rpms/certmonger
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Pull in upstream fixes discovered in coverity and clang

Browse Source
This commit is contained in:
Rob Crittenden 2018-10-04 09:32:35 -04:00
parent 37cd032951
commit 3103197f85
9 changed files with 1075 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
0009-Fix-memory-leak-in-util_internal_token_name.patch Normal file
View File

@ -0,0 +1,95 @@
From 5d2554ed31fa6bc121d94efe533f9e4fea3900aa Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 4 Oct 2018 08:21:35 -0400
Subject: [PATCH 09/16] Fix memory leak in util_internal_token_name()
Allocate memory using the talloc context instead of relying on
the caller to call free().
---
src/certread-n.c | 2 +-
src/certsave-n.c | 2 +-
src/keygen-n.c | 2 +-
src/keyiread-n.c | 2 +-
src/submit-n.c | 2 +-
src/util-n.c | 2 +-
6 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/certread-n.c b/src/certread-n.c
index 1d9217c6..d535030b 100644
--- a/src/certread-n.c
+++ b/src/certread-n.c
@@ -191,7 +191,7 @@ cm_certread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
_exit(CM_SUB_STATUS_ERROR_AUTH);
}
if (entry->cm_cert_token == NULL) {
- entry->cm_cert_token = util_internal_token_name();
+ entry->cm_cert_token = talloc_strdup(entry, util_internal_token_name());
}
PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);
for (sle = slotlist->head;
diff --git a/src/certsave-n.c b/src/certsave-n.c
index fcb43148..49b28324 100644
--- a/src/certsave-n.c
+++ b/src/certsave-n.c
@@ -215,7 +215,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
}
PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);
if (entry->cm_cert_token == NULL) {
- entry->cm_cert_token = util_internal_token_name();
+ entry->cm_cert_token = talloc_strdup(entry, util_internal_token_name());
}
for (sle = slotlist->head;
((sle != NULL) && (sle->slot != NULL));
diff --git a/src/keygen-n.c b/src/keygen-n.c
index f7fdf6c0..76a5c1d3 100644
--- a/src/keygen-n.c
+++ b/src/keygen-n.c
@@ -273,7 +273,7 @@ cm_keygen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
_exit(CM_SUB_STATUS_ERROR_NO_TOKEN);
}
if (entry->cm_cert_token == NULL) {
- entry->cm_cert_token = util_internal_token_name();
+ entry->cm_cert_token = talloc_strdup(entry, util_internal_token_name());
}
/* Walk the list looking for the requested slot, or the first one if
* none was requested. */
diff --git a/src/keyiread-n.c b/src/keyiread-n.c
index b8408bf1..8f46ec0f 100644
--- a/src/keyiread-n.c
+++ b/src/keyiread-n.c
@@ -153,7 +153,7 @@ cm_keyiread_n_get_keys(struct cm_store_entry *entry, int readwrite)
}
PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);
if (entry->cm_key_token == NULL) {
- entry->cm_key_token = util_internal_token_name();
+ entry->cm_key_token = talloc_strdup(entry, util_internal_token_name());
}
n_tokens = 0;
pubkey = NULL;
diff --git a/src/submit-n.c b/src/submit-n.c
index da07d253..ee6f3105 100644
--- a/src/submit-n.c
+++ b/src/submit-n.c
@@ -347,7 +347,7 @@ cm_submit_n_decrypt_envelope(const unsigned char *envelope,
goto done;
}
if (args->entry->cm_key_token == NULL) {
- args->entry->cm_key_token = util_internal_token_name();
+ args->entry->cm_key_token = talloc_strdup(args->entry, util_internal_token_name());
}
PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);
n_tokens = 0;
diff --git a/src/util-n.c b/src/util-n.c
index 293e2583..4ab3d47b 100644
--- a/src/util-n.c
+++ b/src/util-n.c
@@ -291,5 +291,5 @@ util_set_db_entry_cert_owner(const char *dbdir, struct cm_store_entry *entry)
char *
util_internal_token_name()
{
- return strdup(PK11_GetTokenName(PK11_GetInternalKeySlot()));
+ return PK11_GetTokenName(PK11_GetInternalKeySlot());
}
--
2.14.4

