From 8a8db182af533a43b4d478d28af8623035475d68 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:05:10 +0200 Subject: [PATCH 01/10] debug: Work around cppcheck false-positives https://trac.cppcheck.net/ticket/8794 --- common/debug.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/debug.h b/common/debug.h index 255c62c..7ea36f3 100644 --- a/common/debug.h +++ b/common/debug.h @@ -71,13 +71,13 @@ void p11_debug_precond (const char *format, #endif #define return_val_if_fail(x, v) \ - do { if (!(x)) { \ + do { if (x) { } else { \ p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \ return v; \ } } while (false) #define return_if_fail(x) \ - do { if (!(x)) { \ + do { if (x) { } else { \ p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \ return; \ } } while (false) @@ -100,7 +100,7 @@ void p11_debug_precond (const char *format, } while (false) #define warn_if_fail(x) \ - do { if (!(x)) { \ + do { if (x) { } else { \ p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \ } } while (false) -- 2.17.2 From c76197ddbbd0c29adc2bceff2ee9f740f71d134d Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:06:56 +0200 Subject: [PATCH 02/10] build: Call va_end() always when leaving the function --- common/attrs.c | 4 +++- common/compat.c | 5 ++++- common/path.c | 5 ++++- trust/parser.c | 4 +++- 4 files changed, 14 insertions(+), 4 deletions(-) diff --git a/common/attrs.c b/common/attrs.c index aa91891..a387a66 100644 --- a/common/attrs.c +++ b/common/attrs.c @@ -538,8 +538,10 @@ buffer_append_printf (p11_buffer *buffer, va_list va; va_start (va, format); - if (vasprintf (&string, format, va) < 0) + if (vasprintf (&string, format, va) < 0) { + va_end (va); return_if_reached (); + } va_end (va); p11_buffer_add (buffer, string, -1); diff --git a/common/compat.c b/common/compat.c index 5a9702d..48614fa 100644 --- a/common/compat.c +++ b/common/compat.c @@ -525,7 +525,10 @@ strconcat (const char *first, for (arg = first; arg; arg = va_arg (va, const char*)) { size_t old_length = length; length += strlen (arg); - return_val_if_fail (length >= old_length, NULL); + if (length < old_length) { + va_end (va); + return_val_if_reached (NULL); + } } va_end (va); diff --git a/common/path.c b/common/path.c index 5cf0e1a..17a6230 100644 --- a/common/path.c +++ b/common/path.c @@ -218,7 +218,10 @@ p11_path_build (const char *path, while (path != NULL) { size_t old_len = len; len += strlen (path) + 1; - return_val_if_fail (len >= old_len, NULL); + if (len < old_len) { + va_end (va); + return_val_if_reached (NULL); + } path = va_arg (va, const char *); } va_end (va); diff --git a/trust/parser.c b/trust/parser.c index f92cdc9..e912c3a 100644 --- a/trust/parser.c +++ b/trust/parser.c @@ -697,8 +697,10 @@ p11_parser_formats (p11_parser *parser, func = va_arg (va, parser_func); if (func == NULL) break; - if (!p11_array_push (formats, func)) + if (!p11_array_push (formats, func)) { + va_end (va); return_if_reached (); + } } va_end (va); -- 2.17.2 From b10dadce5a3c921149b2c9fe0dec614f8076ebda Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:10:05 +0200 Subject: [PATCH 03/10] build: Free memory before return{,_val}_if_* macros --- p11-kit/iter.c | 5 ++++- p11-kit/proxy.c | 10 ++++++++-- trust/asn1.c | 15 ++++++++++++--- trust/builder.c | 5 ++++- trust/index.c | 10 ++++++++-- trust/persist.c | 5 ++++- trust/save.c | 29 +++++++++++++++++++++++++---- trust/session.c | 10 ++++++++-- trust/token.c | 5 ++++- 9 files changed, 77 insertions(+), 17 deletions(-) diff --git a/p11-kit/iter.c b/p11-kit/iter.c index 0e4ca6e..d1ffd91 100644 --- a/p11-kit/iter.c +++ b/p11-kit/iter.c @@ -157,7 +157,10 @@ p11_kit_iter_new (P11KitUri *uri, return_val_if_fail (iter != NULL, NULL); iter->modules = p11_array_new (NULL); - return_val_if_fail (iter->modules != NULL, NULL); + if (iter->modules == NULL) { + p11_kit_iter_free (iter); + return_val_if_reached (NULL); + } iter->want_writable = !!(behavior & P11_KIT_ITER_WANT_WRITABLE); iter->preload_results = !