Overview
Comment: | Fixed issue with double-free when PC/SC connection manager is unavailable
Fixed issues found from splint(1) output |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
c70fbcca604bcdd637194ea505741f93 |
User & Date: | rkeene on 2010-05-17 05:09:46 |
Other Links: | manifest | tags |
Context
2010-05-17
| ||
05:18 | Fixed issue with double-free not being reported if it is the last action recorded check-in: 8a6ff15b3c user: rkeene tags: trunk | |
05:09 |
Fixed issue with double-free when PC/SC connection manager is unavailable
Fixed issues found from splint(1) output check-in: c70fbcca60 user: rkeene tags: trunk | |
05:04 |
Updated to strip release library
Updated list of headers to check for check-in: b491412695 user: rkeene tags: trunk | |
Changes
Modified Makefile.in from [7e5757e77e] to [2f99a74303].
︙ | ︙ | |||
38 39 40 41 42 43 44 | libcackey_g.@SHOBJEXT@: cackey_g.o asn1-x509_g.o $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey_g.@SHOBJEXT@ cackey_g.o asn1-x509_g.o $(LIBS) test: test.c libcackey_g.@SHOBJEXT@ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o test test.c -Wl,-R,. libcackey_g.@SHOBJEXT@ splint-cackey.txt: cackey.c asn1-x509.c asn1-x509.h config.h | | | 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 | libcackey_g.@SHOBJEXT@: cackey_g.o asn1-x509_g.o $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey_g.@SHOBJEXT@ cackey_g.o asn1-x509_g.o $(LIBS) test: test.c libcackey_g.@SHOBJEXT@ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o test test.c -Wl,-R,. libcackey_g.@SHOBJEXT@ splint-cackey.txt: cackey.c asn1-x509.c asn1-x509.h config.h splint $(DEBUGCPPFLAGS) -DCACKEY_PARANOID=1 -weak +posixlib -I/usr/include/PCSC -Ipkcs11 cackey.c > splint-cackey.txt install: libcackey.@SHOBJEXT@ -mkdir "$(DESTDIR)$(libdir)" cp "libcackey.@SHOBJEXT@" "$(DESTDIR)$(libdir)/" -cp "libcackey_g.@SHOBJEXT@" "$(DESTDIR)$(libdir)/" clean: |
︙ | ︙ |
Modified cackey.c from [4cc11579bd] to [ddbf6476ef].
︙ | ︙ | |||
22 23 24 25 26 27 28 29 30 31 32 33 34 35 | #endif #ifdef HAVE_STRING_H # include <string.h> #endif #ifdef HAVE_PTHREAD_H # include <pthread.h> #endif #ifdef HAVE_ZLIB_H # ifdef HAVE_LIBZ # include <zlib.h> # endif #else # ifdef HAVE_LIBZ # undef HAVE_LIBZ | > > > | 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | #endif #ifdef HAVE_STRING_H # include <string.h> #endif #ifdef HAVE_PTHREAD_H # include <pthread.h> #endif #ifdef HAVE_LIMITS_H # include <limits.h> #endif #ifdef HAVE_ZLIB_H # ifdef HAVE_LIBZ # include <zlib.h> # endif #else # ifdef HAVE_LIBZ # undef HAVE_LIBZ |
︙ | ︙ | |||
693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 | CACKEY_DEBUG_PRINTF("SCardEstablishContext() called"); scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle); if (scard_est_context_ret != SCARD_S_SUCCESS) { CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); free(cackey_pcsc_handle); cackey_slots_disconnect_all(); return(CACKEY_PCSC_E_GENERIC); } } #ifdef HAVE_SCARDISVALIDCONTEXT CACKEY_DEBUG_PRINTF("SCardIsValidContext() called"); scard_isvalid_ret = SCardIsValidContext(*cackey_pcsc_handle); if (scard_isvalid_ret != SCARD_S_SUCCESS) { CACKEY_DEBUG_PRINTF("Handle has become invalid (SCardIsValidContext = %s/%li), trying to re-establish...", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_isvalid_ret), (long) scard_isvalid_ret); CACKEY_DEBUG_PRINTF("SCardEstablishContext() called"); scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle); if (scard_est_context_ret != SCARD_S_SUCCESS) { CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); free(cackey_pcsc_handle); cackey_slots_disconnect_all(); return(CACKEY_PCSC_E_GENERIC); } CACKEY_DEBUG_PRINTF("Handle has been re-established"); | > > | 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 | CACKEY_DEBUG_PRINTF("SCardEstablishContext() called"); scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle); if (scard_est_context_ret != SCARD_S_SUCCESS) { CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); free(cackey_pcsc_handle); cackey_pcsc_handle = NULL; cackey_slots_disconnect_all(); return(CACKEY_PCSC_E_GENERIC); } } #ifdef HAVE_SCARDISVALIDCONTEXT CACKEY_DEBUG_PRINTF("SCardIsValidContext() called"); scard_isvalid_ret = SCardIsValidContext(*cackey_pcsc_handle); if (scard_isvalid_ret != SCARD_S_SUCCESS) { CACKEY_DEBUG_PRINTF("Handle has become invalid (SCardIsValidContext = %s/%li), trying to re-establish...", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_isvalid_ret), (long) scard_isvalid_ret); CACKEY_DEBUG_PRINTF("SCardEstablishContext() called"); scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle); if (scard_est_context_ret != SCARD_S_SUCCESS) { CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); free(cackey_pcsc_handle); cackey_pcsc_handle = NULL; cackey_slots_disconnect_all(); return(CACKEY_PCSC_E_GENERIC); } CACKEY_DEBUG_PRINTF("Handle has been re-established"); |
︙ | ︙ | |||
754 755 756 757 758 759 760 | if (cackey_pcsc_handle == NULL) { return(CACKEY_PCSC_S_OK); } scard_rel_context_ret = SCardReleaseContext(*cackey_pcsc_handle); | > | > | > | 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 | if (cackey_pcsc_handle == NULL) { return(CACKEY_PCSC_S_OK); } scard_rel_context_ret = SCardReleaseContext(*cackey_pcsc_handle); if (cackey_pcsc_handle) { free(cackey_pcsc_handle); cackey_pcsc_handle = NULL; } if (scard_rel_context_ret != SCARD_S_SUCCESS) { return(CACKEY_PCSC_E_GENERIC); } return(CACKEY_PCSC_S_OK); } |
︙ | ︙ | |||
1269 1270 1271 1272 1273 1274 1275 | return(-1); } offset += count; if (count < max_count) { | | > > > > > > > > > > | 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 | return(-1); } offset += count; if (count < max_count) { CACKEY_DEBUG_PRINTF("Short read -- count = %i, cmd[1] = %i", (int) count, (int) cmd[1]); break; } } #ifdef CACKEY_PARANOID # ifdef _POSIX_SSIZE_MAX if (offset > _POSIX_SSIZE_MAX) { CACKEY_DEBUG_PRINTF("Offset exceeds maximum value, returning in failure. (max = %li, offset = %lu)", (long) _POSIX_SSIZE_MAX, (unsigned long) offset); return(-1); } # endif #endif CACKEY_DEBUG_PRINTF("Returning in success, read %lu bytes", (unsigned long) offset); return(offset); } /* |
︙ | ︙ | |||
1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 | cackey_end_transaction(slot); return(-1); } /* End transaction */ cackey_end_transaction(slot); CACKEY_DEBUG_PRINTF("Returning in success."); return(outbuflen); } /* | > > > > > > > > > > | 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 | cackey_end_transaction(slot); return(-1); } /* End transaction */ cackey_end_transaction(slot); #ifdef CACKEY_PARANOID # ifdef _POSIX_SSIZE_MAX if (outbuflen > _POSIX_SSIZE_MAX) { CACKEY_DEBUG_PRINTF("Outbuflen exceeds maximum value, returning in failure. (max = %li, outbuflen = %lu)", (long) _POSIX_SSIZE_MAX, (unsigned long) outbuflen); return(-1); } # endif #endif CACKEY_DEBUG_PRINTF("Returning in success."); return(outbuflen); } /* |
︙ | ︙ | |||
2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 | if (x509_read_ret <= 0) { x509_read_ret = x509_dn_to_string(label_asn1, x509_read_ret, (char *) label_buf, label_buf_len, NULL); if (x509_read_ret <= 0) { return(-1); } } return(x509_read_ret); } /* Returns 0 on success */ static int cackey_mutex_create(void **mutex) { pthread_mutex_t *pthread_mutex; | > > > > > > > > > > | 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 | if (x509_read_ret <= 0) { x509_read_ret = x509_dn_to_string(label_asn1, x509_read_ret, (char *) label_buf, label_buf_len, NULL); if (x509_read_ret <= 0) { return(-1); } } #ifdef CACKEY_PARANOID # ifdef _POSIX_SSIZE_MAX if (x509_read_ret > _POSIX_SSIZE_MAX) { CACKEY_DEBUG_PRINTF("x509_read_ret exceeds maximum value, returning in failure. (max = %li, x509_read_ret = %lu)", (long) _POSIX_SSIZE_MAX, (unsigned long) x509_read_ret); return(-1); } # endif #endif return(x509_read_ret); } /* Returns 0 on success */ static int cackey_mutex_create(void **mutex) { pthread_mutex_t *pthread_mutex; |
︙ | ︙ |