summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
8e0907b)
A mixture of fixes: some variables set but never used (fix by either
removing or correctly checking error codes), some unlikely but possible
memory leaks, some invalid casting.
13 files changed:
} else if (packetlen == 255) {
packetlen = data[offset++];
packetlen <<= 8;
} else if (packetlen == 255) {
packetlen = data[offset++];
packetlen <<= 8;
- packetlen = data[offset++];
+ packetlen |= data[offset++];
- packetlen = data[offset++];
+ packetlen |= data[offset++];
- packetlen = data[offset++];
+ packetlen |= data[offset++];
}
switch (data[offset] & 0x7F) {
case OPENPGP_SIGSUB_CREATION:
}
switch (data[offset] & 0x7F) {
case OPENPGP_SIGSUB_CREATION:
for(i=0; cgiinput[i]; i++) if (cgiinput[i]=='+') cgiinput[i] = ' ';
/* First, split on "&" to extract the name-value pairs into pairlist */
for(i=0; cgiinput[i]; i++) if (cgiinput[i]=='+') cgiinput[i] = ' ';
/* First, split on "&" to extract the name-value pairs into pairlist */
- pairlist=(char **) malloc(256*sizeof(char **));
+ pairlist= malloc(256*sizeof(char *));
paircount=0;
nvpair=strtok(cgiinput, "&");
while (nvpair) {
pairlist[paircount++]= strdup(nvpair) ;
if (!(paircount%256)) {
paircount=0;
nvpair=strtok(cgiinput, "&");
while (nvpair) {
pairlist[paircount++]= strdup(nvpair) ;
if (!(paircount%256)) {
- pairlist=(char **) realloc(pairlist,
- (paircount+256)*sizeof(char **));
+ pairlist= realloc(pairlist,
+ (paircount+256)*sizeof(char *));
}
nvpair=strtok(NULL, "&") ;
}
}
nvpair=strtok(NULL, "&") ;
}
/* Then, from the list of pairs, extract the names and values */
/* Then, from the list of pairs, extract the names and values */
- cgivars=(char **) malloc((paircount*2+1)*sizeof(char **));
+ cgivars= malloc((paircount*2+1)*sizeof(char *));
for (i=0; i<paircount; i++) {
if ((eqpos=strchr(pairlist[i], '='))!=NULL) {
for (i=0; i<paircount; i++) {
if ((eqpos=strchr(pairlist[i], '='))!=NULL) {
freopen("/dev/null", "r", stdin);
freopen("/dev/null", "w", stdout);
freopen("/dev/null", "r", stdin);
freopen("/dev/null", "w", stdout);
if (ret != -1) {
ret = listen(fd, 5);
if (ret != -1) {
ret = listen(fd, 5);
+ if (ret == -1) {
+ close(fd);
+ fd = -1;
+ }
while ((optchar = getopt(argc, argv, "c:fh")) != -1 ) {
switch (optchar) {
case 'c':
while ((optchar = getopt(argc, argv, "c:fh")) != -1 ) {
switch (optchar) {
case 'c':
+ if (configfile != NULL) {
+ free(configfile);
+ }
configfile = strdup(optarg);
break;
case 'f':
configfile = strdup(optarg);
break;
case 'f':
newkeys++;
}
dbctx->endtrans(dbctx);
newkeys++;
}
dbctx->endtrans(dbctx);
}
if (sendsync && keys != NULL) {
}
if (sendsync && keys != NULL) {
logthing(LOGTHING_NOTICE, "Upgrading DB4 database");
ret = db_env_create(&privctx->dbenv, 0);
logthing(LOGTHING_NOTICE, "Upgrading DB4 database");
ret = db_env_create(&privctx->dbenv, 0);
- privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
- privctx->dbenv->remove(privctx->dbenv, config.db_dir, 0);
- privctx->dbenv = NULL;
+ if (ret == 0) {
+ privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
+ privctx->dbenv->remove(privctx->dbenv, config.db_dir, 0);
+ privctx->dbenv = NULL;
+ }
for (i = 0; i < privctx->numdbs; i++) {
ret = db_create(&curdb, NULL, 0);
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/keydb.%d.db",
config.db_dir, i);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
for (i = 0; i < privctx->numdbs; i++) {
ret = db_create(&curdb, NULL, 0);
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/keydb.%d.db",
config.db_dir, i);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
- ret = curdb->upgrade(curdb, buf, 0);
+ curdb->upgrade(curdb, buf, 0);
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/worddb", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/worddb", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
