diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2016-07-07 12:17:52 +0000 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2016-07-07 12:17:52 +0000 |
commit | 6e956d0ced722dbfbd8adeb303ad7006aed6b025 (patch) | |
tree | e6d28c9f6ba0800ac8724f41c6af148679451f8c /src/identity-provider | |
parent | ea7bfd24c3f394ee60a1f02d358c7ba88e05447c (diff) | |
download | gnunet-6e956d0ced722dbfbd8adeb303ad7006aed6b025.tar.gz gnunet-6e956d0ced722dbfbd8adeb303ad7006aed6b025.zip |
- fix coverity
Diffstat (limited to 'src/identity-provider')
-rw-r--r-- | src/identity-provider/gnunet-identity-token.c | 27 | ||||
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 21 | ||||
-rw-r--r-- | src/identity-provider/identity_provider_api.c | 1 | ||||
-rw-r--r-- | src/identity-provider/identity_token.c | 4 | ||||
-rw-r--r-- | src/identity-provider/plugin_rest_identity_provider.c | 2 |
5 files changed, 38 insertions, 17 deletions
diff --git a/src/identity-provider/gnunet-identity-token.c b/src/identity-provider/gnunet-identity-token.c index ad4aae78a..3d2830835 100644 --- a/src/identity-provider/gnunet-identity-token.c +++ b/src/identity-provider/gnunet-identity-token.c | |||
@@ -33,6 +33,11 @@ run (void *cls, | |||
33 | struct GNUNET_CRYPTO_EcdsaPublicKey key; | 33 | struct GNUNET_CRYPTO_EcdsaPublicKey key; |
34 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; | 34 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; |
35 | struct GNUNET_CRYPTO_EcdsaSignature sig; | 35 | struct GNUNET_CRYPTO_EcdsaSignature sig; |
36 | |||
37 | GNUNET_assert (NULL != header_b64); | ||
38 | GNUNET_assert (NULL != payload_b64); | ||
39 | GNUNET_assert (NULL != signature_b32); | ||
40 | |||
36 | //Decode payload | 41 | //Decode payload |
37 | GNUNET_STRINGS_base64_decode (payload_b64, | 42 | GNUNET_STRINGS_base64_decode (payload_b64, |
38 | strlen (payload_b64), | 43 | strlen (payload_b64), |
@@ -54,16 +59,25 @@ run (void *cls, | |||
54 | purpose->size = htonl(sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + strlen (data)); | 59 | purpose->size = htonl(sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + strlen (data)); |
55 | purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN); | 60 | purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN); |
56 | memcpy (&purpose[1], data, strlen(data)); | 61 | memcpy (&purpose[1], data, strlen(data)); |
62 | GNUNET_free (data); | ||
63 | GNUNET_free (header_b64); | ||
64 | GNUNET_free (header_b64); | ||
57 | 65 | ||
66 | if (print_token) | ||
67 | printf ("Token:\nHeader:\t\t%s\nPayload:\t%s\n", header, payload); | ||
68 | GNUNET_free (header); | ||
69 | GNUNET_free (payload); | ||
58 | 70 | ||
59 | payload_json = json_loads (payload, 0, &error); | 71 | payload_json = json_loads (payload, 0, &error); |
60 | if ((NULL == payload_json) || !json_is_object (payload_json)) | 72 | if ((NULL == payload_json) || !json_is_object (payload_json)) |
61 | { | 73 | { |
74 | GNUNET_free (val); | ||
62 | return; | 75 | return; |
63 | } | 76 | } |
64 | keystring_json = json_object_get (payload_json, "iss"); | 77 | keystring_json = json_object_get (payload_json, "iss"); |
65 | if (!json_is_string (keystring_json)) | 78 | if (!json_is_string (keystring_json)) |
66 | { | 79 | { |
80 | GNUNET_free (val); | ||
67 | return; | 81 | return; |
68 | } | 82 | } |
69 | keystring = json_string_value (keystring_json); | 83 | keystring = json_string_value (keystring_json); |
@@ -71,6 +85,7 @@ run (void *cls, | |||
71 | strlen (keystring), | 85 | strlen (keystring), |
72 | &key)) | 86 | &key)) |
73 | { | 87 | { |
88 | GNUNET_free (val); | ||
74 | return; | 89 | return; |
75 | } | 90 | } |
76 | GNUNET_STRINGS_string_to_data (signature_b32, | 91 | GNUNET_STRINGS_string_to_data (signature_b32, |
@@ -78,19 +93,17 @@ run (void *cls, | |||
78 | &sig, | 93 | &sig, |
79 | sizeof (struct GNUNET_CRYPTO_EcdsaSignature)); | 94 | sizeof (struct GNUNET_CRYPTO_EcdsaSignature)); |
80 | 95 | ||
81 | if (print_token) { | 96 | if (print_token) |
