-misc bugfixes

4 files changed, 26 insertions, 8 deletions

diff --git a/src/util/crypto_helper_esign.c b/src/util/crypto_helper_esign.c
index 794a916a8..5c0d9449d 100644
--- a/src/util/crypto_helper_esign.c
+++ b/src/util/crypto_helper_esign.c
@@ -337,6 +337,8 @@ TALER_CRYPTO_helper_esign_sign_ (
   struct TALER_ExchangePublicKeyP *exchange_pub,
   struct TALER_ExchangeSignatureP *exchange_sig)
 {
+  uint32_t purpose_size = ntohl (purpose->size);
+
   if (GNUNET_OK !=
       try_connect (esh))
   {
@@ -344,8 +346,9 @@ TALER_CRYPTO_helper_esign_sign_ (
                 "Failed to connect to helper\n");
     return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
   }
+  GNUNET_assert (purpose_size <
+                 UINT16_MAX - sizeof (struct TALER_CRYPTO_EddsaSignRequest));
   {
-    uint32_t purpose_size = ntohl (purpose->size);
     char buf[sizeof (struct TALER_CRYPTO_EddsaSignRequest) + purpose_size
              - sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)];
     struct TALER_CRYPTO_EddsaSignRequest *sr
@@ -414,6 +417,7 @@ more:
       if (off < sizeof (struct GNUNET_MessageHeader))
         continue;
       msize = ntohs (hdr->size);
+      GNUNET_assert (msize <= sizeof (buf));
       if (off < msize)
         continue;
       switch (ntohs (hdr->type))
diff --git a/src/util/crypto_helper_rsa.c b/src/util/crypto_helper_rsa.c
index a5a001a9c..088aae9f0 100644
--- a/src/util/crypto_helper_rsa.c
+++ b/src/util/crypto_helper_rsa.c
@@ -173,22 +173,28 @@ handle_mt_avail (struct TALER_CRYPTO_RsaDenominationHelper *dh,
     = (const struct TALER_CRYPTO_RsaKeyAvailableNotification *) hdr;
   const char *buf = (const char *) &kan[1];
   const char *section_name;
+  uint16_t ps;
+  uint16_t snl;
 
   if (sizeof (*kan) > ntohs (hdr->size))
   {
     GNUNET_break_op (0);
     return GNUNET_SYSERR;
   }
-  if (ntohs (hdr->size) !=
-      sizeof (*kan)
-      + ntohs (kan->pub_size)
-      + ntohs (kan->section_name_len))
+  ps = ntohs (kan->pub_size);
+  snl = ntohs (kan->section_name_len);
+  if (ntohs (hdr->size) != sizeof (*kan) + ps + snl)
   {
     GNUNET_break_op (0);
     return GNUNET_SYSERR;
   }
-  section_name = &buf[ntohs (kan->pub_size)];
-  if ('\0' != section_name[ntohs (kan->section_name_len) - 1])
+  if (0 == snl)
+  {
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+  section_name = &buf[ps];
+  if ('\0' != section_name[snl - 1])
   {
     GNUNET_break_op (0);
     return GNUNET_SYSERR;
diff --git a/src/util/secmod_common.c b/src/util/secmod_common.c
index 4a45dd58d..0bcf9ae5f 100644
--- a/src/util/secmod_common.c
+++ b/src/util/secmod_common.c
@@ -266,6 +266,12 @@ TES_read_work (void *cls,
       continue;
     hdr = (const struct GNUNET_MessageHeader *) buf;
     msize = ntohs (hdr->size);
+    if (msize < sizeof (struct GNUNET_MessageHeader))
+    {
+      GNUNET_break_op (0);
+      return GNUNET_SYSERR;
+    }
+    GNUNET_assert (msize <= sizeof (client->iobuf));
   } while (off < msize);
 
   if (off > msize)
diff --git a/src/util/taler-exchange-secmod-rsa.c b/src/util/taler-exchange-secmod-rsa.c
index 1a87c4cc1..a2bbaf055 100644
--- a/src/util/taler-exchange-secmod-rsa.c
+++ b/src/util/taler-exchange-secmod-rsa.c
@@ -1116,6 +1116,7 @@ import_key (void *cls,
     GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
                               "open",
                               filename);
+    GNUNET_break (0 == close (fd));
     return GNUNET_OK;
   }
   if (0 != fstat (fd,
@@ -1131,6 +1132,7 @@ import_key (void *cls,
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "File `%s' is not a regular file, which is not allowed for private keys!\n",
                 filename);
+    GNUNET_break (0 == close (fd));
     return GNUNET_OK;
   }
   if (0 != (sbuf.st_mode & (S_IWUSR | S_IRWXG | S_IRWXO)))
@@ -1286,7 +1288,7 @@ load_denominations (void *cls,
 {
   struct LoadContext *ctx = cls;
   struct Denomination *denom;
-  bool wake;
+  bool wake = true;
 
   if ( (0 != strncasecmp (denomination_alias,
                           "coin_",