forked from pool/openCryptoki
407ecfdaa4
* ocki-3.15.1-Added-NULL-pointer-to-avoid-double-free-for-the-list.patch Added NULL pointer to avoid double free() for the list-key and remove-key commands. * ocki-3.15.1-Fixed-p11sak-and-corresponding-test-case.patch Note that two hunks that were unrelated to fixing the running code were removed from this patch. * ocki-3.15.1-p11sak-Fix-CKA_LABEL-handling.patch - Added ocki-3.15.1-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch When constructing an OpenSSL EC public or private key from PKCS#11 attributes or ECDH public data, check that the key is valid, i.e. that the point is on the curve. (bsc#1185976) OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=118
44 lines
1.5 KiB
Diff
44 lines
1.5 KiB
Diff
From 93c01ffd75cd9f855596377fcf0fbf3912459549 Mon Sep 17 00:00:00 2001
|
|
From: Ingo Franzki <ifranzki@linux.ibm.com>
|
|
Date: Fri, 16 Apr 2021 11:18:36 +0200
|
|
Subject: [PATCH] p11sak: Fix CKA_LABEL handling
|
|
|
|
The value of CKA_LABEL does not contain the terminating zero of a C-string.
|
|
|
|
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
|
|
---
|
|
usr/sbin/p11sak/p11sak.c | 6 +++---
|
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/usr/sbin/p11sak/p11sak.c b/usr/sbin/p11sak/p11sak.c
|
|
index 05ab9e27..6c2f61bc 100644
|
|
--- a/usr/sbin/p11sak/p11sak.c
|
|
+++ b/usr/sbin/p11sak/p11sak.c
|
|
@@ -689,12 +689,12 @@ static CK_RV set_labelpair_attr(const char *label, CK_ATTRIBUTE *pubattr,
|
|
|
|
pubattr[*pubcount].type = CKA_LABEL;
|
|
pubattr[*pubcount].pValue = publabel;
|
|
- pubattr[*pubcount].ulValueLen = strlen(publabel) + 1;
|
|
+ pubattr[*pubcount].ulValueLen = strlen(publabel);
|
|
(*pubcount)++;
|
|
|
|
prvattr[*prvcount].type = CKA_LABEL;
|
|
prvattr[*prvcount].pValue = prvlabel;
|
|
- prvattr[*prvcount].ulValueLen = strlen(prvlabel) + 1;
|
|
+ prvattr[*prvcount].ulValueLen = strlen(prvlabel);
|
|
(*prvcount)++;
|
|
|
|
return CKR_OK;
|
|
@@ -1021,7 +1021,7 @@ static CK_RV tok_key_list_init(CK_SESSION_HANDLE session, p11sak_kt kt,
|
|
if (label != NULL_PTR) {
|
|
tmplt[3].type = CKA_LABEL;
|
|
tmplt[3].pValue = label;
|
|
- tmplt[3].ulValueLen = strlen(label) + 1;
|
|
+ tmplt[3].ulValueLen = strlen(label);
|
|
count = 4;
|
|
} else
|
|
count = 3;
|
|
--
|
|
2.26.2
|
|
|