266
0010-clang-Dead-assignment.patch Normal file
View File

@ -0,0 +1,266 @@
From 648fe74986f2a84416805cfd73206e9e67166ae2 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 13 Sep 2018 15:40:23 -0400
Subject: [PATCH 10/16] clang: Dead assignment
---
src/casave.c | 4 +++-
src/keygen-n.c | 1 -
src/keyiread-n.c | 1 -
src/store-files.c | 2 --
src/store-gen.c | 3 ---
src/submit-e.c | 54 ++++++++++++++++++++++++++------------------------
src/submit-u.c | 2 --
src/tdbush.c | 8 ++++++--
tests/tools/addcinfo.c | 1 -
tests/tools/certsave.c | 4 +++-
10 files changed, 40 insertions(+), 40 deletions(-)
diff --git a/src/casave.c b/src/casave.c
index 5fb31b8d..bde63f99 100644
--- a/src/casave.c
+++ b/src/casave.c
@@ -163,7 +163,6 @@ cm_casave_main_n(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
decoded = CERT_DecodeCertFromPackage(package,
strlen(package));
p = state->certs[i]->nickname;
- ttrust = ",,";
switch (state->certs[i]->level) {
case root:
case other_root:
@@ -178,6 +177,9 @@ cm_casave_main_n(int fd, struct cm_store_ca *ca, struct cm_store_entry *e,
ttrust = ",,";
}
break;
+ default:
+ ttrust = ",,";
+ break;
}
memset(&trust, 0, sizeof(trust));
CERT_DecodeTrustString(&trust, ttrust);
diff --git a/src/keygen-n.c b/src/keygen-n.c
index 76a5c1d3..061bd2af 100644
--- a/src/keygen-n.c
+++ b/src/keygen-n.c
@@ -591,7 +591,6 @@ retry_gen:
break;
}
}
- generated_size = SECKEY_PublicKeyStrengthInBits(pubkey);
cm_log(1, "Ended up with %d bit public key.\n",
SECKEY_PublicKeyStrengthInBits(pubkey));
/* Check for keys with the desired name, selecting a new name if
diff --git a/src/keyiread-n.c b/src/keyiread-n.c
index 8f46ec0f..91b1be41 100644
--- a/src/keyiread-n.c
+++ b/src/keyiread-n.c
@@ -492,7 +492,6 @@ cm_keyiread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
readwrite = settings->readwrite;
keys = cm_keyiread_n_get_keys(entry, readwrite);
alg = "";
- size = 0;
if (keys != NULL) {
switch (SECKEY_GetPrivateKeyType(keys->privkey)) {
case rsaKey:
diff --git a/src/store-files.c b/src/store-files.c
index 06a17485..df1fa336 100644
--- a/src/store-files.c
+++ b/src/store-files.c
@@ -2182,7 +2182,6 @@ cm_store_entry_delete(struct cm_store_entry *entry)
} else {
cm_log(3, "No file to remove for \"%s\".\n",
entry->cm_nickname);
- ret = 0;
}
return 0;
}
@@ -2469,7 +2468,6 @@ cm_store_ca_delete(struct cm_store_ca *ca)
}
} else {
cm_log(3, "No file to remove for \"%s\".\n", ca->cm_nickname);
- ret = 0;
}
return 0;
}
diff --git a/src/store-gen.c b/src/store-gen.c
index 5ce4ab84..da32afc8 100644
--- a/src/store-gen.c
+++ b/src/store-gen.c
@@ -530,8 +530,6 @@ cm_store_hex_to_bin(const char *serial, unsigned char *buf, int length)
const char *p, *q, *chars = "0123456789abcdef";
unsigned char *b, u;
- p = serial;
- b = buf;
u = 0;
for (p = serial, b = buf;
((*p != '\0') && ((b - buf) < length));
@@ -606,7 +604,6 @@ cm_store_canonicalize_path(void *parent, const char *path)
for (p = tmp; *p != '\0'; p++) {
if ((strncmp(p, "/.", 2) == 0) &&
((p[2] == '/') || (p[2] == '\0'))) {
- q = p - 1;
memmove(p, p + 2, strlen(p + 2) + 1);
}
}
diff --git a/src/submit-e.c b/src/submit-e.c
index 8ba8e44c..d6158d7a 100644
--- a/src/submit-e.c
+++ b/src/submit-e.c
@@ -587,32 +587,34 @@ cm_submit_e_postprocess_main(int fd, struct cm_store_ca *ca,
estate->msg_length, NULL);
msg = cm_json_new_object(estate);
chain = cm_json_new_array(msg);
- if (leaf != NULL) {
- cert = cm_json_new_string(msg, leaf, -1);
- cm_json_set(msg, CM_SUBMIT_E_CERTIFICATE, cert);
- }
- for (i = 0;
- (others != NULL) && (others[i] != NULL);
- i++) {
- cert = cm_json_new_object(chain);
- val = cm_json_new_string(cert, others[i], -1);
- cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
- nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
- nick = cm_json_new_string(cert, nthnick, -1);
- cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
- cm_json_append(chain, cert);
- }
- if (top!= NULL) {
- cert = cm_json_new_object(chain);
