[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] 02/02: -coverity: handle invalid key length
|
From: |
gnunet |
|
Subject: |
[gnunet] 02/02: -coverity: handle invalid key length |
|
Date: |
Sat, 15 May 2021 20:23:15 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit 6d40171315d344d8a62d611df200d43f1fefc238
Author: Martin Schanzenbach <mschanzenbach@posteo.de>
AuthorDate: Sat May 15 20:20:48 2021 +0200
-coverity: handle invalid key length
---
src/gns/gnunet-service-gns_resolver.c | 12 ++++++------
src/reclaim/plugin_rest_pabc.c | 1 +
src/revocation/gnunet-revocation.c | 8 +++++++-
src/revocation/revocation_api.c | 5 ++++-
4 files changed, 18 insertions(+), 8 deletions(-)
diff --git a/src/gns/gnunet-service-gns_resolver.c
b/src/gns/gnunet-service-gns_resolver.c
index 784a6ee6d..958bf2e94 100644
--- a/src/gns/gnunet-service-gns_resolver.c
+++ b/src/gns/gnunet-service-gns_resolver.c
@@ -1764,8 +1764,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle
*rh,
/**
* Records other than GNS2DNS not allowed
*/
- if (NULL != ns)
- GNUNET_free (ns);
+ GNUNET_free (ns);
+ GNUNET_free (ac);
return GNUNET_SYSERR;
}
off = 0;
@@ -1777,10 +1777,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle
*rh,
(NULL == ip))
{
GNUNET_break_op (0);
- if (NULL != n)
- GNUNET_free (n);
- if (NULL != ip)
- GNUNET_free (ip);
+ GNUNET_free (n);
+ GNUNET_free (ip);
continue;
}
@@ -1789,6 +1787,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle
*rh,
if (off != rd[i].data_size)
{
GNUNET_break_op (0);
+ GNUNET_free (n);
+ GNUNET_free (ip);
continue;
}
/* resolve 'ip' to determine the IP(s) of the DNS
diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c
index a0551f215..4b7d21df3 100644
--- a/src/reclaim/plugin_rest_pabc.c
+++ b/src/reclaim/plugin_rest_pabc.c
@@ -282,6 +282,7 @@ set_attributes_from_idtoken (const struct pabc_context *ctx,
"Failed to set attribute `%s'.\n", key);
}
}
+ GNUNET_free (jwt_string);
return PABC_OK;
}
diff --git a/src/revocation/gnunet-revocation.c
b/src/revocation/gnunet-revocation.c
index 99fecdd35..a7f96385c 100644
--- a/src/revocation/gnunet-revocation.c
+++ b/src/revocation/gnunet-revocation.c
@@ -343,7 +343,13 @@ ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego)
GNUNET_DISK_fn_read (filename, proof_of_work,
GNUNET_REVOCATION_MAX_PROOF_SIZE))))
{
- size_t ksize = GNUNET_IDENTITY_key_get_length (&key);
+ ssize_t ksize = GNUNET_IDENTITY_key_get_length (&key);
+ if (0 > ksize)
+ {
+ fprintf (stderr,
+ _ ("Error: Key is invalid\n"));
+ return;
+ }
if (((psize - sizeof (*proof_of_work)) < ksize) || // Key too small
(0 != memcmp (&proof_of_work[1], &key, ksize))) // Keys do not match
{
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index e2f871c23..f2b95bafa 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -707,6 +707,7 @@ GNUNET_REVOCATION_pow_round (struct
GNUNET_REVOCATION_PowCalculationHandle *pc)
unsigned int zeros;
int ret;
uint64_t pow_nbo;
+ ssize_t ksize;
pc->current_pow++;
pk = (const struct GNUNET_IDENTITY_PublicKey *) &(pc->pow[1]);
@@ -722,9 +723,11 @@ GNUNET_REVOCATION_pow_round (struct
GNUNET_REVOCATION_PowCalculationHandle *pc)
GNUNET_memcpy (&buf[sizeof(uint64_t)],
&pc->pow->timestamp,
sizeof (uint64_t));
+ ksize = GNUNET_IDENTITY_key_get_length (pk);
+ GNUNET_assert (0 < ksize);
GNUNET_memcpy (&buf[sizeof(uint64_t) * 2],
pk,
- GNUNET_IDENTITY_key_get_length (pk));
+ ksize);
GNUNET_CRYPTO_pow_hash (&salt,
buf,
sizeof(buf),
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.