82 | printf ("Token:\nHeader:\t\t%s\nPayload:\t%s\nSignature:\t%s\n", header, payload, keystring); | 97 | printf ("Signature:\t%s\n", keystring); |
83 | } | ||
84 | 98 | ||
85 | if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN, | 99 | if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN, |
86 | purpose, | 100 | purpose, |
87 | &sig, | 101 | &sig, |
88 | &key)) | 102 | &key)) |
89 | { | ||
90 | printf("Signature not OK!\n"); | 103 | printf("Signature not OK!\n"); |
91 | return; | 104 | else |
92 | } | 105 | printf("Signature OK!\n"); |
93 | printf("Signature OK!\n"); | 106 | GNUNET_free (val); |
94 | return; | 107 | return; |
95 | } | 108 | } |
96 | int | 109 | int |
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 0a690e2d3..32a695091 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -365,13 +365,13 @@ handle_token_update (void *cls) | |||
365 | { | 365 | { |
366 | if (0 == strcmp (attr->name, "exp")) | 366 | if (0 == strcmp (attr->name, "exp")) |
367 | { | 367 | { |
368 | sscanf (attr->val_head->value, | 368 | GNUNET_assert (1 == sscanf (attr->val_head->value, |
369 | "%"SCNu64, | 369 | "%"SCNu64, |
370 | &token_exp.abs_value_us); | 370 | &token_exp.abs_value_us)); |
371 | } else if (0 == strcmp (attr->name, "nbf")) { | 371 | } else if (0 == strcmp (attr->name, "nbf")) { |
372 | sscanf (attr->val_head->value, | 372 | GNUNET_assert (1 == sscanf (attr->val_head->value, |
373 | "%"SCNu64, | 373 | "%"SCNu64, |
374 | &token_nbf.abs_value_us); | 374 | &token_nbf.abs_value_us)); |
375 | } | 375 | } |
376 | } | 376 | } |
377 | token_rel_exp = GNUNET_TIME_absolute_get_difference (token_nbf, token_exp); | 377 | token_rel_exp = GNUNET_TIME_absolute_get_difference (token_nbf, token_exp); |
@@ -598,7 +598,7 @@ token_collect (void *cls, | |||
598 | 598 | ||
599 | //Get metadata and decrypt token | 599 | //Get metadata and decrypt token |
600 | ecdhe_privkey = *((struct GNUNET_CRYPTO_EcdhePrivateKey *)token_metadata_record->data); | 600 | ecdhe_privkey = *((struct GNUNET_CRYPTO_EcdhePrivateKey *)token_metadata_record->data); |
601 | aud_key = (struct GNUNET_CRYPTO_EcdsaPublicKey *)&ecdhe_privkey+sizeof(struct GNUNET_CRYPTO_EcdhePrivateKey); | 601 | aud_key = (struct GNUNET_CRYPTO_EcdsaPublicKey *)&(&ecdhe_privkey)[1]; |
602 | scopes = GNUNET_strdup ((char*) aud_key+sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | 602 | scopes = GNUNET_strdup ((char*) aud_key+sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); |
603 | 603 | ||
604 | token_parse2 (token_record->data, | 604 | token_parse2 (token_record->data, |
@@ -698,10 +698,10 @@ attribute_collect (void *cls, | |||
698 | val); | 698 | val); |
699 | } | 699 | } |
700 | } | 700 | } |
701 | GNUNET_CONTAINER_multihashmap_put (ego_entry->attr_map, | 701 | GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put (ego_entry->attr_map, |
702 | &key, | 702 | &key, |
703 | attr, | 703 | attr, |
704 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); | 704 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); |
705 | GNUNET_NAMESTORE_zone_iterator_next (ns_it); | 705 | GNUNET_NAMESTORE_zone_iterator_next (ns_it); |
706 | return; | 706 | return; |
707 | } | 707 | } |
@@ -1177,7 +1177,7 @@ process_lookup_result (void *cls, uint32_t rd_count, | |||
1177 | "Number of tokens %d != 2.", | 1177 | "Number of tokens %d != 2.", |
1178 | rd_count); | 1178 | rd_count); |
1179 | cleanup_exchange_handle (handle); | 1179 | cleanup_exchange_handle (handle); |
1180 | GNUNET_SCHEDULER_add_now (&do_shutdown, handle); | 1180 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); |
1181 | return; | 1181 | return; |
1182 | } | 1182 | } |
1183 | 1183 | ||
@@ -1362,6 +1362,8 @@ find_existing_token (void *cls, | |||
1362 | tmp2, | 1362 | tmp2, |
1363 | tmp); | 1363 | tmp); |
1364 | GNUNET_free (tmp_scopes); | 1364 | GNUNET_free (tmp_scopes); |
1365 | GNUNET_free (tmp2); | ||
1366 | GNUNET_free (tmp); | ||