(behavior & P11_KIT_ITER_BUSY_SESSIONS); diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c index b7fb63d..abe7935 100644 --- a/p11-kit/proxy.c +++ b/p11-kit/proxy.c @@ -267,7 +267,10 @@ proxy_create (Proxy **res, CK_FUNCTION_LIST **loaded, py->forkid = p11_forkid; py->inited = modules_dup (loaded); - return_val_if_fail (py->inited != NULL, CKR_HOST_MEMORY); + if (py->inited == NULL) { + proxy_free (py, 0); + return_val_if_reached (CKR_HOST_MEMORY); + } rv = p11_kit_modules_initialize (py->inited, NULL); @@ -320,7 +323,10 @@ proxy_create (Proxy **res, CK_FUNCTION_LIST **loaded, } py->sessions = p11_dict_new (p11_dict_ulongptr_hash, p11_dict_ulongptr_equal, NULL, free); - return_val_if_fail (py->sessions != NULL, CKR_HOST_MEMORY); + if (py->sessions == NULL) { + proxy_free (py, 1); + return_val_if_reached (CKR_HOST_MEMORY); + } py->refs = 1; *res = py; diff --git a/trust/asn1.c b/trust/asn1.c index dd1812d..5ce682d 100644 --- a/trust/asn1.c +++ b/trust/asn1.c @@ -285,11 +285,17 @@ p11_asn1_cache_new (void) return_val_if_fail (cache != NULL, NULL); cache->defs = p11_asn1_defs_load (); - return_val_if_fail (cache->defs != NULL, NULL); + if (cache->defs == NULL) { + p11_asn1_cache_free (cache); + return_val_if_reached (NULL); + } cache->items = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal, NULL, free_asn1_item); - return_val_if_fail (cache->items != NULL, NULL); + if (cache->items == NULL) { + p11_asn1_cache_free (cache); + return_val_if_reached (NULL); + } return cache; } @@ -342,7 +348,10 @@ p11_asn1_cache_take (p11_asn1_cache *cache, item->length = der_len; item->node = node; item->struct_name = strdup (struct_name); - return_if_fail (item->struct_name != NULL); + if (item->struct_name == NULL) { + free_asn1_item (item); + return_if_reached (); + } if (!p11_dict_set (cache->items, (void *)der, item)) return_if_reached (); diff --git a/trust/builder.c b/trust/builder.c index 742c544..d819dc8 100644 --- a/trust/builder.c +++ b/trust/builder.c @@ -187,7 +187,10 @@ p11_builder_new (int flags) return_val_if_fail (builder != NULL, NULL); builder->asn1_cache = p11_asn1_cache_new (); - return_val_if_fail (builder->asn1_cache, NULL); + if (builder->asn1_cache == NULL) { + p11_builder_free (builder); + return_val_if_reached (NULL); + } builder->asn1_defs = p11_asn1_cache_defs (builder->asn1_cache); builder->flags = flags; diff --git a/trust/index.c b/trust/index.c index f4b6b4b..6a8e535 100644 --- a/trust/index.c +++ b/trust/index.c @@ -170,10 +170,16 @@ p11_index_new (p11_index_build_cb build, index->objects = p11_dict_new (p11_dict_ulongptr_hash, p11_dict_ulongptr_equal, NULL, free_object); - return_val_if_fail (index->objects != NULL, NULL); + if (index->objects == NULL) { + p11_index_free (index); + return_val_if_reached (NULL); + } index->buckets = calloc (NUM_BUCKETS, sizeof (index_bucket)); - return_val_if_fail (index->buckets != NULL, NULL); + if (index->buckets == NULL) { + p11_index_free (index); + return_val_if_reached (NULL); + } return index; } diff --git a/trust/persist.c b/trust/persist.c index 887b316..569cea1 100644 --- a/trust/persist.c +++ b/trust/persist.c @@ -89,7 +89,10 @@ p11_persist_new (void) return_val_if_fail (persist != NULL, NULL); persist->constants = p11_constant_reverse (true); - return_val_if_fail (persist->constants != NULL, NULL); + if (persist->constants == NULL) { + free (persist); + return_val_if_reached (NULL); + } return persist; } diff --git a/trust/save.c b/trust/save.c index abff864..8184e13 100644 --- a/trust/save.c +++ b/trust/save.c @@ -68,6 +68,8 @@ static char * make_unique_name (const char *bare, const char *extension, int (*check) (void *, char *), void *data); +static void filo_free (p11_save_file *file); +static void dir_free (p11_save_dir *dir); bool p11_save_write_and_finish (p11_save_file *file, @@ -114,9 +116,15 @@ p11_save_open_file (const char *path, return_val_if_fail (file != NULL, NULL); file->temp = temp; file->bare = strdup (path); - return_val_if_fail (file->bare != NULL, NULL); + if (file->bare == NULL) { + filo_free (file); + return_val_if_reached (NULL); + } file->extension = strdup (extension); - return_val_if_fail (file->extension != NULL, NULL); + if (file->extension == NULL) { + filo_free (file); + return_val_if_reached (NULL); + } file->flags = flags; file->fd = fd; @@ -166,6 +174,13 @@ filo_free (p11_save_file *file) free (file); } +static void +dir_free (p11_save_dir *dir) { + p11_dict_free (dir->cache); + free (dir->path); + free (dir); +} + #ifdef OS_UNIX static int @@ -349,10 +364,16 @@ p11_save_open_directory (const char *path, return_val_if_fail (dir != NULL, NULL); dir->path = strdup (path); - return_val_if_fail (dir->path != NULL, NULL); + if (dir->path == NULL) { + dir_free (dir); + return_val_if_reached (NULL); + } dir->cache = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, free, NULL); - return_val_if_fail (dir->cache != NULL, NULL); + if (dir->cache == NULL) { + dir_free (dir); + return_val_if_reached (NULL); + } dir->flags = flags; return dir; diff --git a/trust/session.c b/trust/session.c index b93a5c3..d464394 100644 --- a/trust/session.c +++ b/trust/session.c @@ -59,12 +59,18 @@ p11_session_new (p11_token *token) session->handle = p11_module_next_id (); session->builder = p11_builder_new (P11_BUILDER_FLAG_NONE); - return_val_if_fail (session->builder, NULL); + if (session->builder == NULL) { + p11_session_free (session); + return_val_if_reached (NULL); + } session->index = p11_index_new (p11_builder_build, NULL, NULL, p11_builder_changed, session->builder); - return_val_if_fail (session->index != NULL, NULL); + if (session->index == NULL) { + p11_session_free (session); + return_val_if_reached (NULL); + } session->token = token; diff --git a/trust/token.c b/trust/token.c index 4cbcc77..fd3b043 100644 --- a/trust/token.c +++ b/trust/token.c @@ -829,7 +829,10 @@ p11_token_new (CK_SLOT_ID slot, return_val_if_fail (token != NULL, NULL); token->builder = p11_builder_new (P11_BUILDER_FLAG_TOKEN); - return_val_if_fail (token->builder != NULL, NULL); + if (token->builder == NULL) { + p11_token_free (token); + return_val_if_reached (NULL); + } token->index = p11_index_new (on_index_build, on_index_store, -- 2.17.2 From 06323aed926ddc67bd18ed98e5af92035a8e3d39 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:14:46 +0200 Subject: [PATCH 04/10] build: Check return value of p11_dict_set --- p11-kit/proxy.c | 3 ++- p11-kit/rpc-server.c | 6 +++++- trust/module.c | 3 ++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c index abe7935..11e6165 100644 --- a/p11-kit/proxy.c +++ b/p11-kit/proxy.c @@ -612,7 +612,8 @@ proxy_C_OpenSession (CK_X_FUNCTION_LIST *self, sess->wrap_slot = map.wrap_slot; sess->real_session = *handle; sess->wrap_session = ++state->last_handle; /* TODO: Handle wrapping, and then collisions */ - p11_dict_set (state->px->sessions, &sess->wrap_session, sess); + if (!p11_dict_set (state->px->sessions, &sess->wrap_session, sess)) + warn_if_reached (); *handle = sess->wrap_session; } diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c index 2db3524..3a8991d 100644 --- a/p11-kit/rpc-server.c +++ b/p11-kit/rpc-server.c @@ -2226,7 +2226,11 @@ p11_kit_remote_serve_tokens (const char **tokens, p11_message_err (error, "couldn't subclass filter"); goto out; } - p11_dict_set (filters, module, filter); + if (!p11_dict_set (filters, module, filter)) { + error = EINVAL; + p11_message_err (error, "couldn't register filter"); + goto out; + } } for (i = 0; i < n_tokens; i++) { diff --git a/trust/module.c b/trust/module.c index e09113b..24cda87 100644 --- a/trust/module.c +++ b/trust/module.c @@ -1321,7 +1321,8 @@ find_objects_match (CK_ATTRIBUTE *attrs, } value = memdup (oid->pValue, oid->ulValueLen); return_val_if_fail (value != NULL, false); - p11_dict_set (find->extensions, value, value); + if (!p11_dict_set (find->extensions, value, value)) + warn_if_reached (); } } -- 2.17.2 From 213ea0815ef45411bf6c134918b79d2aad69c1dc Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:16:12 +0200 Subject: [PATCH 05/10] build: Check return value of p11_rpc_buffer_get_uint64 --- p11-kit/rpc-client.