- val = cm_json_new_string(cert, top, -1);
- cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
- nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
- nick = cm_json_new_string(cert, nthnick, -1);
- cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
- cm_json_append(chain, cert);
- }
- if (cm_json_array_size(chain) > 0) {
- cm_json_set(msg, CM_SUBMIT_E_CHAIN, chain);
+ if (i == 0) {
+ if (leaf != NULL) {
+ cert = cm_json_new_string(msg, leaf, -1);
+ cm_json_set(msg, CM_SUBMIT_E_CERTIFICATE, cert);
+ }
+ for (i = 0;
+ (others != NULL) && (others[i] != NULL);
+ i++) {
+ cert = cm_json_new_object(chain);
+ val = cm_json_new_string(cert, others[i], -1);
+ cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
+ nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
+ nick = cm_json_new_string(cert, nthnick, -1);
+ cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
+ cm_json_append(chain, cert);
+ }
+ if (top!= NULL) {
+ cert = cm_json_new_object(chain);
+ val = cm_json_new_string(cert, top, -1);
+ cm_json_set(cert, CM_SUBMIT_E_CERTIFICATE, val);
+ nthnick = talloc_asprintf(cert, "chain #%d", i + 1);
+ nick = cm_json_new_string(cert, nthnick, -1);
+ cm_json_set(cert, CM_SUBMIT_E_NICKNAME, nick);
+ cm_json_append(chain, cert);
+ }
+ if (cm_json_array_size(chain) > 0) {
+ cm_json_set(msg, CM_SUBMIT_E_CHAIN, chain);
+ }
}
}
/* Get ready to build an output message. */
diff --git a/src/submit-u.c b/src/submit-u.c
index dda2edbc..b0b45baf 100644
--- a/src/submit-u.c
+++ b/src/submit-u.c
@@ -120,14 +120,12 @@ cm_submit_u_from_file_single(const char *filename)
if (csr == NULL) {
return NULL;
}
- p = csr;
for (i = 0; i < sizeof(strip) / sizeof(strip[0]); i++) {
while ((p = strstr(csr, strip[i])) != NULL) {
q = p + strcspn(p, "\r\n");
memmove(p, q, strlen(q) + 1);
}
}
- p = csr;
q = strdup(csr);
for (p = csr, i = 0; *p != '\0'; p++) {
if (strchr("\r\n\t ", *p) == NULL) {
diff --git a/src/tdbush.c b/src/tdbush.c
index 1d487222..3184e67a 100644
--- a/src/tdbush.c
+++ b/src/tdbush.c
@@ -2911,7 +2911,6 @@ request_get_key_type_and_size(DBusConnection *conn, DBusMessage *msg,
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
}
rep = dbus_message_new_method_return(msg);
- type = "UNKNOWN";
switch (entry->cm_key_type.cm_key_algorithm) {
case cm_key_unspecified:
type = "UNKNOWN";
@@ -2929,6 +2928,9 @@ request_get_key_type_and_size(DBusConnection *conn, DBusMessage *msg,
type = "EC";
break;
#endif
+ default:
+ type = "UNKNOWN";
+ break;
}
if (rep != NULL) {
size = entry->cm_key_type.cm_key_size;
@@ -4790,7 +4792,6 @@ cm_tdbush_introspect_method(void *parent,
method->cm_name);
arg = method->cm_args;
while (arg != NULL) {
- direction = "unknown";
switch (arg->cm_direction) {
case cm_tdbush_method_arg_in:
direction = "in";
@@ -4798,6 +4799,9 @@ cm_tdbush_introspect_method(void *parent,
case cm_tdbush_method_arg_out:
direction = "out";
break;
+ default:
+ direction = "unknown";
+ break;
}
ret = talloc_asprintf(parent,
"%s\n <arg name=\"%s\" type=\"%s\" "
diff --git a/tests/tools/addcinfo.c b/tests/tools/addcinfo.c
index d3cea2ca..f016acb4 100644
--- a/tests/tools/addcinfo.c
+++ b/tests/tools/addcinfo.c
@@ -98,7 +98,6 @@ main(int argc, char **argv)
PR_ErrorToName(PORT_GetError()));
return 1;
}
- n = encoded.len;
j = 0;
while ((i = write(STDOUT_FILENO, encoded.data + j, encoded.len - j)) > 0) {
j += i;
diff --git a/tests/tools/certsave.c b/tests/tools/certsave.c
index fd86a4c1..8ec60ddd 100644
--- a/tests/tools/certsave.c
+++ b/tests/tools/certsave.c
@@ -83,7 +83,6 @@ main(int argc, char **argv)
if (cm_certsave_saved(state) == 0) {
ret = 0;
} else {
- ctype = "unknown";
switch (entry->cm_cert_storage_type) {
case cm_cert_storage_file:
ctype = "FILE";
@@ -91,6 +90,9 @@ main(int argc, char **argv)
case cm_cert_storage_nssdb:
ctype = "NSS";
break;
+ default:
+ ctype = "unknown";
+ break;
}
if (cm_certsave_conflict_subject(state) == 0) {
printf("Failed to save (%s:%s), "
--
2.14.4