1365 | GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); | 1367 | GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); |
1366 | return; | 1368 | return; |
1367 | } | 1369 | } |
@@ -1389,7 +1391,8 @@ find_existing_token (void *cls, | |||
1389 | GNUNET_free (tmp_scopes); | 1391 | GNUNET_free (tmp_scopes); |
1390 | //All scopes in token are also in request. Now | 1392 | //All scopes in token are also in request. Now |
1391 | //Check length | 1393 | //Check length |
1392 | if (GNUNET_CONTAINER_multihashmap_size (handle->attr_map) == scope_count_token) | 1394 | if ((NULL != handle->attr_map) && |
1395 | (GNUNET_CONTAINER_multihashmap_size (handle->attr_map) == scope_count_token)) | ||
1393 | { | 1396 | { |
1394 | //We have an existing token | 1397 | //We have an existing token |
1395 | handle->label = GNUNET_strdup (lbl); | 1398 | handle->label = GNUNET_strdup (lbl); |
diff --git a/src/identity-provider/identity_provider_api.c b/src/identity-provider/identity_provider_api.c index f3280cb18..53081ae05 100644 --- a/src/identity-provider/identity_provider_api.c +++ b/src/identity-provider/identity_provider_api.c | |||
@@ -511,6 +511,7 @@ GNUNET_IDENTITY_PROVIDER_exchange_ticket (struct GNUNET_IDENTITY_PROVIDER_Handle | |||
511 | slen = strlen (ticket_str) + 1; | 511 | slen = strlen (ticket_str) + 1; |
512 | if (slen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage)) | 512 | if (slen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (struct GNUNET_IDENTITY_PROVIDER_ExchangeMessage)) |
513 | { | 513 | { |
514 | GNUNET_free (ticket_str); | ||
514 | GNUNET_break (0); | 515 | GNUNET_break (0); |
515 | return NULL; | 516 | return NULL; |
516 | } | 517 | } |
diff --git a/src/identity-provider/identity_token.c b/src/identity-provider/identity_token.c index 8a90138ec..8f35170fb 100644 --- a/src/identity-provider/identity_token.c +++ b/src/identity-provider/identity_token.c | |||
@@ -424,6 +424,9 @@ token_parse (const char* raw_data, | |||
424 | GNUNET_asprintf (&tmp_buf, "%s", raw_data); | 424 | GNUNET_asprintf (&tmp_buf, "%s", raw_data); |
425 | ecdh_pubkey_str = strtok (tmp_buf, ","); | 425 | ecdh_pubkey_str = strtok (tmp_buf, ","); |
426 | enc_token_str = strtok (NULL, ","); | 426 | enc_token_str = strtok (NULL, ","); |
427 | |||
428 | GNUNET_assert (NULL != ecdh_pubkey_str); | ||
429 | GNUNET_assert (NULL != enc_token_str); | ||
427 | 430 | ||
428 | GNUNET_STRINGS_string_to_data (ecdh_pubkey_str, | 431 | GNUNET_STRINGS_string_to_data (ecdh_pubkey_str, |
429 | strlen (ecdh_pubkey_str), | 432 | strlen (ecdh_pubkey_str), |
@@ -547,6 +550,7 @@ token_to_string (const struct IdentityToken *token, | |||
547 | GNUNET_free (signature_target); | 550 | GNUNET_free (signature_target); |
548 | GNUNET_free (payload_str); | 551 | GNUNET_free (payload_str); |
549 | GNUNET_free (payload_base64); | 552 | GNUNET_free (payload_base64); |
553 | GNUNET_free (header_base64); | ||
550 | GNUNET_free (purpose); | 554 | GNUNET_free (purpose); |
551 | return GNUNET_SYSERR; | 555 | return GNUNET_SYSERR; |
552 | } | 556 | } |
diff --git a/src/identity-provider/plugin_rest_identity_provider.c b/src/identity-provider/plugin_rest_identity_provider.c index 207a15cc5..c0b018798 100644 --- a/src/identity-provider/plugin_rest_identity_provider.c +++ b/src/identity-provider/plugin_rest_identity_provider.c | |||
@@ -583,7 +583,7 @@ issue_token_cont (struct GNUNET_REST_RequestHandle *con, | |||
583 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 583 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
584 | "Request nonce: %s\n", | 584 | "Request nonce: %s\n", |
585 | nonce_str); | 585 | nonce_str); |
586 | sscanf (nonce_str, "%"SCNu64, &nonce); | 586 | GNUNET_assert (1 == sscanf (nonce_str, "%"SCNu64, &nonce)); |
587 | 587 | ||
588 | //Get expiration for token from URL parameter | 588 | //Get expiration for token from URL parameter |
589 | GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_EXP_STRING, | 589 | GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_EXP_STRING, |