From c9cc7f885e6e1e4da07d9594af092a5efc86ee5a Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 5 Apr 2017 14:29:16 +0200 Subject: gnutls-cli: fixed minor coverity identified issues Signed-off-by: Nikos Mavrogiannopoulos --- src/cli.c | 36 +++++++++++++++++++++++++++++------- src/common.c | 14 ++++++++++++-- 2 files changed, 41 insertions(+), 9 deletions(-) diff --git a/src/cli.c b/src/cli.c index 75c228fa49..b225c166f7 100644 --- a/src/cli.c +++ b/src/cli.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2000-2016 Free Software Foundation, Inc. * Copyright (C) 2013-2016 Nikos Mavrogiannopoulos - * Copyright (C) 2015-2016 Red Hat, Inc. + * Copyright (C) 2015-2017 Red Hat, Inc. * * This file is part of GnuTLS. * @@ -132,6 +132,7 @@ static gnutls_privkey_t x509_key = NULL; static gnutls_pcert_st pgp_crt; static gnutls_privkey_t pgp_key = NULL; +#ifdef ENABLE_OPENPGP static void get_keyid(gnutls_openpgp_keyid_t keyid, const char *str) { size_t keyid_size = GNUTLS_OPENPGP_KEYID_SIZE; @@ -149,6 +150,7 @@ static void get_keyid(gnutls_openpgp_keyid_t keyid, const char *str) return; } +#endif /* Load the certificate and the private key. */ @@ -159,13 +161,19 @@ static void load_keys(void) unsigned int i; gnutls_datum_t data = { NULL, 0 }; gnutls_x509_crt_t crt_list[MAX_CRT]; +#ifdef ENABLE_OPENPGP unsigned char keyid[GNUTLS_OPENPGP_KEYID_SIZE]; +#endif if (x509_certfile != NULL && x509_keyfile != NULL) { #ifdef ENABLE_PKCS11 if (strncmp(x509_certfile, "pkcs11:", 7) == 0) { crt_num = 1; - gnutls_x509_crt_init(&crt_list[0]); + ret = gnutls_x509_crt_init(&crt_list[0]); + if (ret < 0) { + fprintf(stderr, "Memory error\n"); + exit(1); + } gnutls_x509_crt_set_pin_function(crt_list[0], pin_callback, NULL); @@ -1737,9 +1745,9 @@ psk_callback(gnutls_session_t session, char **username, printf("Enter PSK identity: "); fflush(stdout); - getline(&p, &n, stdin); + ret = getline(&p, &n, stdin); - if (p == NULL) { + if (ret == -1 || p == NULL) { fprintf(stderr, "No username given, aborting...\n"); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; @@ -1785,7 +1793,11 @@ psk_callback(gnutls_session_t session, char **username, if (HAVE_OPT(DEBUG)) { char hexkey[41]; res_size = sizeof(hexkey); - gnutls_hex_encode(key, hexkey, &res_size); + ret = gnutls_hex_encode(key, hexkey, &res_size); + if (ret < 0) { + fprintf(stderr, "Error in hex encoding: %s\n", gnutls_strerror(ret)); + exit(1); + } fprintf(stderr, "PSK username: %s\n", *username); fprintf(stderr, "PSK hint: %s\n", hint); fprintf(stderr, "PSK key: %s\n", hexkey); @@ -1939,7 +1951,13 @@ static int cert_verify_ocsp(gnutls_session_t session) for (it = 0; it < cert_list_size; it++) { if (deinit_cert) gnutls_x509_crt_deinit(cert); - gnutls_x509_crt_init(&cert); + + ret = gnutls_x509_crt_init(&cert); + if (ret < 0) { + fprintf(stderr, "Memory error: %s\n", gnutls_strerror(ret)); + goto cleanup; + } + deinit_cert = 1; ret = gnutls_x509_crt_import(cert, &cert_list[it], GNUTLS_X509_FMT_DER); if (ret < 0) { @@ -1954,7 +1972,11 @@ static int cert_verify_ocsp(gnutls_session_t session) ret = gnutls_certificate_get_issuer(xcred, cert, &issuer, 0); if (ret < 0 && cert_list_size - it > 1) { - gnutls_x509_crt_init(&issuer); + ret = gnutls_x509_crt_init(&issuer); + if (ret < 0) { + fprintf(stderr, "Memory error: %s\n", gnutls_strerror(ret)); + goto cleanup; + } deinit_issuer = 1; ret = gnutls_x509_crt_import(issuer, &cert_list[it + 1], GNUTLS_X509_FMT_DER); if (ret < 0) { diff --git a/src/common.c b/src/common.c index a3adb41db3..f8e8f0ede2 100644 --- a/src/common.c +++ b/src/common.c @@ -88,7 +88,12 @@ static void print_x509_info_compact(gnutls_session_t session) return; } - gnutls_x509_crt_init(&crt); + ret = gnutls_x509_crt_init(&crt); + if (ret < 0) { + fprintf(stderr, "Memory error\n"); + return; + } + ret = gnutls_x509_crt_import(crt, &cert_list[0], GNUTLS_X509_FMT_DER); @@ -128,7 +133,12 @@ print_x509_info(gnutls_session_t session, FILE *out, int flag, int print_cert) for (j = 0; j < cert_list_size; j++) { gnutls_datum_t cinfo; - gnutls_x509_crt_init(&crt); + ret = gnutls_x509_crt_init(&crt); + if (ret < 0) { + fprintf(stderr, "Memory error\n"); + return; + } + ret = gnutls_x509_crt_import(crt, &cert_list[j], GNUTLS_X509_FMT_DER); -- cgit v1.2.1