summaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
authorSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-01-08 07:58:33 +0100
committerSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-01-08 07:58:33 +0100
commit7ad94d1427d304483e9bf1cf1d12065f8e41d712 (patch)
tree573016db50a53b71487101245ffcaf38aab5a92a /src/credential
parentcc5bb40d158b207c384ae98c868573771735f10a (diff)
bugfixes
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/credential_misc.c1
-rw-r--r--src/credential/credential_serialization.c1
-rw-r--r--src/credential/gnunet-credential.c7
-rw-r--r--src/credential/gnunet-service-credential.c14
-rw-r--r--src/credential/plugin_gnsrecord_credential.c10
-rw-r--r--src/credential/plugin_rest_credential.c16
6 files changed, 39 insertions, 10 deletions
diff --git a/src/credential/credential_misc.c b/src/credential/credential_misc.c
index c94c33919..2575f1de8 100644
--- a/src/credential/credential_misc.c
+++ b/src/credential/credential_misc.c
@@ -149,6 +149,7 @@ GNUNET_CREDENTIAL_credential_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
{
GNUNET_break (0);
GNUNET_free (crd);
+ GNUNET_free (cred);
return NULL;
}
cred->signature = crd->signature;
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
index 1d23bb08c..2bbf3bfb8 100644
--- a/src/credential/credential_serialization.c
+++ b/src/credential/credential_serialization.c
@@ -279,7 +279,6 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len;
}
return ret+GNUNET_CREDENTIAL_credentials_get_size(c_count, cd);
- return ret;
}
/**
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 03f959b95..b5bcc4d43 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -371,12 +371,14 @@ run (void *cls,
fprintf (stderr,
_("Failed to connect to CREDENTIAL\n"));
GNUNET_SCHEDULER_shutdown ();
+ return;
}
if (NULL == issuer_attr)
{
fprintf (stderr,
_("You must provide issuer the attribute\n"));
GNUNET_SCHEDULER_shutdown ();
+ return;
}
if (NULL == ego_name)
@@ -432,6 +434,7 @@ run (void *cls,
_("Issuer public key `%s' is not well-formed\n"),
issuer_key);
GNUNET_SCHEDULER_shutdown ();
+ return;
}
credential = GNUNET_CREDENTIAL_connect (cfg);
@@ -440,12 +443,14 @@ run (void *cls,
fprintf (stderr,
_("Failed to connect to CREDENTIAL\n"));
GNUNET_SCHEDULER_shutdown ();
+ return;
}
if (NULL == issuer_attr || NULL == subject_credential)
{
fprintf (stderr,
_("You must provide issuer and subject attributes\n"));
GNUNET_SCHEDULER_shutdown ();
+ return;
}
//Subject credentials are comma separated
@@ -457,6 +462,7 @@ run (void *cls,
"Invalid subject credentials\n");
GNUNET_free (tmp);
GNUNET_SCHEDULER_shutdown ();
+ return;
}
int count = 1;
int i;
@@ -490,6 +496,7 @@ run (void *cls,
{
GNUNET_free ((char*)credentials[i].issuer_attribute);
}
+ GNUNET_free (tmp);
} else if (GNUNET_YES == create_cred) {
if (NULL == ego_name)
{
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index be88839e9..a2c339363 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -722,6 +722,12 @@ backward_resolution (void* cls,
strcpy (issuer_attribute_name,
ds_entry->unresolved_attribute_delegation);
char *next_attr = strtok (issuer_attribute_name, ".");
+ if (NULL == next_attr)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Failed to parse next attribute\n");
+ continue;
+ }
GNUNET_asprintf (&lookup_attribute,
"%s.gnu",
next_attr);
@@ -806,7 +812,7 @@ delegation_chain_resolution_start (void* cls)
* Check for attributes from the issuer and follow the chain
* till you get the required subject's attributes
*/
- char issuer_attribute_name[strlen (vrh->issuer_attribute)];
+ char issuer_attribute_name[strlen (vrh->issuer_attribute) + strlen (".gnu") + 1];
strcpy (issuer_attribute_name,
vrh->issuer_attribute);
strcpy (issuer_attribute_name + strlen (vrh->issuer_attribute),
@@ -889,7 +895,7 @@ handle_verify (void *cls,
vrh->issuer_key = v_msg->issuer_key;
vrh->subject_key = v_msg->subject_key;
vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
- if (NULL == issuer_attribute)
+ if (0 == strlen (issuer_attribute))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"No issuer attribute provided!\n");
@@ -1033,7 +1039,7 @@ handle_collect (void *cls,
&vrh->subject_key);
vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
- if (NULL == issuer_attribute)
+ if (0 == strlen (issuer_attribute))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"No issuer attribute provided!\n");
@@ -1076,7 +1082,7 @@ check_collect (void *cls,
}
attr = (const char *) &c_msg[1];
- if ( ('\0' != attr[ntohs(c_msg->header.size) - sizeof (struct CollectMessage) - 1]) ||
+ if ( ('\0' != attr[msg_size - sizeof (struct CollectMessage) - 1]) ||
(strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH) )
{
GNUNET_break (0);
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index 342790b7a..ffb2857dc 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -199,6 +199,13 @@ credential_string_to_value (void *cls,
GNUNET_free (tmp_str);
tmp_str = GNUNET_strdup (s);
token = strtok (tmp_str, ",");
+ if (NULL == token)
+ {
+ GNUNET_free (tmp_str);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Malformed string %s\n", s);
+ return GNUNET_SYSERR;
+ }
struct GNUNET_CREDENTIAL_DelegationSet set[entries];
for (i=0;i<entries;i++)
{
@@ -219,7 +226,10 @@ credential_string_to_value (void *cls,
set);
if (-1 == tmp_data_size)
+ {
+ GNUNET_free (tmp_str);
return GNUNET_SYSERR;
+ }
*data_size += tmp_data_size;
*data = sets = GNUNET_malloc (*data_size);
GNUNET_CREDENTIAL_delegation_set_serialize (entries,
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
index 480658822..2e43139de 100644
--- a/src/credential/plugin_rest_credential.c
+++ b/src/credential/plugin_rest_credential.c
@@ -617,7 +617,6 @@ collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Missing subject\n");
- GNUNET_free (entity_attr);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -627,7 +626,6 @@ collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Malformed subject\n");
- GNUNET_free (entity_attr);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -728,7 +726,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Missing subject key\n");
- GNUNET_free (entity_attr);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -738,7 +735,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Malformed subject\n");
- GNUNET_free (entity_attr);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -748,7 +744,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
&handle->subject_key)) {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Malformed subject key\n");
- GNUNET_free (entity_attr);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -858,6 +853,7 @@ send_cred_response (struct RequestHandle *handle,
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Subject malformed\n");
+ GNUNET_free (issuer);
return;
}
GNUNET_asprintf (&id,
@@ -869,6 +865,8 @@ send_cred_response (struct RequestHandle *handle,
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Subject malformed\n");
+ GNUNET_free (id);
+ GNUNET_free (issuer);
return;
}
GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
@@ -953,6 +951,14 @@ get_cred_issuer_cb (void *cls,
}
expiration_str = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
&key);
+ if ( NULL == expiration_str )
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Expiration malformed\n");
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+
if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration_str,
&etime_rel))
{