437
0011-clang-Memory-leak.patch Normal file
View File

@ -0,0 +1,437 @@
From 3310a25181e94f5e05e671acc12d008cbac339ab Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 13 Sep 2018 15:50:53 -0400
Subject: [PATCH 11/16] clang: Memory leak
---
src/certmaster.c | 3 +++
src/certsave-o.c | 1 +
src/dogtag.c | 3 +++
src/ipa.c | 9 ++++++++-
src/local.c | 5 +++++
src/scep.c | 5 +++++
src/srvloc.c | 1 +
src/store-files.c | 2 +-
src/submit-x.c | 22 ++++++++++++++++++++++
src/util.c | 8 +++++++-
tests/tools/addcinfo.c | 3 +++
tests/tools/base2pem.c | 1 +
tests/tools/pem2base.c | 1 +
13 files changed, 61 insertions(+), 3 deletions(-)
diff --git a/src/certmaster.c b/src/certmaster.c
index 7e0bed90..4a5cf6af 100644
--- a/src/certmaster.c
+++ b/src/certmaster.c
@@ -160,6 +160,7 @@ main(int argc, const char **argv)
CM_SUBMIT_CSR_ENV);
}
poptPrintUsage(pctx, stdout, 0);
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -185,11 +186,13 @@ main(int argc, const char **argv)
if (ctx == NULL) {
fprintf(stderr, "Error setting up for XMLRPC.\n");
printf(_("Error setting up for XMLRPC.\n"));
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
/* Add the CSR as the sole argument. */
cm_submit_x_add_arg_s(ctx, csr);
+ free(csr);
/* Submit the request. */
fprintf(stderr, "Submitting request to \"%s\".\n", uri);
diff --git a/src/certsave-o.c b/src/certsave-o.c
index 77f54d7e..3d4018d8 100644
--- a/src/certsave-o.c
+++ b/src/certsave-o.c
@@ -258,6 +258,7 @@ cm_certsave_o_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
if (bin != NULL) {
BN_bn2bin(bn, bin);
serial = cm_store_hex_from_bin(NULL, bin, BN_num_bytes(bn));
+ free(bin);
}
}
if (serial != NULL) {
diff --git a/src/dogtag.c b/src/dogtag.c
index cd0b38b7..55607f3d 100644
--- a/src/dogtag.c
+++ b/src/dogtag.c
@@ -536,6 +536,7 @@ main(int argc, const char **argv)
CM_SUBMIT_CSR_ENV);
}
poptPrintUsage(pctx, stdout, 0);
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
csr = cm_submit_u_url_encode(csr);
@@ -588,6 +589,8 @@ main(int argc, const char **argv)
params = talloc_asprintf(ctx,
"%s&%s=%s",
params, p, q);
+ free(p);
+ free(q);
}
use_agent_approval = FALSE;
break;
diff --git a/src/ipa.c b/src/ipa.c
index 67a0c651..acd1a4e2 100644
--- a/src/ipa.c
+++ b/src/ipa.c
@@ -226,6 +226,7 @@ cm_locate_xmlrpc_service(const char *server,
if (basedn == NULL) {
i = cm_find_default_naming_context(ld, &basedn);
if (i != 0) {
+ free(basedn);
return i;
}
}
@@ -526,6 +527,7 @@ fetch_roots(const char *server, int ldap_uri_cmd, const char *ldap_uri,
if (basedn == NULL) {
i = cm_find_default_naming_context(ld, &basedn);
if (i != 0) {
+ free(basedn);
return i;
}
}
@@ -802,6 +804,7 @@ main(int argc, const char **argv)
printf(_("Unable to read signing request from environment variable \"%s\".\n"),
CM_SUBMIT_CSR_ENV);
}
+ free(csr);
poptPrintUsage(pctx, stdout, 0);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -903,12 +906,16 @@ main(int argc, const char **argv)
if ((strcasecmp(mode, CM_OP_SUBMIT) == 0) ||
(strcasecmp(mode, CM_OP_POLL) == 0)) {
- return submit_or_poll(uri, cainfo, capath, server,
+ int ret;
+ ret = submit_or_poll(uri, cainfo, capath, server,
ldap_uri_cmd, ldap_uri, host, domain,
basedn, uid, pwd, csr, reqprinc, profile,
issuer);
+ free(csr);
+ return ret;
} else
if (strcasecmp(mode, CM_OP_FETCH_ROOTS) == 0) {
+ free(csr);
return fetch_roots(server, ldap_uri_cmd, ldap_uri, host,
uid, pwd, domain, basedn);
}
diff --git a/src/local.c b/src/local.c
index f437d62e..92bea144 100644
--- a/src/local.c
+++ b/src/local.c
@@ -559,6 +559,7 @@ main(int argc, const char **argv)
printf(_("Unable to read signing request.\n"));
cm_log(1, "Unable to read signing request.\n");
poptPrintUsage(pctx, stdout, 0);
+ free(csr);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
/* Take the lock. */
@@ -568,6 +569,7 @@ main(int argc, const char **argv)
&signer, &key);
if ((i != 0) || (signer == NULL)) {
cm_log(1, "Error reading signer info.\n");
+ free(csr);
/* Try again sometime later. */
return CM_SUBMIT_STATUS_UNREACHABLE;
}
@@ -577,11 +579,13 @@ main(int argc, const char **argv)
if ((fp == NULL) && (errno != ENOENT)) {
cm_log(1, "Error reading '%s': %s.\n", serial,
strerror(errno));
+ free(csr);
return CM_SUBMIT_STATUS_UNREACHABLE;
}
if (fp != NULL) {
if (fgets(buf, sizeof(buf), fp) == NULL) {
fclose(fp);
+ free(csr);
return CM_SUBMIT_STATUS_UNREACHABLE;
}
buf[strcspn(buf, "\r\n")] = '\0';
@@ -601,6 +605,7 @@ main(int argc, const char **argv)
/* Actually sign the request. */
i = cm_submit_o_sign(parent, csr, signer, key, hexserial,
now, 0, &cert);
+ free(csr);
if ((i == 0) && (cert != NULL)) {
/* Roll the serial number up. */
hexserial = cm_store_increment_serial(parent,
diff --git a/src/scep.c b/src/scep.c
index 72dff3d5..68eae788 100644
--- a/src/scep.c
+++ b/src/scep.c
@@ -338,6 +338,7 @@ main(int argc, const char **argv)
}
if (c != -1) {
poptPrintUsage(pctx, stdout, 0);
+ free(cainfo);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -386,6 +387,7 @@ main(int argc, const char **argv)
}
if ((message == NULL) || (strlen(message) == 0)) {
printf(_("Error reading request. Expected PKCS7 data containing a GetInitialCert pkiMessage, got nothing.\n"));