- ret = curdb->upgrade(curdb, buf, 0);
+ curdb->upgrade(curdb, buf, 0);
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/id32db", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/id32db", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
- ret = curdb->upgrade(curdb, buf, 0);
+ curdb->upgrade(curdb, buf, 0);
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/skshashdb", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/skshashdb", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
- ret = curdb->upgrade(curdb, buf, 0);
+ curdb->upgrade(curdb, buf, 0);
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/subkeydb", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
if (ret == 0) {
snprintf(buf, sizeof(buf) - 1, "%s/subkeydb", config.db_dir);
logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
- ret = curdb->upgrade(curdb, buf, 0);
+ curdb->upgrade(curdb, buf, 0);
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
curdb->close(curdb, 0);
} else {
logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
+ if (ret != 0) {
+ return 0;
+ }
+
shortkeyid = keyid & 0xFFFFFFFF;
memset(&key, 0, sizeof(key));
shortkeyid = keyid & 0xFFFFFFFF;
memset(&key, 0, sizeof(key));
- ret = cursor->c_close(cursor);
+ cursor->c_close(cursor);
+ if (ret != 0) {
+ db4_endtrans(dbctx);
+ break;
+ }
+
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
key.data = curword->object;
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
key.data = curword->object;
free(data.data);
data.data = NULL;
}
free(data.data);
data.data = NULL;
}
- ret = cursor->c_close(cursor);
+ cursor->c_close(cursor);
cursor = NULL;
firstpass = 0;
db4_endtrans(dbctx);
cursor = NULL;
firstpass = 0;
db4_endtrans(dbctx);
+ if (ret != 0) {
+ return 0;
+ }
+
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
key.data = (void *) hash->hash;
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
key.data = (void *) hash->hash;
- ret = cursor->c_close(cursor);
+ cursor->c_close(cursor);
cursor = NULL;
return db4_fetch_key_id(dbctx, keyid, publickey, false);
cursor = NULL;
return db4_fetch_key_id(dbctx, keyid, publickey, false);
wordlist = makewordlist(wordlist, uids[i]);
}
wordlist = makewordlist(wordlist, uids[i]);
}
- ret = privctx->worddb->cursor(privctx->worddb,
+ privctx->worddb->cursor(privctx->worddb,
privctx->txn,
&cursor,
0); /* flags */
privctx->txn,
&cursor,
0); /* flags */
- ret = cursor->c_close(cursor);
+ cursor->c_close(cursor);
cursor = NULL;
ret = privctx->skshashdb->cursor(privctx->skshashdb,
privctx->txn,
&cursor,
0); /* flags */
cursor = NULL;
ret = privctx->skshashdb->cursor(privctx->skshashdb,
privctx->txn,
&cursor,
0); /* flags */
- get_skshash(publickey, &hash);
+ if (ret == 0) {
+ get_skshash(publickey, &hash);
- memset(&key, 0, sizeof(key));
- memset(&data, 0, sizeof(data));
- key.data = hash.hash;
- key.size = sizeof(hash.hash);
- data.data = &keyid;
- data.size = sizeof(keyid);
+ memset(&key, 0, sizeof(key));
+ memset(&data, 0, sizeof(data));
+ key.data = hash.hash;
+ key.size = sizeof(hash.hash);
+ data.data = &keyid;
+ data.size = sizeof(keyid);
- ret = cursor->c_get(cursor,
- &key,
- &data,
- DB_GET_BOTH);
+ ret = cursor->c_get(cursor,
+ &key,
+ &data,
+ DB_GET_BOTH);
- if (ret == 0) {
- ret = cursor->c_del(cursor, 0);
- }
+ if (ret == 0) {
+ ret = cursor->c_del(cursor, 0);
+ }
- if (ret != 0) {
- logthing(LOGTHING_ERROR,
- "Problem deleting skshash: %s "
- "(0x%016" PRIX64 ")",
- db_strerror(ret),
- keyid);
- if (ret == DB_LOCK_DEADLOCK) {
- deadlock = true;
+ if (ret != 0) {
+ logthing(LOGTHING_ERROR,
+ "Problem deleting skshash: %s "
+ "(0x%016" PRIX64 ")",
+ db_strerror(ret),
+ keyid);
+ if (ret == DB_LOCK_DEADLOCK) {
+ deadlock = true;
+ }
- ret = cursor->c_close(cursor);
- cursor = NULL;
+ cursor->c_close(cursor);
+ cursor = NULL;
+ }
/*
* Free our UID and word lists.
