d795e80599
- ocki-3.5-icsf-reasoncode72-support.patch - ocki-3.5-icsf-coverity-memoryleakfix.patch - ocki-3.5-downgrade-syslogerror.patch - ocki-3.5-icsf-sessionhandle-missing-fix.patch - ocki-3.5-icsf-reasoncode-2028-added.patch - ocki-3.5-added-NULLreturn-check.patch OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=37
52 lines
1.7 KiB
Diff
52 lines
1.7 KiB
Diff
commit ca61c6e68ecd04c5f319056a6a3eba4b261f5481
|
|
Author: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Tue Jun 28 16:23:06 2016 -0400
|
|
|
|
Coverity:Check for NULL returns
|
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
|
|
diff --git a/usr/lib/pkcs11/common/utility.c b/usr/lib/pkcs11/common/utility.c
|
|
index 3cbb8da..39ecae8 100755
|
|
--- a/usr/lib/pkcs11/common/utility.c
|
|
+++ b/usr/lib/pkcs11/common/utility.c
|
|
@@ -589,6 +589,11 @@ CK_RV CreateXProcLock(void)
|
|
goto err;
|
|
}
|
|
grp = getgrnam("pkcs11");
|
|
+ if (grp == NULL) {
|
|
+ fprintf(stderr, "getgrname(pkcs11): %s",
|
|
+ strerror(errno));
|
|
+ goto err;
|
|
+ }
|
|
/* set ownership to euid, and pkcs11 group */
|
|
if (chown(lockdir, geteuid(), grp->gr_gid) != 0) {
|
|
fprintf(stderr, "Failed to set owner:group \
|
|
diff --git a/usr/lib/pkcs11/icsf_stdll/new_host.c b/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
index 9863d52..9478e92 100644
|
|
--- a/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
+++ b/usr/lib/pkcs11/icsf_stdll/new_host.c
|
|
@@ -813,6 +813,11 @@ CK_RV SC_OpenSession(CK_SLOT_ID sid, CK_FLAGS flags,
|
|
}
|
|
|
|
sess = session_mgr_find(*phSession);
|
|
+ if (!sess) {
|
|
+ TRACE_ERROR("%s\n", ock_err(ERR_SESSION_HANDLE_INVALID));
|
|
+ rc = CKR_SESSION_HANDLE_INVALID;
|
|
+ goto done;
|
|
+ }
|
|
sess->handle = *phSession;
|
|
rc = icsftok_open_session(sess);
|
|
done:
|
|
@@ -835,6 +840,11 @@ CK_RV SC_CloseSession(ST_SESSION_HANDLE *sSession)
|
|
}
|
|
|
|
sess = session_mgr_find(sSession->sessionh);
|
|
+ if (!sess) {
|
|
+ TRACE_ERROR("%s\n", ock_err(ERR_SESSION_HANDLE_INVALID));
|
|
+ rc = CKR_SESSION_HANDLE_INVALID;
|
|
+ goto done;
|
|
+ }
|
|
//set the handle here as handle is never set into session during creation
|
|
sess->handle = sSession->sessionh;
|
|
rc = icsftok_close_session(sess);
|