hi,
please have a look at this patch and let me know what
you think of it. lots of small issues. It reverts some the
changes hat were wrong too.
I already found some false positives in some warnings
I got, but I might have missed more / misunderstood the
code or the warning. so please have a look.
let me know which parts I should commit, and whether
to commit them to trunk only or also to opensc-0.11.0
for another release candidate.
more TODO items:
in card-oberthur.c SC_TEST_RET needs to free(key_file), too.
sc-test.c assumes sc_detect_card_presence returns 0 or 1
I think it can also return 2 or 3 (card changed flag).
thus the current code might not set opt_reader,
but use it as index in an array and [-1] is not healthy.
profile.c:sc_profile_addfile: file == NULL test is too late.
feel free to fix these :)
and one big item: size_t & printf. we already fixed
all amd64 warnings by using %lu everywhere. but
that creates new warnings on 32 bit. the real fix
is to use %lu and a (unsinged long) cast in combination.
will look at the code and add those casts everywhere.
ugly, but the only fix that will really work everywhere.
Regards, Andreas
Index: src/tools/pkcs15-init.c
===================================================================
--- src/tools/pkcs15-init.c (revision 2919)
+++ src/tools/pkcs15-init.c (working copy)
@@ -1260,7 +1260,7 @@
{
int r = 0;
sc_pkcs15_id_t id;
- sc_pkcs15_object_t *obj;
+ sc_pkcs15_object_t *obj = NULL;
if (opt_objectid == NULL) {
printf("You have to specify the --id of the object\n");
Index: src/tools/eidenv.c
===================================================================
--- src/tools/eidenv.c (revision 2919)
+++ src/tools/eidenv.c (working copy)
@@ -432,6 +432,7 @@
execv(exec_program, largv);
/* we should not get here */
perror("execv()");
+ exit(1);
}
out:
Index: src/pkcs11/framework-pkcs15.c
===================================================================
--- src/pkcs11/framework-pkcs15.c (revision 2919)
+++ src/pkcs11/framework-pkcs15.c (working copy)
@@ -2345,6 +2345,7 @@
sc_debug(context, "data_len %i\n", data->data_len);
check_attribute_buffer(attr, data->data_len);
memcpy(attr->pValue, data->data, data->data_len);
+ free(data);
}
break;
default:
Index: src/pkcs15init/pkcs15-lib.c
===================================================================
--- src/pkcs15init/pkcs15-lib.c (revision 2919)
+++ src/pkcs15init/pkcs15-lib.c (working copy)
@@ -512,14 +512,14 @@
int r = 0, nfids;
char pbuf[SC_MAX_PATH_STRING_SIZE];
+ if (df == NULL)
+ return SC_ERROR_INTERNAL;
r = sc_path_print(pbuf, sizeof(pbuf), &df->path);
if (r != SC_SUCCESS)
pbuf[0] = '\0';
sc_debug(card->ctx, "sc_pkcs15init_rmdir(%s)\n", pbuf);
- if (df == NULL)
- return SC_ERROR_INTERNAL;
if (df->type == SC_FILE_TYPE_DF) {
r = sc_pkcs15init_authenticate(profile, card, df,
SC_AC_OP_LIST_FILES);
@@ -758,10 +758,14 @@
SC_PKCS15_AODF, NULL);
}
- if (r >= 0)
+ if (r >= 0) {
r = sc_pkcs15init_update_dir(p15spec, profile, app);
- if (r >= 0)
- r = sc_pkcs15init_update_tokeninfo(p15spec, profile);
+
+ if (r >= 0)
+ r = sc_pkcs15init_update_tokeninfo(p15spec, profile);
+ } else {
+ free(app); /* unused */
+ }
sc_ctx_suppress_errors_on(card->ctx);
sc_pkcs15init_write_info(card, profile, pin_obj);
@@ -2679,7 +2683,7 @@
}
if (label)
- strncpy(object->label, label, sizeof(object->label));
+ strncpy(object->label, label, sizeof(object->label)-1);
if (auth_id)
object->auth_id = *auth_id;
@@ -3601,7 +3605,7 @@
r = sc_read_binary(card, 0, mem, len, 0);
}
} else {
- r = 0;
+ r = -1;
}
sc_ctx_suppress_errors_off(card->ctx);
Index: src/libopensc/card-oberthur.c
===================================================================
--- src/libopensc/card-oberthur.c (revision 2919)
+++ src/libopensc/card-oberthur.c (working copy)
@@ -1269,8 +1269,10 @@
sc_debug(card->ctx, "algo SC_ALGORITHM_xDES: ref %X, flags %X\n",