/*
* Free our UID and word lists.
- ret = privctx->id32db->cursor(privctx->id32db,
+ privctx->id32db->cursor(privctx->id32db,
privctx->txn,
&cursor,
0); /* flags */
privctx->txn,
&cursor,
0); /* flags */
free(subkeyids);
subkeyids = NULL;
}
free(subkeyids);
subkeyids = NULL;
}
- ret = cursor->c_close(cursor);
+ cursor->c_close(cursor);
+ if (ret != 0) {
+ continue;
+ }
+
memset(&dbkey, 0, sizeof(dbkey));
memset(&data, 0, sizeof(data));
ret = cursor->c_get(cursor, &dbkey, &data, DB_NEXT);
memset(&dbkey, 0, sizeof(dbkey));
memset(&data, 0, sizeof(data));
ret = cursor->c_get(cursor, &dbkey, &data, DB_NEXT);
- ret = cursor->c_close(cursor);
+ cursor->c_close(cursor);
"Error opening db environment: %s (%s)",
config.db_dir,
db_strerror(ret));
"Error opening db environment: %s (%s)",
config.db_dir,
db_strerror(ret));
- privctx->dbenv->close(privctx->dbenv, 0);
- privctx->dbenv = NULL;
+ if (privctx->dbenv != NULL) {
+ privctx->dbenv->close(privctx->dbenv, 0);
+ privctx->dbenv = NULL;
+ }
d = opendir(buffer);
logthing(LOGTHING_DEBUG, "Scanning for word %s in dir %s", word,
buffer);
d = opendir(buffer);
logthing(LOGTHING_DEBUG, "Scanning for word %s in dir %s", word,
buffer);
do {
de = readdir(d);
if (de && de->d_name[0] != '.') {
do {
de = readdir(d);
if (de && de->d_name[0] != '.') {
privctx->lockfile_fd = open(buffer, O_RDWR | O_CREAT, 0600);
}
chdir(config.db_dir);
privctx->lockfile_fd = open(buffer, O_RDWR | O_CREAT, 0600);
}
chdir(config.db_dir);
- if (privctx->lockfile_fd == -1)
- privctx->lockfile_fd = open(buffer,
- (privctx->lockfile_readonly) ?
- O_RDONLY : O_RDWR);
+ privctx->lockfile_fd = open(buffer,
+ (privctx->lockfile_readonly) ?
