From 9a7ccf48fa8dc00ec31191fb4e7e6ebd28d9570a Mon Sep 17 00:00:00 2001 From: Trevor Bentley Date: Wed, 27 Sep 2017 11:28:39 +0200 Subject: [PATCH] Fix all clang scan-build warnings --- lib/internal.c | 6 ++++-- tool/util.c | 4 +++- ykcs11/openssl_utils.c | 2 +- ykcs11/utils.c | 2 -- ykcs11/ykcs11.c | 6 ++++++ ykcs11/yubico_slot.c | 6 +++--- ykcs11/yubico_token.c | 2 +- 7 files changed, 18 insertions(+), 10 deletions(-) diff --git a/lib/internal.c b/lib/internal.c index 30e5601..969adce 100644 --- a/lib/internal.c +++ b/lib/internal.c @@ -222,8 +222,10 @@ EXIT: return rc; ERROR_EXIT: - des_destroy_key(*key); - *key = NULL; + if (key) { + des_destroy_key(*key); + *key = NULL; + } goto EXIT; diff --git a/tool/util.c b/tool/util.c index eee4b7e..d3f88cd 100644 --- a/tool/util.c +++ b/tool/util.c @@ -543,7 +543,9 @@ int SSH_write_X509(FILE *fp, X509 *x) { rsa = EVP_PKEY_get1_RSA(pkey); - set_component(n, rsa->n, RSA_size(rsa)); + if (!set_component(n, rsa->n, RSA_size(rsa))) { + break; + } uint32_t bytes = BN_num_bytes(rsa->n); char len_buf[5]; diff --git a/ykcs11/openssl_utils.c b/ykcs11/openssl_utils.c index 4ceb704..a53ff6f 100644 --- a/ykcs11/openssl_utils.c +++ b/ykcs11/openssl_utils.c @@ -173,7 +173,7 @@ CK_RV do_create_empty_cert(CK_BYTE_PTR in, CK_ULONG in_len, CK_BBOOL is_rsa, // Manually set a signature (same reason as before) ASN1_BIT_STRING_set_bit(cert->signature, 8, 1); - ASN1_BIT_STRING_set(cert->signature, "\x00", 1); + ASN1_BIT_STRING_set(cert->signature, (unsigned char*)"\x00", 1); len = i2d_X509(cert, NULL); if (len < 0) diff --git a/ykcs11/utils.c b/ykcs11/utils.c index f66d995..fd9867a 100644 --- a/ykcs11/utils.c +++ b/ykcs11/utils.c @@ -258,8 +258,6 @@ void strip_DER_encoding_from_ECSIG(CK_BYTE_PTR data, CK_ULONG_PTR len) { data_ptr++; memcpy(buf_ptr, data_ptr, elem_len); - data_ptr += elem_len; - buf_ptr += elem_len; *len = sig_halflen * 2; memcpy(data, buf, *len); diff --git a/ykcs11/ykcs11.c b/ykcs11/ykcs11.c index 8374ec6..f0ec934 100644 --- a/ykcs11/ykcs11.c +++ b/ykcs11/ykcs11.c @@ -215,6 +215,11 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList)( return CKR_OK; } + if (!pulCount) { + DOUT; + return CKR_ARGUMENTS_BAD; + } + if ((tokenPresent && *pulCount < n_slots_with_token) || (!tokenPresent && *pulCount < n_slots)) { DBG("Buffer too small: needed %lu, provided %lu", n_slots, *pulCount); return CKR_BUFFER_TOO_SMALL; @@ -1214,6 +1219,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_DestroyObject)( rv = delete_cert(cert_id); if (rv != CKR_OK) { + free(obj_ptr); DBG("Unable to delete certificate data"); return CKR_FUNCTION_FAILED; } diff --git a/ykcs11/yubico_slot.c b/ykcs11/yubico_slot.c index 9db257a..f53787a 100644 --- a/ykcs11/yubico_slot.c +++ b/ykcs11/yubico_slot.c @@ -32,16 +32,16 @@ #include "pkcs11.h" #include -static const CK_UTF8CHAR_PTR slot_manufacturer = "Yubico"; +static const CK_UTF8CHAR_PTR slot_manufacturer = (const CK_UTF8CHAR_PTR)"Yubico"; static const CK_FLAGS slot_flags = CKF_TOKEN_PRESENT | CKF_HW_SLOT; static const CK_VERSION slot_version = {1, 0}; CK_RV YUBICO_get_slot_manufacturer(CK_UTF8CHAR_PTR str, CK_ULONG len) { - if (strlen(slot_manufacturer) > len) + if (strlen((const char*)slot_manufacturer) > len) return CKR_BUFFER_TOO_SMALL; - memcpy(str, slot_manufacturer, strlen(slot_manufacturer)); + memcpy(str, slot_manufacturer, strlen((const char*)slot_manufacturer)); return CKR_OK; } diff --git a/ykcs11/yubico_token.c b/ykcs11/yubico_token.c index e30e789..30d583d 100644 --- a/ykcs11/yubico_token.c +++ b/ykcs11/yubico_token.c @@ -372,7 +372,7 @@ CK_RV YUBICO_token_change_pin(ykpiv_state *state, CK_USER_TYPE user_type, CK_UTF DBG("TODO implement other users pin change"); return CKR_FUNCTION_FAILED; } - res = ykpiv_change_pin(state, pOldPin, ulOldLen, pNewPin, ulNewLen, &tries); + res = ykpiv_change_pin(state, (const char*)pOldPin, ulOldLen, (const char*)pNewPin, ulNewLen, &tries); switch (res) { case YKPIV_OK: return CKR_OK;