rpms/opencryptoki
7
0
Fork 0
Code Issues Pull Requests Releases Activity

fixed covscan issues

Browse Source
This commit is contained in:
Than Ngo 2021-11-25 13:36:42 +01:00
parent 12cb81619e
commit d42252d5a6
2 changed files with 8 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
opencryptoki-3.16.0-covscan.patch
View File

@ -1,90 +0,0 @@
diff -up opencryptoki-3.16.0/usr/lib/common/key.c.me opencryptoki-3.16.0/usr/lib/common/key.c
--- opencryptoki-3.16.0/usr/lib/common/key.c.me 2021-06-17 16:51:43.353937929 +0200
+++ opencryptoki-3.16.0/usr/lib/common/key.c 2021-06-17 18:25:58.460154709 +0200
@@ -1621,10 +1621,10 @@ error:
free(never_extr_attr);
if (always_sens_attr)
free(always_sens_attr);
- if (trusted_attr)
+ if (wrap_trusted_attr)
free(wrap_trusted_attr);
if (trusted_attr)
- free(wrap_trusted_attr);
+ free(trusted_attr);
if (chkval_attr)
free(chkval_attr);
if (wraptmpl_attr)
@@ -2318,8 +2318,8 @@ error:
free(type_attr);
if (modulus_attr)
free(modulus_attr);
- if (public_exp_attr)
- free(public_exp_attr);
+ if (private_exp_attr)
+ free(private_exp_attr);
if (public_exp_attr)
free(public_exp_attr);
diff -up opencryptoki-3.16.0/usr/lib/common/mech_aes.c.me opencryptoki-3.16.0/usr/lib/common/mech_aes.c
--- opencryptoki-3.16.0/usr/lib/common/mech_aes.c.me 2021-06-17 18:24:18.502746362 +0200
+++ opencryptoki-3.16.0/usr/lib/common/mech_aes.c 2021-06-17 18:24:50.840201978 +0200
@@ -3440,6 +3440,7 @@ CK_RV ckm_aes_key_gen(STDLL_TokData_t *t
else
memcpy(value_attr->pValue, aes_key, key_size);
free(aes_key);
+ aes_key = NULL;
key_type_attr->type = CKA_KEY_TYPE;
key_type_attr->ulValueLen = sizeof(CK_KEY_TYPE);
diff -up opencryptoki-3.16.0/usr/lib/common/mech_des3.c.me opencryptoki-3.16.0/usr/lib/common/mech_des3.c
--- opencryptoki-3.16.0/usr/lib/common/mech_des3.c.me 2021-06-17 18:20:48.851711819 +0200
+++ opencryptoki-3.16.0/usr/lib/common/mech_des3.c 2021-06-17 18:22:59.953601204 +0200
@@ -2776,6 +2776,7 @@ CK_RV ckm_des3_key_gen(STDLL_TokData_t *
else
memcpy(value_attr->pValue, des_key, 3 * DES_KEY_SIZE);
free(des_key);
+ des_key = NULL;
key_type_attr->type = CKA_KEY_TYPE;
key_type_attr->ulValueLen = sizeof(CK_KEY_TYPE);
diff -up opencryptoki-3.16.0/usr/lib/common/mech_des.c.me opencryptoki-3.16.0/usr/lib/common/mech_des.c
--- opencryptoki-3.16.0/usr/lib/common/mech_des.c.me 2021-06-17 18:23:12.251782646 +0200
+++ opencryptoki-3.16.0/usr/lib/common/mech_des.c 2021-06-17 18:23:42.388227257 +0200
@@ -1288,6 +1288,7 @@ CK_RV ckm_des_key_gen(STDLL_TokData_t *t
else
memcpy(value_attr->pValue, des_key, DES_KEY_SIZE);
free(des_key);
+ des_key = NULL;
key_type_attr->type = CKA_KEY_TYPE;
key_type_attr->ulValueLen = sizeof(CK_KEY_TYPE);
diff -up opencryptoki-3.16.0/usr/lib/soft_stdll/soft_specific.c.me opencryptoki-3.16.0/usr/lib/soft_stdll/soft_specific.c
diff -up opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c.me opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c
--- opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c.me 2021-06-17 15:23:53.205373200 +0200
+++ opencryptoki-3.16.0/usr/sbin/pkcsslotd/socket_server.c 2021-06-17 18:20:25.490376922 +0200
@@ -625,7 +625,6 @@ static void event_delivered(struct event
rc = admin_event_delivered(conn, event);
if (rc != 0) {
admin_hangup(conn);
- event_free(event);
}
admin_put(conn);
} else {
@@ -1247,7 +1246,7 @@ static int listener_socket_create(const
memset(&address, 0, sizeof(struct sockaddr_un));
address.sun_family = AF_UNIX;
- strcpy(address.sun_path, file_path);
+ snprintf(address.sun_path, sizeof(address.sun_path), "%s", file_path);
if (bind(listener_socket,
(struct sockaddr *) &address, sizeof(struct sockaddr_un)) != 0) {
@@ -1656,7 +1655,7 @@ int init_socket_data(Slot_Mgr_Socket_t *
int socket_connection_handler(int timeout_secs)
{
struct epoll_event events[MAX_EPOLL_EVENTS];
- int num_events, i, rc, err;
+ int num_events, i, rc = 0, err;
struct epoll_info *info;
do {

13
opencryptoki.spec
View File

@ -1,24 +1,24 @@
Name: opencryptoki Name: opencryptoki
Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0 Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0
Version: 3.17.0 Version: 3.17.0
Release: 2%{?dist} Release: 3%{?dist}
License: CPL License: CPL
URL: https://github.com/opencryptoki/opencryptoki URL: https://github.com/opencryptoki/opencryptoki
Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
Source1: opencryptoki.module Source1: opencryptoki.module
# https://bugzilla.redhat.com/show_bug.cgi?id=732756 # https://bugzilla.redhat.com/show_bug.cgi?id=732756
Patch0: opencryptoki-3.11.0-group.patch Patch0: opencryptoki-3.11.0-group.patch
# bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/* # bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/*
Patch1: opencryptoki-3.11.0-lockdir.patch Patch1: opencryptoki-3.11.0-lockdir.patch
# add missing config file # add missing config file
Patch2: opencryptoki-1.17.0-p11sak.patch Patch2: opencryptoki-1.17.0-p11sak.patch
# covscan
Patch3: opencryptoki-3.17.0-covscan.patch
# Use --no-undefined to debug missing symbols # Use --no-undefined to debug missing symbols
#Patch100: %%{name}-3.2-no-undefined.patch #Patch100: %%{name}-3.2-no-undefined.patch
# upstream patches # upstream patches
# PIDfile below legacy directory /var/run/
Patch300: opencryptoki-pkcsslotd-pidfile.patch
Requires(pre): coreutils Requires(pre): coreutils
Requires: (selinux-policy >= 34.9-1 if selinux-policy-targeted) Requires: (selinux-policy >= 34.9-1 if selinux-policy-targeted)
@ -328,6 +328,9 @@ fi
%changelog %changelog
* Thu Nov 25 2021 Than Ngo <than@redhat.com> - 3.17.0-3
- fix covscan issues
* Tue Nov 09 2021 Than Ngo <than@redhat.com> - 3.17.0-2 * Tue Nov 09 2021 Than Ngo <than@redhat.com> - 3.17.0-2
- add missing config file p11sak_defined_attrs.conf - add missing config file p11sak_defined_attrs.conf