From 7ad94d1427d304483e9bf1cf1d12065f8e41d712 Mon Sep 17 00:00:00 2001
From: "Schanzenbach, Martin" <martin.schanzenbach@aisec.fraunhofer.de>
Date: Mon, 8 Jan 2018 07:58:33 +0100
Subject: bugfixes

---
 src/credential/credential_misc.c             |  1 +
 src/credential/credential_serialization.c    |  1 -
 src/credential/gnunet-credential.c           |  7 +++++++
 src/credential/gnunet-service-credential.c   | 14 ++++++++++----
 src/credential/plugin_gnsrecord_credential.c | 10 ++++++++++
 src/credential/plugin_rest_credential.c      | 16 +++++++++++-----
 6 files changed, 39 insertions(+), 10 deletions(-)

(limited to 'src/credential')

diff --git a/src/credential/credential_misc.c b/src/credential/credential_misc.c
index c94c33919..2575f1de8 100644
--- a/src/credential/credential_misc.c
+++ b/src/credential/credential_misc.c
@@ -149,6 +149,7 @@ GNUNET_CREDENTIAL_credential_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
   {
     GNUNET_break (0);
     GNUNET_free (crd);
+    GNUNET_free (cred);
     return NULL;
   }
   cred->signature = crd->signature;
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
index 1d23bb08c..2bbf3bfb8 100644
--- a/src/credential/credential_serialization.c
+++ b/src/credential/credential_serialization.c
@@ -279,7 +279,6 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
     ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len;
   }
   return ret+GNUNET_CREDENTIAL_credentials_get_size(c_count, cd);
-  return ret;
 }
 
 /**
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 03f959b95..b5bcc4d43 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -371,12 +371,14 @@ run (void *cls,
       fprintf (stderr,
                _("Failed to connect to CREDENTIAL\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     if (NULL == issuer_attr)
     {
       fprintf (stderr,
                _("You must provide issuer the attribute\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
 
     if (NULL == ego_name)
@@ -432,6 +434,7 @@ run (void *cls,
                _("Issuer public key `%s' is not well-formed\n"),
                issuer_key);
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     credential = GNUNET_CREDENTIAL_connect (cfg);
 
@@ -440,12 +443,14 @@ run (void *cls,
       fprintf (stderr,
                _("Failed to connect to CREDENTIAL\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     if (NULL == issuer_attr || NULL == subject_credential)
     {
       fprintf (stderr,
                _("You must provide issuer and subject attributes\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
 
     //Subject credentials are comma separated
@@ -457,6 +462,7 @@ run (void *cls,
                "Invalid subject credentials\n");
       GNUNET_free (tmp);
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     int count = 1;
     int i;
@@ -490,6 +496,7 @@ run (void *cls,
     {
       GNUNET_free ((char*)credentials[i].issuer_attribute);
     }
+    GNUNET_free (tmp);
   } else if (GNUNET_YES == create_cred) {
     if (NULL == ego_name)
     {
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index be88839e9..a2c339363 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -722,6 +722,12 @@ backward_resolution (void* cls,
       strcpy (issuer_attribute_name,
               ds_entry->unresolved_attribute_delegation);
       char *next_attr = strtok (issuer_attribute_name, ".");
+      if (NULL == next_attr)
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                    "Failed to parse next attribute\n");
+        continue;
+      }
       GNUNET_asprintf (&lookup_attribute,
                        "%s.gnu",
                        next_attr);
@@ -806,7 +812,7 @@ delegation_chain_resolution_start (void* cls)
    * Check for attributes from the issuer and follow the chain 
    * till you get the required subject's attributes
    */
-  char issuer_attribute_name[strlen (vrh->issuer_attribute)];
+  char issuer_attribute_name[strlen (vrh->issuer_attribute) + strlen (".gnu") + 1];
   strcpy (issuer_attribute_name,
           vrh->issuer_attribute);
   strcpy (issuer_attribute_name + strlen (vrh->issuer_attribute),
@@ -889,7 +895,7 @@ handle_verify (void *cls,
   vrh->issuer_key = v_msg->issuer_key;
   vrh->subject_key = v_msg->subject_key;
   vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
-  if (NULL == issuer_attribute)
+  if (0 == strlen (issuer_attribute))
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 
                 "No issuer attribute provided!\n");
@@ -1033,7 +1039,7 @@ handle_collect (void *cls,
                                       &vrh->subject_key);
   vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
 
-  if (NULL == issuer_attribute)
+  if (0 == strlen (issuer_attribute))
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 
                 "No issuer attribute provided!\n");
@@ -1076,7 +1082,7 @@ check_collect (void *cls,
   }
   attr = (const char *) &c_msg[1];
 
-  if ( ('\0' != attr[ntohs(c_msg->header.size) - sizeof (struct CollectMessage) - 1]) ||
+  if ( ('\0' != attr[msg_size - sizeof (struct CollectMessage) - 1]) ||
        (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH) )
   {
     GNUNET_break (0);
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index 342790b7a..ffb2857dc 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -199,6 +199,13 @@ credential_string_to_value (void *cls,
         GNUNET_free (tmp_str);
         tmp_str = GNUNET_strdup (s);
         token = strtok (tmp_str, ",");
+        if (NULL == token)
+        {
+          GNUNET_free (tmp_str);
+          GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                      "Malformed string %s\n", s);
+          return GNUNET_SYSERR;
+        }
         struct GNUNET_CREDENTIAL_DelegationSet set[entries];
         for (i=0;i<entries;i++)
         {
@@ -219,7 +226,10 @@ credential_string_to_value (void *cls,
                                                                    set);
         
         if (-1 == tmp_data_size)
+        {
+          GNUNET_free (tmp_str);
           return GNUNET_SYSERR;
+        }
         *data_size += tmp_data_size;
         *data = sets = GNUNET_malloc (*data_size);
         GNUNET_CREDENTIAL_delegation_set_serialize (entries,
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
index 480658822..2e43139de 100644
--- a/src/credential/plugin_rest_credential.c
+++ b/src/credential/plugin_rest_credential.c
@@ -617,7 +617,6 @@ collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Missing subject\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
@@ -627,7 +626,6 @@ collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Malformed subject\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle); 
     return;
   }
@@ -728,7 +726,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Missing subject key\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
@@ -738,7 +735,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Malformed subject\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle); 
     return;
   }
@@ -748,7 +744,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
                                                   &handle->subject_key)) {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Malformed subject key\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
@@ -858,6 +853,7 @@ send_cred_response (struct RequestHandle *handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Subject malformed\n");
+    GNUNET_free (issuer);
     return;
   }
   GNUNET_asprintf (&id,
@@ -869,6 +865,8 @@ send_cred_response (struct RequestHandle *handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Subject malformed\n");
+    GNUNET_free (id);
+    GNUNET_free (issuer);
     return;
   }
   GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
@@ -953,6 +951,14 @@ get_cred_issuer_cb (void *cls,
   }
   expiration_str = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
                                                       &key);
+  if ( NULL == expiration_str )
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Expiration malformed\n");
+    GNUNET_SCHEDULER_add_now (&do_error, handle); 
+    return;
+  }
+
   if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration_str,
                                                           &etime_rel))
   {
-- 
cgit v1.2.3