commit f40e5b09ebcab4986dd3b1d52f0d8fd39aa5e3ca Author: Ingo Franzki Date: Thu Jun 13 11:20:43 2024 +0200 COMMON: Fix errors reported by covscan Closes: https://github.com/opencryptoki/opencryptoki/issues/782 Signed-off-by: Ingo Franzki diff --git a/usr/lib/common/loadsave.c b/usr/lib/common/loadsave.c index b7e1f78e..fc88cbad 100644 --- a/usr/lib/common/loadsave.c +++ b/usr/lib/common/loadsave.c @@ -2848,6 +2848,14 @@ CK_RV load_public_token_objects(STDLL_TokData_t *tokdata) continue; } + /* size can not be negative if treated as signed int */ + if (size >= 0x80000000) { + fclose(fp2); + OCK_SYSLOG(LOG_ERR, "Size is invalid in header of token object %s " + "(ignoring it)\n", fname); + continue; + } + buf = (CK_BYTE *) malloc(size); if (!buf) { fclose(fp2); diff --git a/usr/lib/common/mech_rng.c b/usr/lib/common/mech_rng.c index 71402700..4bc19814 100644 --- a/usr/lib/common/mech_rng.c +++ b/usr/lib/common/mech_rng.c @@ -45,6 +45,10 @@ CK_RV local_rng(CK_BYTE *output, CK_ULONG bytes) if (ranfd >= 0) { do { rlen = read(ranfd, output + totallen, bytes - totallen); + if (rlen <= 0) { + close(ranfd); + return CKR_FUNCTION_FAILED; + } totallen += rlen; } while (totallen < bytes); close(ranfd); diff --git a/usr/lib/common/pkcs_utils.c b/usr/lib/common/pkcs_utils.c index 04edc76f..7421d1c5 100644 --- a/usr/lib/common/pkcs_utils.c +++ b/usr/lib/common/pkcs_utils.c @@ -185,6 +185,10 @@ CK_RV local_rng(CK_BYTE *output, CK_ULONG bytes) if (ranfd >= 0) { do { rlen = read(ranfd, output + totallen, bytes - totallen); + if (rlen <= 0) { + close(ranfd); + return CKR_FUNCTION_FAILED; + } totallen += rlen; } while (totallen < bytes); close(ranfd);