From 68a4d901347bfa159adfe67e00f149e09800ea22 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 19 Nov 2021 11:47:52 +0100 Subject: -misc bugfixes --- src/util/crypto_helper_esign.c | 6 +++++- src/util/crypto_helper_rsa.c | 18 ++++++++++++------ src/util/secmod_common.c | 6 ++++++ src/util/taler-exchange-secmod-rsa.c | 4 +++- 4 files changed, 26 insertions(+), 8 deletions(-) (limited to 'src/util') diff --git a/src/util/crypto_helper_esign.c b/src/util/crypto_helper_esign.c index 794a916a8..5c0d9449d 100644 --- a/src/util/crypto_helper_esign.c +++ b/src/util/crypto_helper_esign.c @@ -337,6 +337,8 @@ TALER_CRYPTO_helper_esign_sign_ ( struct TALER_ExchangePublicKeyP *exchange_pub, struct TALER_ExchangeSignatureP *exchange_sig) { + uint32_t purpose_size = ntohl (purpose->size); + if (GNUNET_OK != try_connect (esh)) { @@ -344,8 +346,9 @@ TALER_CRYPTO_helper_esign_sign_ ( "Failed to connect to helper\n"); return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE; } + GNUNET_assert (purpose_size < + UINT16_MAX - sizeof (struct TALER_CRYPTO_EddsaSignRequest)); { - uint32_t purpose_size = ntohl (purpose->size); char buf[sizeof (struct TALER_CRYPTO_EddsaSignRequest) + purpose_size - sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)]; struct TALER_CRYPTO_EddsaSignRequest *sr @@ -414,6 +417,7 @@ more: if (off < sizeof (struct GNUNET_MessageHeader)) continue; msize = ntohs (hdr->size); + GNUNET_assert (msize <= sizeof (buf)); if (off < msize) continue; switch (ntohs (hdr->type)) diff --git a/src/util/crypto_helper_rsa.c b/src/util/crypto_helper_rsa.c index a5a001a9c..088aae9f0 100644 --- a/src/util/crypto_helper_rsa.c +++ b/src/util/crypto_helper_rsa.c @@ -173,22 +173,28 @@ handle_mt_avail (struct TALER_CRYPTO_RsaDenominationHelper *dh, = (const struct TALER_CRYPTO_RsaKeyAvailableNotification *) hdr; const char *buf = (const char *) &kan[1]; const char *section_name; + uint16_t ps; + uint16_t snl; if (sizeof (*kan) > ntohs (hdr->size)) { GNUNET_break_op (0); return GNUNET_SYSERR; } - if (ntohs (hdr->size) != - sizeof (*kan) - + ntohs (kan->pub_size) - + ntohs (kan->section_name_len)) + ps = ntohs (kan->pub_size); + snl = ntohs (kan->section_name_len); + if (ntohs (hdr->size) != sizeof (*kan) + ps + snl) { GNUNET_break_op (0); return GNUNET_SYSERR; } - section_name = &buf[ntohs (kan->pub_size)]; - if ('\0' != section_name[ntohs (kan->section_name_len) - 1]) + if (0 == snl) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + section_name = &buf[ps]; + if ('\0' != section_name[snl - 1]) { GNUNET_break_op (0); return GNUNET_SYSERR; diff --git a/src/util/secmod_common.c b/src/util/secmod_common.c index 4a45dd58d..0bcf9ae5f 100644 --- a/src/util/secmod_common.c +++ b/src/util/secmod_common.c @@ -266,6 +266,12 @@ TES_read_work (void *cls, continue; hdr = (const struct GNUNET_MessageHeader *) buf; msize = ntohs (hdr->size); + if (msize < sizeof (struct GNUNET_MessageHeader)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + GNUNET_assert (msize <= sizeof (client->iobuf)); } while (off < msize); if (off > msize) diff --git a/src/util/taler-exchange-secmod-rsa.c b/src/util/taler-exchange-secmod-rsa.c index 1a87c4cc1..a2bbaf055 100644 --- a/src/util/taler-exchange-secmod-rsa.c +++ b/src/util/taler-exchange-secmod-rsa.c @@ -1116,6 +1116,7 @@ import_key (void *cls, GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "open", filename); + GNUNET_break (0 == close (fd)); return GNUNET_OK; } if (0 != fstat (fd, @@ -1131,6 +1132,7 @@ import_key (void *cls, GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "File `%s' is not a regular file, which is not allowed for private keys!\n", filename); + GNUNET_break (0 == close (fd)); return GNUNET_OK; } if (0 != (sbuf.st_mode & (S_IWUSR | S_IRWXG | S_IRWXO))) @@ -1286,7 +1288,7 @@ load_denominations (void *cls, { struct LoadContext *ctx = cls; struct Denomination *denom; - bool wake; + bool wake = true; if ( (0 != strncasecmp (denomination_alias, "coin_", -- cgit v1.2.3