+ free(cainfo);
return CM_SUBMIT_STATUS_NEED_SCEP_MESSAGES;
}
/* First step: read capabilities for our use. */
@@ -405,6 +407,7 @@ main(int argc, const char **argv)
}
if ((message == NULL) || (strlen(message) == 0)) {
printf(_("Error reading request. Expected PKCS7 data containing a PKCSReq pkiMessage, got nothing.\n"));
+ free(cainfo);
return CM_SUBMIT_STATUS_NEED_SCEP_MESSAGES;
}
/* First step: read capabilities for our use. */
@@ -416,6 +419,7 @@ main(int argc, const char **argv)
/* Supply help output, if it's needed. */
if (missing_args) {
poptPrintUsage(pctx, stdout, 0);
+ free(cainfo);
return CM_SUBMIT_STATUS_UNCONFIGURED;
}
@@ -492,6 +496,7 @@ main(int argc, const char **argv)
verbose > 1 ?
cm_submit_h_curl_verbose_on :
cm_submit_h_curl_verbose_off);
+ free(cainfo);
cm_submit_h_run(hctx);
content_type = cm_submit_h_result_type(hctx);
if (content_type == NULL) {
diff --git a/src/srvloc.c b/src/srvloc.c
index acab55bf..e8f3f5a5 100644
--- a/src/srvloc.c
+++ b/src/srvloc.c
@@ -189,6 +189,7 @@ cm_srvloc_resolve(void *parent, const char *name, const char *udomain,
domain = strdup(udomain);
#endif
i = res_querydomain(name, domain, C_IN, T_SRV, answer, answer_len);
+ free(domain);
if (i == -1) {
return -1;
}
diff --git a/src/store-files.c b/src/store-files.c
index df1fa336..b97ba5ff 100644
--- a/src/store-files.c
+++ b/src/store-files.c
@@ -558,8 +558,8 @@ cm_store_file_read_lines(void *parent, FILE *fp)
case ';':
break;
}
+ free(buf);
}
- free(buf);
/* If we were reading a line, append it to the list. */
if (s != NULL) {
tlines = talloc_realloc(parent, lines, char *, n_lines + 2);
diff --git a/src/submit-x.c b/src/submit-x.c
index 60bcf78a..fa81e9aa 100644
--- a/src/submit-x.c
+++ b/src/submit-x.c
@@ -75,6 +75,8 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return NULL;
}
@@ -84,6 +86,8 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return NULL;
}
@@ -93,6 +97,8 @@ cm_submit_x_ccache_realm(char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return NULL;
}
@@ -139,6 +145,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
fprintf(stderr, "Error initializing Kerberos: %s.\n", ret);
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -152,6 +160,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -163,6 +173,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
principal, ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -174,6 +186,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -195,6 +209,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -213,6 +229,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -227,6 +245,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
@@ -237,6 +257,8 @@ cm_submit_x_make_ccache(const char *ktname, const char *principal, char **msg)
ret = get_error_message(ctx, kret));
if (msg != NULL) {
*msg = ret;
+ } else {
+ free(ret);
}
return kret;
}
diff --git a/src/util.c b/src/util.c
index 67143d52..373bb533 100644
--- a/src/util.c
+++ b/src/util.c
@@ -98,7 +98,7 @@ read_config_file(const char *filename)
char *
get_config_entry(char * in_data, const char *section, const char *key)
{
- char *ptr = NULL, *p, *tmp;
+ char *ptr = NULL, *p, *tmp = NULL;
char *line;
int in_section = 0;
char * data = strdup(in_data);
@@ -129,9 +129,12 @@ get_config_entry(char * in_data, const char *section, const char *key)
}
if (strcmp(section, tmp) == 0) {
free(tmp);
+ tmp = NULL;
in_section = 1;
continue;
}
+ free(tmp);
+ tmp = NULL;
}
} /* [ */
@@ -145,8 +148,10 @@ get_config_entry(char * in_data, const char *section, const char *key)
tmp = strndup(line, p - line);
if (strcmp(key, tmp) != 0) {
free(tmp);
+ tmp = NULL;
} else {
free(tmp);
+ tmp = NULL;
/* Skip over any whitespace after the equal sign. */
line = strchr(line, '=');
@@ -168,5 +173,6 @@ get_config_entry(char * in_data, const char *section, const char *key)
}
}
free(data);
+ free(tmp);
return NULL;
}
diff --git a/tests/tools/addcinfo.c b/tests/tools/addcinfo.c
index f016acb4..939005c2 100644
--- a/tests/tools/addcinfo.c
+++ b/tests/tools/addcinfo.c
@@ -86,6 +86,7 @@ main(int argc, char **argv)
if (enveloped == NULL) {
cm_log(0, "Internal error: %s.\n",
PR_ErrorToName(PORT_GetError()));
+ free(buffer);
return 1;
}
ci.content_type = enveloped->oid;
@@ -96,6 +97,7 @@ main(int argc, char **argv)
content_info_template) != &encoded) {
cm_log(0, "Encoding error: %s.\n",
PR_ErrorToName(PORT_GetError()));
+ free(buffer);
return 1;
}
j = 0;
@@ -105,5 +107,6 @@ main(int argc, char **argv)
break;
}
}
+ free(buffer);
return 0;
}
diff --git a/tests/tools/base2pem.c b/tests/tools/base2pem.c
index 40e74201..31359684 100644
--- a/tests/tools/base2pem.c
+++ b/tests/tools/base2pem.c
@@ -76,5 +76,6 @@ main(int argc, const char **argv)
}
}
printf("%s", cm_submit_u_pem_from_base64(type, dos, p));
+ free(p);
return 0;
}
diff --git a/tests/tools/pem2base.c b/tests/tools/pem2base.c
index 0607c162..bb686c0e 100644
--- a/tests/tools/pem2base.c
+++ b/tests/tools/pem2base.c
@@ -46,5 +46,6 @@ main(int argc, char **argv)
}
}
printf("%s\n", cm_submit_u_base64_from_text(p));
+ free(p);
return 0;
}
--
2.14.4

