rpms/openssl-pkcs11
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix coverity issues

Browse Source 
Resolves: rhbz#1938833
This commit is contained in:
Jakub Jelen 2021-04-30 20:57:03 +02:00
parent c4053f64b4
commit 085c8e15f9
2 changed files with 51 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
openssl-pkcs11-0.4.10-coverity.patch Normal file
View File

@ -0,0 +1,44 @@
From 1492020acd161ad4ba75be87041ebdecde77f54b Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 20 Apr 2021 19:07:10 +0200
Subject: [PATCH] Free memory on errors
Thanks coverity
---
src/p11_cert.c | 4 +++-
src/p11_key.c | 4 +++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/p11_cert.c b/src/p11_cert.c
index 5cc5333..d027441 100644
--- a/src/p11_cert.c
+++ b/src/p11_cert.c
@@ -185,8 +185,10 @@ static int pkcs11_init_cert(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
tpriv = PRIVTOKEN(token);
tmp = OPENSSL_realloc(tpriv->certs,
(tpriv->ncerts + 1) * sizeof(PKCS11_CERT));
- if (!tmp)
+ if (!tmp) {
+ OPENSSL_free(cpriv);
return -1;
+ }
tpriv->certs = tmp;
cert = tpriv->certs + tpriv->ncerts++;
memset(cert, 0, sizeof(PKCS11_CERT));
diff --git a/src/p11_key.c b/src/p11_key.c
index 494520f..451398a 100644
--- a/src/p11_key.c
+++ b/src/p11_key.c
@@ -553,8 +553,10 @@ static int pkcs11_init_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
return -1;
memset(kpriv, 0, sizeof(PKCS11_KEY_private));
tmp = OPENSSL_realloc(keys->keys, (keys->num + 1) * sizeof(PKCS11_KEY));
- if (!tmp)
+ if (!tmp) {
+ OPENSSL_free(kpriv);
return -1;
+ }
keys->keys = tmp;
key = keys->keys + keys->num++;
memset(key, 0, sizeof(PKCS11_KEY));

8
openssl-pkcs11.spec
View File

@ -1,5 +1,5 @@
Version: 0.4.11 Version: 0.4.11
Release: 3%{?dist} Release: 4%{?dist}
# Define the directory where the OpenSSL engines are installed # Define the directory where the OpenSSL engines are installed
%global enginesdir %{_libdir}/engines-1.1 %global enginesdir %{_libdir}/engines-1.1
@ -13,6 +13,9 @@ Source0: https://github.com/OpenSC/libp11/releases/download/libp11-%{vers
# Downstream only for now to make RSA operations working in FIPS mode # Downstream only for now to make RSA operations working in FIPS mode
Patch4: openssl-pkcs11-0.4.10-set-rsa-fips-method-flag.patch Patch4: openssl-pkcs11-0.4.10-set-rsa-fips-method-flag.patch
# Coverity issues
# https://github.com/OpenSC/libp11/pull/400
Patch5: openssl-pkcs11-0.4.10-coverity.patch
BuildRequires: make BuildRequires: make
BuildRequires: autoconf automake libtool BuildRequires: autoconf automake libtool
@ -113,6 +116,9 @@ make check %{?_smp_mflags} || if [ $? -ne 0 ]; then cat tests/*.log; exit 1; fi;
%endif %endif
%changelog %changelog
* Fri Apr 30 2021 Jakub Jelen <jjelen@redhat.com> - 0.4.11-4
- Fix coverity reported issues
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.4.11-3 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.4.11-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937