+ O_RDONLY : O_RDWR);
if (privctx->lockfile_fd == -1)
privctx->lockfile_fd = open(buffer, O_RDWR | O_CREAT, 0600);
if (privctx->lockfile_fd == -1) {
if (privctx->lockfile_fd == -1)
privctx->lockfile_fd = open(buffer, O_RDWR | O_CREAT, 0600);
if (privctx->lockfile_fd == -1) {
&port);
if (matched < 2) {
proto[0] = 0;
&port);
if (matched < 2) {
proto[0] = 0;
- matched = sscanf(url, "%256[a-zA-Z0-9.]:%u", host, &port);
+ sscanf(url, "%256[a-zA-Z0-9.]:%u", host, &port);
logthing(LOGTHING_NOTICE, "Error closing down socket: %d",
errno);
}
logthing(LOGTHING_NOTICE, "Error closing down socket: %d",
errno);
}
}
count = read(keyd_fd, &reply, sizeof(reply));
}
count = read(keyd_fd, &reply, sizeof(reply));
+ if (count != sizeof(reply)) {
+ logthing(LOGTHING_CRITICAL,
+ "Error! Unexpected keyd version "
+ "length: %d != %d",
+ count, sizeof(reply));
+ exit(EXIT_FAILURE);
+ }
logthing(LOGTHING_DEBUG,
"keyd protocol version %d",
reply);
logthing(LOGTHING_DEBUG,
"keyd protocol version %d",
reply);
uint32_t reply;
struct keyd_stats stats;
uint32_t reply;
struct keyd_stats stats;
- keyd_do_command(KEYD_CMD_VERSION, &reply, sizeof(reply));
+ if (keyd_do_command(KEYD_CMD_VERSION, &reply, sizeof(reply)) == -1) {
+ printf("Got failure asking for keyd version.\n");
+ return;
+ }
printf("Using keyd protocol version %d.\n", reply);
printf("Using keyd protocol version %d.\n", reply);
- keyd_do_command(KEYD_CMD_STATS, &stats, sizeof(stats));
+ if (keyd_do_command(KEYD_CMD_STATS, &stats, sizeof(stats)) == -1) {
+ printf("Got failure asking for keyd statistics.\n");
+ return;
+ }
+
printf("keyd running since %s", ctime(&stats.started));
printf("%d client connections received\n", stats.connects);
printf("keyd running since %s", ctime(&stats.started));
printf("%d client connections received\n", stats.connects);
while ((optchar = getopt(argc, argv, "c:")) != -1 ) {
switch (optchar) {
case 'c':
while ((optchar = getopt(argc, argv, "c:")) != -1 ) {
switch (optchar) {
case 'c':
+ if (configfile != NULL) {
+ free(configfile);
+ }
configfile = strdup(optarg);
break;
}
}
readconfig(configfile);
configfile = strdup(optarg);
break;
}
}
readconfig(configfile);
initlogthing("maxpath", config.logfile);
dbctx = config.dbinit(true);
if (dbctx != NULL) {
initlogthing("maxpath", config.logfile);
dbctx = config.dbinit(true);
if (dbctx != NULL) {
int i;
bool ishex = false;
bool isfp = false;
int i;
bool ishex = false;
bool isfp = false;
bool update = false;
bool binary = false;
bool fingerprint = false;
bool update = false;
bool binary = false;
bool fingerprint = false;
update = true;
break;
case 'v':
update = true;
break;
case 'v':
setlogthreshold(LOGTHING_INFO);
break;
}
setlogthreshold(LOGTHING_INFO);
break;
}
struct openpgp_packet_list *curpacket = NULL, **packetend = NULL;
onak_status_t rc = ONAK_E_OK;
int keys = 0;
struct openpgp_packet_list *curpacket = NULL, **packetend = NULL;
onak_status_t rc = ONAK_E_OK;
int keys = 0;
if (packets == NULL)
return ONAK_E_INVALID_PARAM;
if (packets == NULL)
return ONAK_E_INVALID_PARAM;
- while (!rc && (maxnum == 0 || keys < maxnum) &&
+ while (rc == ONAK_E_OK && (maxnum == 0 || keys < maxnum) &&
!getchar_func(ctx, 1, &curchar)) {
!getchar_func(ctx, 1, &curchar)) {
- if (!inpacket && (curchar & 0x80)) {
- * New packet. Record the fact we're in a packet and
- * allocate memory for it.
