From 6d40171315d344d8a62d611df200d43f1fefc238 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Sat, 15 May 2021 20:20:48 +0200 Subject: -coverity: handle invalid key length --- src/gns/gnunet-service-gns_resolver.c | 12 ++++++------ src/reclaim/plugin_rest_pabc.c | 1 + src/revocation/gnunet-revocation.c | 8 +++++++- src/revocation/revocation_api.c | 5 ++++- 4 files changed, 18 insertions(+), 8 deletions(-) diff --git a/src/gns/gnunet-service-gns_resolver.c b/src/gns/gnunet-service-gns_resolver.c index 784a6ee6d..958bf2e94 100644 --- a/src/gns/gnunet-service-gns_resolver.c +++ b/src/gns/gnunet-service-gns_resolver.c @@ -1764,8 +1764,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh, /** * Records other than GNS2DNS not allowed */ - if (NULL != ns) - GNUNET_free (ns); + GNUNET_free (ns); + GNUNET_free (ac); return GNUNET_SYSERR; } off = 0; @@ -1777,10 +1777,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh, (NULL == ip)) { GNUNET_break_op (0); - if (NULL != n) - GNUNET_free (n); - if (NULL != ip) - GNUNET_free (ip); + GNUNET_free (n); + GNUNET_free (ip); continue; } @@ -1789,6 +1787,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh, if (off != rd[i].data_size) { GNUNET_break_op (0); + GNUNET_free (n); + GNUNET_free (ip); continue; } /* resolve 'ip' to determine the IP(s) of the DNS diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c index a0551f215..4b7d21df3 100644 --- a/src/reclaim/plugin_rest_pabc.c +++ b/src/reclaim/plugin_rest_pabc.c @@ -282,6 +282,7 @@ set_attributes_from_idtoken (const struct pabc_context *ctx, "Failed to set attribute `%s'.\n", key); } } + GNUNET_free (jwt_string); return PABC_OK; } diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index 99fecdd35..a7f96385c 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c @@ -343,7 +343,13 @@ ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) GNUNET_DISK_fn_read (filename, proof_of_work, GNUNET_REVOCATION_MAX_PROOF_SIZE)))) { - size_t ksize = GNUNET_IDENTITY_key_get_length (&key); + ssize_t ksize = GNUNET_IDENTITY_key_get_length (&key); + if (0 > ksize) + { + fprintf (stderr, + _ ("Error: Key is invalid\n")); + return; + } if (((psize - sizeof (*proof_of_work)) < ksize) || // Key too small (0 != memcmp (&proof_of_work[1], &key, ksize))) // Keys do not match { diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index e2f871c23..f2b95bafa 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -707,6 +707,7 @@ GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc) unsigned int zeros; int ret; uint64_t pow_nbo; + ssize_t ksize; pc->current_pow++; pk = (const struct GNUNET_IDENTITY_PublicKey *) &(pc->pow[1]); @@ -722,9 +723,11 @@ GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc) GNUNET_memcpy (&buf[sizeof(uint64_t)], &pc->pow->timestamp, sizeof (uint64_t)); + ksize = GNUNET_IDENTITY_key_get_length (pk); + GNUNET_assert (0 < ksize); GNUNET_memcpy (&buf[sizeof(uint64_t) * 2], pk, - GNUNET_IDENTITY_key_get_length (pk)); + ksize); GNUNET_CRYPTO_pow_hash (&salt, buf, sizeof(buf), -- cgit v1.2.3