src/libopensc/pkcs15-cac.c
Outdated
@@ -352,12 +352,14 @@ static int sc_pkcs15emu_cac_init(sc_pkcs15_card_t *p15card) | |||
r = sc_pkcs15_read_certificate(p15card, &cert_info, &cert_out); | |||
if (r < 0 || cert_out->key == NULL) { | |||
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Failed to read/parse the certificate r=%d",r); | |||
sc_pkcs15_free_certificate(cert_out); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if cert_out
is NULL
, then we will hit an assert
in sc_pkcs15_free_certificate
. So you should check for NULL here or remove the assert.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I will add the null check here to make it sane. Thanks for pointing it out (already fixed in the other case).
if (sc_card_find_ec_alg(p15card->card, keybits, &prkey->u.ec.params.id) == NULL) | ||
LOG_TEST_RET(ctx, SC_ERROR_INVALID_ARGUMENTS, "Unsupported algorithm or key size"); | ||
break; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change should be confirmed with an actual card. @mtrojnar or @hhonkanen could you have a look?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for pointing to appropriate people to discuss this change with.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The LOG_TEST_RET(..., SC_ERROR_INVALID_ARGUMENTS, ...)
macro always returns SC_ERROR_INVALID_ARGUMENTS
, so break;
is redundant (does not do anything) here. The code would be more clear if SC_FUNC_RETURN()
was used instead of LOG_TEST_RET()
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mtrojnar have a look on the full diff of the file. Originally, the break
was before the sc_card_find_ec_alg()
so it was not even called.
Also if sc_card_find_ec_alg()
succeed, it would fall through to the default
of the switch, which is certainly not intended.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The change looks sensible and the break was clearly in wrong place. In the previous function "myeid_create_key", there is the same check implemented correctly and I am 95% sure that this is ok, because I have tested this code. Please look at lines 440-447. I can test with an actual card but right now I am under high workload so it might take a while before I have the chance.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hhonkanen did you have time to test the change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not yet, but I am trying to find some time for OpenSC dev this and next week. I will confirm this change after I have tested.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, thanks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested myeid_store_key as follows: Using pkcs15-init tool I imported a 521 bit ECC key into a card that supports 521 bit keys. Traced through this function with debugger and it goes fine, the key was imported into the card.
Tested the same command with a card that supports ECC only up to 256 bit keys. We don't even get into this function, OpenSC notices earlier that the key size is not listed as supported and returns with error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, thanks. Sounds good enough for me.
The comment from @frankmorgner : also applies to the change to card-piv.c and needs a change like e73b2ad |
banging my head against the table. Obviously. Thanks for patience :) |
@@ -411,6 +411,8 @@ char *scconf_list_strdup(const scconf_list * list, const char *filler) | |||
if (filler) { | |||
len += scconf_list_array_length(list) * (strlen(filler) + 1); | |||
} | |||
if (len == 0) | |||
return NULL; | |||
buf = malloc(len); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
according to the Linux manual, calling malloc
with 0
should be fine, but that may be different on other platforms.
if (sc_card_find_ec_alg(p15card->card, keybits, &prkey->u.ec.params.id) == NULL) | ||
LOG_TEST_RET(ctx, SC_ERROR_INVALID_ARGUMENTS, "Unsupported algorithm or key size"); | ||
break; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hhonkanen did you have time to test the change?
card-cac.c
card-coolkey.c
card-gids.c
CLANG_WARNING: Branch condition evaluates to a garbage value
SIZEOF_MISMATCH: suspicious_sizeof
card-myeid.c
RESOURCE_LEAK: Variable "buf" going out of scope leaks the storage it points to.
CLANG_WARNING: overwriting variable
(rewrite not to confuse coverity)
pkcs15-cac.c
pkcs15-coolkey.c
pkcs15-piv.c
pkcs15-sc-hsm.c
pkcs11/framework-pkcs15.c
pkcs15init/pkcs15-lib.c
pkcs15init/pkcs15-myeid.c
tests/p15dump.c
pkcs15-init.c
pkcs15-tool.c
sc-hsm-tool.c
westcos-tool.c