fix double free, bad use of strtok

author: Christian Grothoff <christian@grothoff.org> 2016-08-26 11:55:54 +0000
committer: Christian Grothoff <christian@grothoff.org> 2016-08-26 11:55:54 +0000
commit: 871d289fbe7629caa39aeb7e9bb30d7d48864d62 (patch)
tree: 59c39e574fc2a716e10301ff53cd0878c42ca13f /src/identity-provider
parent: 6a80e00bda6d07527d0a6adf5812801a57bdf2f0 (diff)
download: gnunet-871d289fbe7629caa39aeb7e9bb30d7d48864d62.tar.gz
gnunet-871d289fbe7629caa39aeb7e9bb30d7d48864d62.zip
1 files changed, 64 insertions, 23 deletions
diff --git a/src/identity-provider/gnunet-identity-token.c b/src/identity-provider/gnunet-identity-token.c
index 3e7d5bd9b..1f480aae0 100644
--- a/src/identity-provider/gnunet-identity-token.c
+++ b/src/identity-provider/gnunet-identity-token.c
@@ -1,3 +1,29 @@
+/*
+   This file is part of GNUnet.
+   Copyright (C) 2012-2015 GNUnet e.V.
+   GNUnet is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published
+   by the Free Software Foundation; either version 3, or (at your
+   option) any later version.
+   GNUnet is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+   You should have received a copy of the GNU General Public License
+   along with GNUnet; see the file COPYING.  If not, write to the
+   Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+   Boston, MA 02110-1301, USA.
+   */
+/**
+ * @author Martin Schanzenbach
+ * @file src/identity-provider/gnunet-service-identity-provider.c
+ * @brief Identity Token Service
+ *
+ */
 #include "platform.h"
 #include "gnunet_util_lib.h"
 #include <jansson.h>
@@ -19,25 +45,42 @@ run (void *cls,
     const char *cfgfile,
     const struct GNUNET_CONFIGURATION_Handle *c)
 {
-  char* payload;
+  char *payload;
-  char* header;
+  char *header;
  //Get token parts
-  char* header_b64 = strtok (token, ".");
+  const char *header_b64;
-  char* payload_b64 = strtok(NULL, ".");
+  const char *payload_b64;
-  char* signature_b32 = strtok(NULL, ".");
+  const char *signature_b32;
-  const char* keystring;
+  const char *keystring;
-  char* data;
+  char *data;
  json_t *payload_json;
  json_t *keystring_json;
  json_error_t error;
  struct GNUNET_CRYPTO_EcdsaPublicKey key;
  struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
  struct GNUNET_CRYPTO_EcdsaSignature sig;
-  
-  GNUNET_assert (NULL != header_b64);
+  if (NULL == token)
-  GNUNET_assert (NULL != payload_b64);
+  {
-  GNUNET_assert (NULL != signature_b32);
+    GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
-  
+                _("Option `-t' is required\n"));
+    return;
+  }
+  header_b64 = strtok (token, ".");
+  payload_b64 = strtok (NULL, ".");
+  signature_b32 = strtok (NULL, ".");
+  if ( (NULL != header_b64) ||
+       (NULL != payload_b64) ||
+       (NULL != signature_b32) )
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+                _("Token `%s' is malformed\n"),
+                token);
+    GNUNET_free (token);
+    token = NULL;
+    return;
+  }
  //Decode payload
  GNUNET_STRINGS_base64_decode (payload_b64,
                                strlen (payload_b64),
@@ -46,9 +89,7 @@ run (void *cls,
  GNUNET_STRINGS_base64_decode (header_b64,
                                strlen (header_b64),
                                &header);
-  if (NULL == token)
-    return;
-  
  GNUNET_asprintf(&data,
                  "%s,%s",
@@ -60,14 +101,14 @@ run (void *cls,
  purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN);
  GNUNET_memcpy (&purpose[1], data, strlen(data));
  GNUNET_free (data);