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/p11-kit/rpc-client.c b/p11-kit/rpc-client.c index 0dd4525..e202e37 100644 --- a/p11-kit/rpc-client.c +++ b/p11-kit/rpc-client.c @@ -371,7 +371,8 @@ proto_read_ulong_array (p11_rpc_message *msg, CK_ULONG_PTR arr, /* We need to go ahead and read everything in all cases */ for (i = 0; i < num; ++i) { - p11_rpc_buffer_get_uint64 (msg->input, &msg->parsed, &val); + if (!p11_rpc_buffer_get_uint64 (msg->input, &msg->parsed, &val)) + return PARSE_ERROR; if (arr) arr[i] = (CK_ULONG)val; } -- 2.17.2 From 1f78cb0b4dd193ec1f1b2b424a497a6c2edec043 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:16:51 +0200 Subject: [PATCH 06/10] rpc-server: p11_kit_remote_serve_tokens: Fix memleak --- p11-kit/rpc-server.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c index 3a8991d..5b3dbf0 100644 --- a/p11-kit/rpc-server.c +++ b/p11-kit/rpc-server.c @@ -2285,6 +2285,11 @@ p11_kit_remote_serve_tokens (const char **tokens, p11_kit_modules_release (modules); if (error != 0) errno = error; + if (uris) { + for (i = 0; i < n_tokens; i++) + p11_kit_uri_free (uris[i]); + free (uris); + } return ret; } -- 2.17.2 From 033cd90806cb1e2eab7e799703757abc2f07052e Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:18:05 +0200 Subject: [PATCH 07/10] proxy: Fix null dereference when reusing slots --- p11-kit/proxy.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c index 11e6165..8eaf205 100644 --- a/p11-kit/proxy.c +++ b/p11-kit/proxy.c @@ -307,7 +307,10 @@ proxy_create (Proxy **res, CK_FUNCTION_LIST **loaded, break; } py->mappings[py->n_mappings].funcs = funcs; - py->mappings[py->n_mappings].wrap_slot = j == n_mappings ? py->n_mappings + MAPPING_OFFSET : mappings[j].wrap_slot; + py->mappings[py->n_mappings].wrap_slot = + (n_mappings == 0 || j == n_mappings) ? + py->n_mappings + MAPPING_OFFSET : + mappings[j].wrap_slot; py->mappings[py->n_mappings].real_slot = slots[i]; ++py->n_mappings; } -- 2.17.2 From da73c2804b3ca962fa51473bb4c303a5ed32d4a1 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 16 Oct 2018 18:20:12 +0200 Subject: [PATCH 08/10] trust: Set umask before calling mkstemp --- trust/save.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/trust/save.c b/trust/save.c index 8184e13..bb77348 100644 --- a/trust/save.c +++ b/trust/save.c @@ -95,6 +95,7 @@ p11_save_open_file (const char *path, { p11_save_file *file; char *temp; + mode_t mode; int fd; return_val_if_fail (path != NULL, NULL); @@ -105,7 +106,9 @@ p11_save_open_file (const char *path, if (asprintf (&temp, "%s%s.XXXXXX", path, extension) < 0) return_val_if_reached (NULL); + mode = umask (0077); fd = mkstemp (temp); + umask (mode); if (fd < 0) { p11_message_err (errno, "couldn't create file: %s%s", path, extension); free (temp); -- 2.17.2 From 6417780ebbbbb0f01ddb001b239347655fb98578 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Wed, 17 Oct 2018 09:53:27 +0200 Subject: [PATCH 09/10] rpc-server: Check calloc failure --- p11-kit/rpc-server.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c index 5b3dbf0..3216742 100644 --- a/p11-kit/rpc-server.c +++ b/p11-kit/rpc-server.c @@ -2219,6 +2219,10 @@ p11_kit_remote_serve_tokens (const char **tokens, filter = p11_dict_get (filters, module); if (filter == NULL) { lower = calloc (1, sizeof (p11_virtual)); + if (lower == NULL) { + error = ENOMEM; + goto out; + } p11_virtual_init (lower, &p11_virtual_base, module, NULL); filter = p11_filter_subclass (lower, NULL); if (filter == NULL) { -- 2.17.2 From 83e92c2f9575707083d8b0c70ef330e285d70836 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Wed, 17 Oct 2018 09:53:46 +0200 Subject: [PATCH 10/10] trust: Check index->buckets is allocated on cleanup --- trust/index.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/trust/index.c b/trust/index.c index 6a8e535..2d1da29 100644 --- a/trust/index.c +++ b/trust/index.c @@ -193,9 +193,11 @@ p11_index_free (p11_index *index) p11_dict_free (index->objects); p11_dict_free (index->changes); - for (i = 0; i < NUM_BUCKETS; i++) - free (index->buckets[i].elem); - free (index->buckets); + if (index->buckets) { + for (i = 0; i < NUM_BUCKETS; i++) + free (index->buckets[i].elem); + free (index->buckets); + } free (index); } -- 2.17.2