From c2cd7ec031ff925294b5c4c0c992fe9014846430 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Sat, 15 May 2021 20:26:44 +0200 Subject: -coverity: handle invalid key length --- src/revocation/gnunet-service-revocation.c | 10 +++++++++- src/revocation/plugin_block_revocation.c | 9 ++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index 6f70720ba..2d8111adb 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c @@ -943,9 +943,17 @@ run (void *cls, } struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; + ssize_t ksize; pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; + ksize = GNUNET_IDENTITY_key_get_length (pk); + if (0 > ksize) + { + GNUNET_break_op (0); + GNUNET_free (fn); + return; + } GNUNET_CRYPTO_hash (pk, - GNUNET_IDENTITY_key_get_length (pk), + ksize, &hc); GNUNET_break (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put (revocation_map, diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index 1928d09cd..da5882d59 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c @@ -190,6 +190,7 @@ block_plugin_revocation_get_key (void *cls, struct GNUNET_HashCode *key) { const struct RevokeMessage *rm = block; + ssize_t ksize; if (block_size <= sizeof(*rm)) { @@ -199,8 +200,14 @@ block_plugin_revocation_get_key (void *cls, struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; const struct GNUNET_IDENTITY_PublicKey *pk; pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; + ksize = GNUNET_IDENTITY_key_get_length (pk); + if (0 > ksize) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } GNUNET_CRYPTO_hash (pk, - GNUNET_IDENTITY_key_get_length (pk), + ksize, key); return GNUNET_OK; } -- cgit v1.2.3