-  GNUNET_free (header_b64);
+  GNUNET_free (token);
-  GNUNET_free (header_b64);
+  token = NULL;
  if (print_token)
    printf ("Token:\nHeader:\t\t%s\nPayload:\t%s\n", header, payload);
  GNUNET_free (header);
  GNUNET_free (payload);
-  
  payload_json = json_loads (payload, 0, &error);
  if ((NULL == payload_json) || !json_is_object (payload_json))
  {
@@ -92,10 +133,10 @@ run (void *cls,
                                strlen (signature_b32),
                                &sig,
                                sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
-  
-  if (print_token) 
+  if (print_token)
    printf ("Signature:\t%s\n", keystring);
-  
  if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN,
                                              purpose,
                                              &sig,
@@ -106,6 +147,8 @@ run (void *cls,
  GNUNET_free (val);
  return;
 }
 int
 main(int argc, char *const argv[])
 {
@@ -123,5 +166,3 @@ main(int argc, char *const argv[])
                             "ct", options,
                             &run, NULL);
 }
author	Christian Grothoff <christian@grothoff.org>	2016-08-26 11:55:54 +0000
committer	Christian Grothoff <christian@grothoff.org>	2016-08-26 11:55:54 +0000
commit	871d289fbe7629caa39aeb7e9bb30d7d48864d62 (patch)
tree	59c39e574fc2a716e10301ff53cd0878c42ca13f /src/identity-provider
parent	6a80e00bda6d07527d0a6adf5812801a57bdf2f0 (diff)
download	gnunet-871d289fbe7629caa39aeb7e9bb30d7d48864d62.tar.gz gnunet-871d289fbe7629caa39aeb7e9bb30d7d48864d62.zip

diff --git a/src/identity-provider/gnunet-identity-token.c b/src/identity-provider/gnunet-identity-token.c index 3e7d5bd9b..1f480aae0 100644 --- a/src/identity-provider/gnunet-identity-token.c +++ b/src/identity-provider/gnunet-identity-token.c
@@ -1,3 +1,29 @@
		1	/*
		2	This file is part of GNUnet.
		3	Copyright (C) 2012-2015 GNUnet e.V.
		4
		5	GNUnet is free software; you can redistribute it and/or modify
		6	it under the terms of the GNU General Public License as published
		7	by the Free Software Foundation; either version 3, or (at your
		8	option) any later version.
		9
		10	GNUnet is distributed in the hope that it will be useful, but
		11	WITHOUT ANY WARRANTY; without even the implied warranty of
		12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
		13	General Public License for more details.
		14
		15	You should have received a copy of the GNU General Public License
		16	along with GNUnet; see the file COPYING. If not, write to the
		17	Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
		18	Boston, MA 02110-1301, USA.
		19	*/
		20	/**
		21	* @author Martin Schanzenbach
		22	* @file src/identity-provider/gnunet-service-identity-provider.c
		23	* @brief Identity Token Service
		24	*
		25	*/
		26
1	#include "platform.h"	27	#include "platform.h"
2	#include "gnunet_util_lib.h"	28	#include "gnunet_util_lib.h"
3	#include <jansson.h>	29	#include <jansson.h>
@@ -19,25 +45,42 @@ run (void *cls,
19	const char *cfgfile,	45	const char *cfgfile,
20	const struct GNUNET_CONFIGURATION_Handle *c)	46	const struct GNUNET_CONFIGURATION_Handle *c)
21	{	47	{
22	char* payload;	48	char *payload;
23	char* header;	49	char *header;
24	//Get token parts	50	//Get token parts
25	char* header_b64 = strtok (token, ".");	51	const char *header_b64;
26	char* payload_b64 = strtok(NULL, ".");	52	const char *payload_b64;
27	char* signature_b32 = strtok(NULL, ".");	53	const char *signature_b32;
28	const char* keystring;	54	const char *keystring;
