[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r37790 - gnunet/src/identity-provider
From: |
gnunet |
Subject: |
[GNUnet-SVN] r37790 - gnunet/src/identity-provider |
Date: |
Fri, 26 Aug 2016 13:55:54 +0200 |
Author: grothoff
Date: 2016-08-26 13:55:54 +0200 (Fri, 26 Aug 2016)
New Revision: 37790
Modified:
gnunet/src/identity-provider/gnunet-identity-token.c
Log:
fix double free, bad use of strtok
Modified: gnunet/src/identity-provider/gnunet-identity-token.c
===================================================================
--- gnunet/src/identity-provider/gnunet-identity-token.c 2016-08-26
11:38:34 UTC (rev 37789)
+++ gnunet/src/identity-provider/gnunet-identity-token.c 2016-08-26
11:55:54 UTC (rev 37790)
@@ -1,3 +1,29 @@
+/*
+ This file is part of GNUnet.
+ Copyright (C) 2012-2015 GNUnet e.V.
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+ */
+/**
+ * @author Martin Schanzenbach
+ * @file src/identity-provider/gnunet-service-identity-provider.c
+ * @brief Identity Token Service
+ *
+ */
+
#include "platform.h"
#include "gnunet_util_lib.h"
#include <jansson.h>
@@ -19,14 +45,14 @@
const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *c)
{
- char* payload;
- char* header;
+ char *payload;
+ char *header;
//Get token parts
- char* header_b64 = strtok (token, ".");
- char* payload_b64 = strtok(NULL, ".");
- char* signature_b32 = strtok(NULL, ".");
- const char* keystring;
- char* data;
+ const char *header_b64;
+ const char *payload_b64;
+ const char *signature_b32;
+ const char *keystring;
+ char *data;
json_t *payload_json;
json_t *keystring_json;
json_error_t error;
@@ -33,11 +59,28 @@
struct GNUNET_CRYPTO_EcdsaPublicKey key;
struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
struct GNUNET_CRYPTO_EcdsaSignature sig;
-
- GNUNET_assert (NULL != header_b64);
- GNUNET_assert (NULL != payload_b64);
- GNUNET_assert (NULL != signature_b32);
-
+
+ if (NULL == token)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+ _("Option `-t' is required\n"));
+ return;
+ }
+ header_b64 = strtok (token, ".");
+ payload_b64 = strtok (NULL, ".");
+ signature_b32 = strtok (NULL, ".");
+ if ( (NULL != header_b64) ||
+ (NULL != payload_b64) ||
+ (NULL != signature_b32) )
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+ _("Token `%s' is malformed\n"),
+ token);
+ GNUNET_free (token);
+ token = NULL;
+ return;
+ }
+
//Decode payload
GNUNET_STRINGS_base64_decode (payload_b64,
strlen (payload_b64),
@@ -46,10 +89,8 @@
GNUNET_STRINGS_base64_decode (header_b64,
strlen (header_b64),
&header);
- if (NULL == token)
- return;
-
+
GNUNET_asprintf(&data,
"%s,%s",
header_b64,
@@ -60,14 +101,14 @@
purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN);
GNUNET_memcpy (&purpose[1], data, strlen(data));
GNUNET_free (data);
- GNUNET_free (header_b64);
- GNUNET_free (header_b64);
+ GNUNET_free (token);
+ token = NULL;
if (print_token)
printf ("Token:\nHeader:\t\t%s\nPayload:\t%s\n", header, payload);
GNUNET_free (header);
GNUNET_free (payload);
-
+
payload_json = json_loads (payload, 0, &error);
if ((NULL == payload_json) || !json_is_object (payload_json))
{
@@ -92,10 +133,10 @@
strlen (signature_b32),
&sig,
sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
-
- if (print_token)
+
+ if (print_token)
printf ("Signature:\t%s\n", keystring);
-
+
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN,
purpose,
&sig,
@@ -106,6 +147,8 @@
GNUNET_free (val);
return;
}
+
+
int
main(int argc, char *const argv[])
{
@@ -123,5 +166,3 @@
"ct", options,
&run, NULL);
}
-
-
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r37790 - gnunet/src/identity-provider,
gnunet <=