25
0012-clang-Uninitialized-initial-value.patch Normal file
View File

@ -0,0 +1,25 @@
From db0f835829b739cf843d44b08c22407194aadd71 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 13 Sep 2018 17:57:21 -0400
Subject: [PATCH 12/16] clang: Uninitialized initial value
---
src/submit-n.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/submit-n.c b/src/submit-n.c
index ee6f3105..b07ea23a 100644
--- a/src/submit-n.c
+++ b/src/submit-n.c
@@ -281,7 +281,7 @@ cm_submit_n_decrypt_envelope(const unsigned char *envelope,
PLArenaPool *arena = NULL;
SECStatus error;
NSSInitContext *ctx = NULL;
- PK11SlotInfo *slot;
+ PK11SlotInfo *slot = NULL;
PK11SlotList *slotlist = NULL;
PK11SlotListElement *sle;
SECKEYPrivateKeyList *keylist = NULL;
--
2.14.4

99
0013-clang-Null-pointer-passed-as-an-argument-to-a-nonnul.patch Normal file
View File

@ -0,0 +1,99 @@
From 753d98b3e70f34a52caabbe8db30bf06fc917f38 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 13 Sep 2018 11:46:51 -0400
Subject: [PATCH 13/16] clang: Null pointer passed as an argument to a
'nonnull' parameter
---
src/certsave-n.c | 3 ++-
src/getcert.c | 7 ++++---
src/scep.c | 8 ++++----
src/submit-sn.c | 7 +++++--
4 files changed, 15 insertions(+), 10 deletions(-)
diff --git a/src/certsave-n.c b/src/certsave-n.c
index 49b28324..972a1dfa 100644
--- a/src/certsave-n.c
+++ b/src/certsave-n.c
@@ -72,7 +72,8 @@ add_privkey_to_list(SECKEYPrivateKey **list, SECKEYPrivateKey *key)
if ((list == NULL) || (list[i] == NULL)) {
newlist = malloc(sizeof(newlist[0]) * (i + 2));
if (newlist != NULL) {
- memcpy(newlist, list, sizeof(newlist[0]) * i);
+ if (list != NULL)
+ memcpy(newlist, list, sizeof(newlist[0]) * i);
newlist[i] = key;
newlist[i + 1] = NULL;
list = newlist;
diff --git a/src/getcert.c b/src/getcert.c
index 6417cd44..ddb28de2 100644
--- a/src/getcert.c
+++ b/src/getcert.c
@@ -291,7 +291,8 @@ add_string(void *parent, char ***dest, const char *value)
printf(_("Out of memory.\n"));
exit(1);
}
- memcpy(tmp, *dest, sizeof(tmp[0]) * i);
+ if (*dest)
+ memcpy(tmp, *dest, sizeof(tmp[0]) * i);
tmp[i] = talloc_strdup(tmp, value);
i++;
tmp[i] = NULL;
@@ -1582,8 +1583,8 @@ add_basic_request(enum cm_tdbus_type bus, char *id,
{
DBusMessage *req, *rep;
int i;
- struct cm_tdbusm_dict param[28];
- const struct cm_tdbusm_dict *params[29];
+ struct cm_tdbusm_dict param[30];
+ const struct cm_tdbusm_dict *params[30];
dbus_bool_t b;
const char *capath;
char *p;
diff --git a/src/scep.c b/src/scep.c
index 68eae788..b0bd214b 100644
--- a/src/scep.c
+++ b/src/scep.c
@@ -793,8 +793,8 @@ main(int argc, const char **argv)
fprintf(stderr, "code_text = \"%s\"\n", cm_submit_h_result_code_text(hctx));
syslog(LOG_DEBUG, "%s %s?%s\n", "GET", url, params2);
}
- if (strcasecmp(content_type2,
- "application/x-x509-ca-cert") != 0) {
+ if ((content_type2 != NULL) && (strcasecmp(content_type2,
+ "application/x-x509-ca-cert") != 0)) {
if (verbose > 0) {
fprintf(stderr, "Content is not "
"\"application/x-x509-ca-cert\""
@@ -882,8 +882,8 @@ main(int argc, const char **argv)
break;
case op_get_cert_initial:
case op_pkcsreq:
- if (strcasecmp(content_type2,
- "application/x-pki-message") == 0) {
+ if ((content_type2 != NULL) && (strcasecmp(content_type2,
+ "application/x-pki-message") == 0)) {
memset(&cacerts, 0, sizeof(cacerts));
cacerts[0] = cacert ? cacert : racert;
cacerts[1] = cacert ? racert : NULL;
diff --git a/src/submit-sn.c b/src/submit-sn.c
index e9c62b22..ecd78dc0 100644
--- a/src/submit-sn.c
+++ b/src/submit-sn.c
@@ -258,8 +258,11 @@ cm_submit_sn_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