29	char* data;	55	char *data;
30	json_t *payload_json;	56	json_t *payload_json;
31	json_t *keystring_json;	57	json_t *keystring_json;
32	json_error_t error;	58	json_error_t error;
33	struct GNUNET_CRYPTO_EcdsaPublicKey key;	59	struct GNUNET_CRYPTO_EcdsaPublicKey key;
34	struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;	60	struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
35	struct GNUNET_CRYPTO_EcdsaSignature sig;	61	struct GNUNET_CRYPTO_EcdsaSignature sig;
36		62
37	GNUNET_assert (NULL != header_b64);	63	if (NULL == token)
38	GNUNET_assert (NULL != payload_b64);	64	{
39	GNUNET_assert (NULL != signature_b32);	65	GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
40		66	_("Option `-t' is required\n"));
		67	return;
		68	}
		69	header_b64 = strtok (token, ".");
		70	payload_b64 = strtok (NULL, ".");
		71	signature_b32 = strtok (NULL, ".");
		72	if ( (NULL != header_b64) \|\|
		73	(NULL != payload_b64) \|\|
		74	(NULL != signature_b32) )
		75	{
		76	GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
		77	_("Token `%s' is malformed\n"),
		78	token);
		79	GNUNET_free (token);
		80	token = NULL;
		81	return;
		82	}
		83
41	//Decode payload	84	//Decode payload
42	GNUNET_STRINGS_base64_decode (payload_b64,	85	GNUNET_STRINGS_base64_decode (payload_b64,
43	strlen (payload_b64),	86	strlen (payload_b64),
@@ -46,9 +89,7 @@ run (void *cls,
46	GNUNET_STRINGS_base64_decode (header_b64,	89	GNUNET_STRINGS_base64_decode (header_b64,
47	strlen (header_b64),	90	strlen (header_b64),
48	&header);	91	&header);
49	if (NULL == token)	92
50	return;
51
52		93
53	GNUNET_asprintf(&data,	94	GNUNET_asprintf(&data,
54	"%s,%s",	95	"%s,%s",
@@ -60,14 +101,14 @@ run (void *cls,
60	purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN);	101	purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN);
61	GNUNET_memcpy (&purpose[1], data, strlen(data));	102	GNUNET_memcpy (&purpose[1], data, strlen(data));
62	GNUNET_free (data);	103	GNUNET_free (data);
63	GNUNET_free (header_b64);	104	GNUNET_free (token);
64	GNUNET_free (header_b64);	105	token = NULL;
65		106
66	if (print_token)	107	if (print_token)
67	printf ("Token:\nHeader:\t\t%s\nPayload:\t%s\n", header, payload);	108	printf ("Token:\nHeader:\t\t%s\nPayload:\t%s\n", header, payload);
68	GNUNET_free (header);	109	GNUNET_free (header);
69	GNUNET_free (payload);	110	GNUNET_free (payload);
70		111
71	payload_json = json_loads (payload, 0, &error);	112	payload_json = json_loads (payload, 0, &error);
72	if ((NULL == payload_json) \|\| !json_is_object (payload_json))	113	if ((NULL == payload_json) \|\| !json_is_object (payload_json))
73	{	114	{
@@ -92,10 +133,10 @@ run (void *cls,
92	strlen (signature_b32),	133	strlen (signature_b32),
93	&sig,	134	&sig,
94	sizeof (struct GNUNET_CRYPTO_EcdsaSignature));	135	sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
95		136
96	if (print_token)	137	if (print_token)
97	printf ("Signature:\t%s\n", keystring);	138	printf ("Signature:\t%s\n", keystring);
98		139
99	if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN,	140	if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN,
100	purpose,	141	purpose,
101	&sig,	142	&sig,
@@ -106,6 +147,8 @@ run (void *cls,
106	GNUNET_free (val);	147	GNUNET_free (val);
107	return;	148	return;
108	}	149	}
		150
		151
109	int	152	int
110	main(int argc, char *const argv[])	153	main(int argc, char *const argv[])
111	{	154	{
@@ -123,5 +166,3 @@ main(int argc, char *const argv[])
123	"ct", options,	166	"ct", options,
124	&run, NULL);	167	&run, NULL);
125	}	168	}
126
127