+ * New packet. Allocate memory for it.
if (curpacket != NULL) {
curpacket->next = malloc(sizeof (*curpacket));
packetend = &curpacket->next;
if (curpacket != NULL) {
curpacket->next = malloc(sizeof (*curpacket));
packetend = &curpacket->next;
*/
if (curpacket->packet->newformat) {
curpacket->packet->tag = (curchar & 0x3F);
*/
if (curpacket->packet->newformat) {
curpacket->packet->tag = (curchar & 0x3F);
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length = curchar;
if (curpacket->packet->length > 191 &&
curpacket->packet->length < 224) {
curpacket->packet->length = curchar;
if (curpacket->packet->length > 191 &&
curpacket->packet->length < 224) {
* 5 byte length; ie 255 followed by 3
* bytes of MSB length.
*/
* 5 byte length; ie 255 followed by 3
* bytes of MSB length.
*/
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length = curchar;
curpacket->packet->length <<= 8;
curpacket->packet->length = curchar;
curpacket->packet->length <<= 8;
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length += curchar;
curpacket->packet->length <<= 8;
curpacket->packet->length += curchar;
curpacket->packet->length <<= 8;
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length += curchar;
curpacket->packet->length <<= 8;
curpacket->packet->length += curchar;
curpacket->packet->length <<= 8;
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length += curchar;
}
} else {
curpacket->packet->tag = (curchar & 0x3C) >> 2;
switch (curchar & 3) {
case 0:
curpacket->packet->length += curchar;
}
} else {
curpacket->packet->tag = (curchar & 0x3C) >> 2;
switch (curchar & 3) {
case 0:
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length = curchar;
break;
case 1:
curpacket->packet->length = curchar;
break;
case 1:
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length = curchar;
curpacket->packet->length <<= 8;
curpacket->packet->length = curchar;
curpacket->packet->length <<= 8;
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length += curchar;
break;
case 2:
curpacket->packet->length += curchar;
break;
case 2:
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length =
(curchar << 24);
curpacket->packet->length =
(curchar << 24);
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length +=
(curchar << 16);
curpacket->packet->length +=
(curchar << 16);
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length +=
(curchar << 8);
curpacket->packet->length +=
(curchar << 8);
- rc = getchar_func(ctx, 1, &curchar);
+ if (getchar_func(ctx, 1, &curchar)) {
+ rc = ONAK_E_INVALID_PKT;
+ break;
+ }
curpacket->packet->length += curchar;
break;
case 3:
curpacket->packet->length += curchar;
break;
case 3:
curpacket->packet->data);
}
}
curpacket->packet->data);
}
}
} else {
rc = ONAK_E_INVALID_PKT;
}
} else {
rc = ONAK_E_INVALID_PKT;
}
* if it's signed by the key we're looking at.
*/
initcolour(false);
* if it's signed by the key we're looking at.
*/
initcolour(false);
- degree = countdegree(dbctx, keyinfo, true, 7);
+ countdegree(dbctx, keyinfo, true, 7);
puts("\t\tSigned by\t\tSigns");
for (loop = 1; loop < 7; loop++) {
puts("\t\tSigned by\t\tSigns");
for (loop = 1; loop < 7; loop++) {
while ((optchar = getopt(argc, argv, "c:")) != -1 ) {
switch (optchar) {
case 'c':
while ((optchar = getopt(argc, argv, "c:")) != -1 ) {
switch (optchar) {
case 'c':
+ if (configfile != NULL) {
+ free(configfile);
+ }
configfile = strdup(optarg);
break;
}
configfile = strdup(optarg);
break;
}
}
readconfig(configfile);
}
readconfig(configfile);
initlogthing("sixdegrees", config.logfile);
dbctx = config.dbinit(true);
if (dbctx != NULL) {
initlogthing("sixdegrees", config.logfile);
dbctx = config.dbinit(true);
if (dbctx != NULL) {