/* Allocate space for one more extension. */
extensions = PORT_ArenaZAlloc(arena, (i + 2) * sizeof(extensions[0]));
if (extensions != NULL) {
- memcpy(extensions, ucert->extensions,
- i * sizeof(extensions[0]));
+ if (i != 0) {
+ /* Note that C99 says copy of 0 items is ok, quieting clang */
+ memcpy(extensions, ucert->extensions,
+ i * sizeof(extensions[0]));
+ }
if (found_basic) {
extensions[i] = NULL;
} else {
--
2.14.4

24
0014-clang-Dead-increment.patch Normal file
View File

@ -0,0 +1,24 @@
From 9e44680dbd207cef48beb7598114ea59aa457055 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 14 Sep 2018 16:15:23 -0400
Subject: [PATCH 14/16] clang: Dead increment
---
src/store-gen.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/store-gen.c b/src/store-gen.c
index da32afc8..653767a1 100644
--- a/src/store-gen.c
+++ b/src/store-gen.c
@@ -363,7 +363,6 @@ cm_store_time_from_timestamp(const char *timestamp)
buf[2] = '\0';
stamp.tm_min = atoi(buf);
memcpy(buf, timestamp + i, 2);
- i += 2;
buf[2] = '\0';
stamp.tm_sec = atoi(buf);
t = timegm(&stamp);
--
2.14.4

83
0015-clang-Dereference-of-null-pointer.patch Normal file
View File

@ -0,0 +1,83 @@
From 319858127df42c1a95b9b3282705c90ecd6754a5 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 14 Sep 2018 16:16:55 -0400
Subject: [PATCH 15/16] clang: Dereference of null pointer
---
src/tdbush.c | 56 +++++++++++++++++++++++++++++---------------------------
1 file changed, 29 insertions(+), 27 deletions(-)
diff --git a/src/tdbush.c b/src/tdbush.c
index 3184e67a..d1bbe4da 100644
--- a/src/tdbush.c
+++ b/src/tdbush.c
@@ -3655,37 +3655,39 @@ request_modify(DBusConnection *conn, DBusMessage *msg,
break;
}
}
- if (d[i] == NULL) {
- new_request_path = talloc_asprintf(parent, "%s/%s",
- CM_DBUS_REQUEST_PATH,
- entry->cm_busname);
- if ((n_propname > 0) &&
- (n_propname + 1 < sizeof(propname) / sizeof(propname[0]))) {
- propname[n_propname] = NULL;
- cm_tdbush_property_emit_changed(ctx, new_request_path,
- CM_DBUS_REQUEST_INTERFACE,
- propname);
- }
- cm_tdbusm_set_bp(rep,
- cm_restart_entry(ctx,
- entry->cm_nickname),
- new_request_path);
- dbus_connection_send(conn, rep, NULL);
- dbus_message_unref(rep);
- talloc_free(new_request_path);
- return DBUS_HANDLER_RESULT_HANDLED;
- } else {
- dbus_message_unref(rep);
- rep = dbus_message_new_error(msg,
- CM_DBUS_ERROR_REQUEST_BAD_ARG,
- _("Unrecognized parameter or wrong value type."));
- if (rep != NULL) {
- cm_tdbusm_set_s(rep, d[i]->key);
+ if (d != NULL) {
+ if (d[i] == NULL) {
+ new_request_path = talloc_asprintf(parent, "%s/%s",
+ CM_DBUS_REQUEST_PATH,
+ entry->cm_busname);
+ if ((n_propname > 0) &&
+ (n_propname + 1 < sizeof(propname) / sizeof(propname[0]))) {
+ propname[n_propname] = NULL;
+ cm_tdbush_property_emit_changed(ctx, new_request_path,
+ CM_DBUS_REQUEST_INTERFACE,
+ propname);
+ }
+ cm_tdbusm_set_bp(rep,
+ cm_restart_entry(ctx,
+ entry->cm_nickname),
+ new_request_path);
dbus_connection_send(conn, rep, NULL);
dbus_message_unref(rep);
+ talloc_free(new_request_path);
return DBUS_HANDLER_RESULT_HANDLED;
+ } else {
+ dbus_message_unref(rep);
+ rep = dbus_message_new_error(msg,
+ CM_DBUS_ERROR_REQUEST_BAD_ARG,
+ _("Unrecognized parameter or wrong value type."));
+ if (rep != NULL) {
+ cm_tdbusm_set_s(rep, d[i]->key);
+ dbus_connection_send(conn, rep, NULL);
+ dbus_message_unref(rep);
+ return DBUS_HANDLER_RESULT_HANDLED;
+ }
+ return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
}
- return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
}
} else {
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
--
2.14.4