env->algorithm_ref, env->flags);
if (key_file->ef_structure != SC_CARDCTL_OBERTHUR_KEY_DES ||
- key_file->type != SC_FILE_TYPE_INTERNAL_EF)
+ key_file->type != SC_FILE_TYPE_INTERNAL_EF) {
+ sc_file_free(key_file);
return SC_ERROR_INVALID_ARGUMENTS;
+ }
des_buf_len = 3;
if (env->flags & SC_SEC_ENV_FILE_REF_PRESENT) {
@@ -1286,6 +1288,7 @@
apdu.datalen = des_buf_len;
}
else {
+ sc_file_free(key_file);
sc_error(card->ctx, "Invalid crypto operation: %X\n", env->operation);
return SC_ERROR_NOT_SUPPORTED;
}
@@ -1294,18 +1297,22 @@
case SC_ALGORITHM_RSA:
sc_debug(card->ctx, "algo SC_ALGORITHM_RSA\n");
if (env->algorithm_flags & SC_ALGORITHM_RSA_HASHES) {
+ sc_file_free(key_file);
sc_error(card->ctx, "Not support for hashes.\n");
return SC_ERROR_NOT_SUPPORTED;
}
if (pads & (~supported_pads)) {
+ sc_file_free(key_file);
sc_error(card->ctx, "No support for this PAD: %X\n",pads);
return SC_ERROR_NOT_SUPPORTED;
}
if (key_file->type != SC_FILE_TYPE_INTERNAL_EF ||
- key_file->ef_structure != SC_CARDCTL_OBERTHUR_KEY_RSA_CRT)
+ key_file->ef_structure != SC_CARDCTL_OBERTHUR_KEY_RSA_CRT) {
+ sc_file_free(key_file);
return SC_ERROR_INVALID_ARGUMENTS;
+ }
rsa_sbuf[5] = (key_file->id>>8) & 0xFF;
rsa_sbuf[6] = key_file->id & 0xFF;
@@ -1326,12 +1333,14 @@
apdu.data = rsa_sbuf;
}
else {
+ sc_file_free(key_file);
sc_error(card->ctx, "Invalid crypto operation: %X\n", env->operation);
return SC_ERROR_NOT_SUPPORTED;
}
break;
default:
+ sc_file_free(key_file);
sc_error(card->ctx, "Invalid crypto algorithm supplied.\n");
return SC_ERROR_NOT_SUPPORTED;
}
Index: src/libopensc/pkcs15-gemsafe.c
===================================================================
--- src/libopensc/pkcs15-gemsafe.c (revision 2919)
+++ src/libopensc/pkcs15-gemsafe.c (working copy)
@@ -389,14 +389,18 @@
break; /* cert not found, no more certs */
r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
- if (r < 0)
+ if (r < 0) {
+ free(gsdata);
return SC_ERROR_INTERNAL;
+ }
/* now lets see if we have a matching key for this cert */
r = sc_pkcs15_read_certificate(p15card, &cert_info, &cert_out);
- if (r < 0)
+ if (r < 0) {
+ free(gsdata);
return SC_ERROR_INTERNAL;
+ }
for (j = 0; j < num_keyinfo; j++) {
if (cert_out->key.u.rsa.modulus.len == kinfo[j].modulus_len &&
Index: src/libopensc/apdu.c
===================================================================
--- src/libopensc/apdu.c (revision 2919)
+++ src/libopensc/apdu.c (working copy)
@@ -222,14 +222,15 @@
}
/* set the SW1 and SW2 status bytes (the last two bytes of
* the response */
- apdu->sw1 = (unsigned int)buf[len - 2];
- apdu->sw2 = (unsigned int)buf[len - 1];
+ apdu->sw1 = buf[len - 2];
+ apdu->sw2 = buf[len - 1];
len -= 2;
/* set output length and copy the returned data if necessary */
- if (apdu->resplen >= len) {
+ if (len <= apdu->resplen)
apdu->resplen = len;
+
+ if (apdu->resplen != 0)
memcpy(apdu->resp, buf, apdu->resplen);
- }
return SC_SUCCESS;
}
Index: src/libopensc/log.c
===================================================================
--- src/libopensc/log.c (revision 2919)
+++ src/libopensc/log.c (working copy)
@@ -98,8 +98,8 @@
}
if (file != NULL) {
- r = snprintf(buf, sizeof(buf)-1, "%s:%d:%s: ", file, line, func ? func : "");
- if (r < 0 || (unsigned int)r >= sizeof(buf))
+ r = snprintf(buf, sizeof(buf), "%s:%d:%s: ", file, line, func ? func : "");
+ if (r < 0 || (unsigned int)r > sizeof(buf))
return;
} else {
r = 0;
@@ -107,13 +107,13 @@
p = buf + r;
left = sizeof(buf) - r;
- r = vsnprintf(p, left-1, format, args);
- if (r < 0)
- return;
- p += r;
- left -= r;
- /* make sure the string is 0 terminated */
- buf[sizeof(buf)-1] = 0;
+ if (left) {
+ r = vsnprintf(p, left, format, args);
+ if (r < 0)
+ return;
+ p += r;
+ left -= r;
+ }
display_fn(ctx, buf);
}
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