26
0016-Add-missing-case-for-cm_prefs_aes192.patch Normal file
View File

@ -0,0 +1,26 @@
From f17b7c0a22f4d49dca001d984673046e133577d1 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 14 Sep 2018 16:41:19 -0400
Subject: [PATCH 16/16] Add missing case for cm_prefs_aes192
---
src/prefs-o.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/prefs-o.c b/src/prefs-o.c
index 64542f85..ac68164d 100644
--- a/src/prefs-o.c
+++ b/src/prefs-o.c
@@ -75,6 +75,9 @@ cm_prefs_ossl_cipher_by_pref(enum cm_prefs_cipher cipher)
case cm_prefs_aes128:
return EVP_aes_128_cbc();
break;
+ case cm_prefs_aes192:
+ return EVP_aes_192_cbc();
+ break;
case cm_prefs_aes256:
return EVP_aes_256_cbc();
break;
--
2.14.4

21
certmonger.spec
View File

@ -26,7 +26,7 @@
Name: certmonger Name: certmonger
Version: 0.79.6 Version: 0.79.6
Release: 3%{?dist} Release: 4%{?dist}
Summary: Certificate status monitor and PKI enrollment client Summary: Certificate status monitor and PKI enrollment client
Group: System Environment/Daemons Group: System Environment/Daemons
@ -119,6 +119,14 @@ Patch5: 0005-Only-de-duplicate-certificates-within-the-same-token.patch
Patch6: 0006-Ensure-that-an-OpenSSL-random-seed-file-exists-when-.patch Patch6: 0006-Ensure-that-an-OpenSSL-random-seed-file-exists-when-.patch
Patch7: 0007-Log-test-failures-of-bad-pin.patch Patch7: 0007-Log-test-failures-of-bad-pin.patch
Patch8: 0008-Use-only-PK11_ImportCert-to-import-certs-not-CERT_Im.patch Patch8: 0008-Use-only-PK11_ImportCert-to-import-certs-not-CERT_Im.patch
Patch9: 0009-Fix-memory-leak-in-util_internal_token_name.patch
Patch10: 0010-clang-Dead-assignment.patch
Patch11: 0011-clang-Memory-leak.patch
Patch12: 0012-clang-Uninitialized-initial-value.patch
Patch13: 0013-clang-Null-pointer-passed-as-an-argument-to-a-nonnul.patch
Patch14: 0014-clang-Dead-increment.patch
Patch15: 0015-clang-Dereference-of-null-pointer.patch
Patch16: 0016-Add-missing-case-for-cm_prefs_aes192.patch
%description %description
Certmonger is a service which is primarily concerned with getting your Certmonger is a service which is primarily concerned with getting your
@ -134,6 +142,14 @@ system enrolled with a certificate authority (CA) and keeping it enrolled.
%patch6 -p1 %patch6 -p1
%patch7 -p1 %patch7 -p1
%patch8 -p1 %patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%if 0%{?rhel} > 0 %if 0%{?rhel} > 0
# Enabled by default for RHEL for bug #765600, still disabled by default for # Enabled by default for RHEL for bug #765600, still disabled by default for
@ -261,6 +277,9 @@ exit 0
%endif %endif
%changelog %changelog
* Thu Oct 4 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-4
- Pull in upstream fixes discovered in coverity and clang.
* Mon Oct 1 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-3 * Mon Oct 1 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-3
- Improve NSS token handling. The updated NSS crypto-policy enables all - Improve NSS token handling. The updated NSS crypto-policy enables all
tokens which broke requesting certificates due to the way that tokens tokens which broke requesting certificates due to the way that tokens