Bug 1257885 - Fix some unchecked return values, r=ttaubert

author: Franziskus Kiefer <franziskuskiefer@gmail.com> 2016-04-29 21:57:47 +0200
committer: Franziskus Kiefer <franziskuskiefer@gmail.com> 2016-04-29 21:57:47 +0200
commit: cc2742adb4161ff24b5c5199352e726599d59c24 (patch)
tree: e7084b032d9af6c0df535f5514c9deeb04705d44
parent: 92da0330089143c60f0178d6973560980c51a01c (diff)
download: nss-hg-cc2742adb4161ff24b5c5199352e726599d59c24.tar.gz
5 files changed, 41 insertions, 14 deletions
diff --git a/cmd/bltest/blapitest.c b/cmd/bltest/blapitest.c
index e1acc7024..50c7d9693 100644
--- a/cmd/bltest/blapitest.c
+++ b/cmd/bltest/blapitest.c
@@ -982,6 +982,9 @@ setupIO(PLArenaPool *arena, bltestIO *input, PRFileDesc *file,
             if (in->data[in->len - 1] == '\r')
                 --in->len;
             SECITEM_CopyItem(arena, &input->buf, in);
+            if (rv != SECSuccess) {
+                return SECFailure;
+            }
             break;
         case bltestHexSpaceDelim:
             SECITEM_AllocItem(arena, &input->buf, in->len / 5);
@@ -1061,16 +1064,20 @@ finishIO(bltestIO *output, PRFileDesc *file)
     return rv;
 }
 
-void
+SECStatus
 bltestCopyIO(PLArenaPool *arena, bltestIO *dest, bltestIO *src)
 {
-    SECITEM_CopyItem(arena, &dest->buf, &src->buf);
+    if (SECITEM_CopyItem(arena, &dest->buf, &src->buf) != SECSuccess) {
+        return SECFailure;
+    }
     if (src->pBuf.len > 0) {
         dest->pBuf.len = src->pBuf.len;
         dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data);
     }
     dest->mode = src->mode;
     dest->file = src->file;
+
+    return SECSuccess;
 }
 
 void
@@ -3238,7 +3245,7 @@ blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
             ** then perform operation and compare to ciphertext
             */
             if (encrypt) {
-                bltestCopyIO(arena, &cipherInfo.input, &pt);
+                rv |= bltestCopyIO(arena, &cipherInfo.input, &pt);
                 misalignBuffer(arena, &cipherInfo.input, inoff);
                 memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
                 rv |= cipherInit(&cipherInfo, PR_TRUE);
@@ -3260,7 +3267,7 @@ blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
                     ** verify-only operations, this ensures that the output
                     ** buffer is properly configured
                     */
-                    bltestCopyIO(arena, &params->asymk.sig, &cipherInfo.output);
+                    rv |= bltestCopyIO(arena, &params->asymk.sig, &cipherInfo.output);
                 }
             }
             if (!decrypt)
@@ -3270,10 +3277,10 @@ blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
             ** then perform operation and compare to plaintext
             */
             if (is_sigCipher(mode)) {
-                bltestCopyIO(arena, &cipherInfo.input, &pt);
-                bltestCopyIO(arena, &cipherInfo.output, &params->asymk.sig);
+                rv |= bltestCopyIO(arena, &cipherInfo.input, &pt);
+                rv |= bltestCopyIO(arena, &cipherInfo.output, &params->asymk.sig);
             } else {
-                bltestCopyIO(arena, &cipherInfo.input, &ct);
+                rv |= bltestCopyIO(arena, &cipherInfo.input, &ct);
                 memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
             }
             misalignBuffer(arena, &cipherInfo.input, inoff);
diff --git a/cmd/crlutil/crlutil.c b/cmd/crlutil/crlutil.c
index 9fca6b40b..ebfe8e6bf 100644
--- a/cmd/crlutil/crlutil.c
+++ b/cmd/crlutil/crlutil.c
@@ -39,6 +39,7 @@ FindCRL(CERTCertDBHandle *certHandle, char *name, int type)
     if (!cert) {
         CERTName *certName = NULL;
         PLArenaPool *arena = NULL;
+        SECStatus rv = SECSuccess;
 
         certName = CERT_AsciiToName(name);
         if (certName) {
@@ -48,13 +49,18 @@ FindCRL(CERTCertDBHandle *certHandle, char *name, int type)
                     SEC_ASN1EncodeItem(arena, NULL, (void *)certName,
                                        SEC_ASN1_GET(CERT_NameTemplate));
                 if (nameItem) {
-                    SECITEM_CopyItem(NULL, &derName, nameItem);
+                    rv = SECITEM_CopyItem(NULL, &derName, nameItem);
                 }
                 PORT_FreeArena(arena, PR_FALSE);
             }
             CERT_DestroyName(certName);
         }
 
+        if (rv != SECSuccess) {
+            SECU_PrintError(progName, "SECITEM_CopyItem failed, out of memory");
+            return ((CERTSignedCrl *)NULL);
+        }
+
         if (!derName.len || !derName.data) {
             SECU_PrintError(progName, "could not find certificate named '%s'", name);
             return ((CERTSignedCrl *)NULL);
diff --git a/lib/pkcs12/p12dec.c b/lib/pkcs12/p12dec.c
index 61651b080..55aeea12e 100644
--- a/lib/pkcs12/p12dec.c
+++ b/lib/pkcs12/p12dec.c
@@ -62,8 +62,18 @@ sec_pkcs12_decode_pfx(SECItem *der_pfx)
 	    return NULL;
 	}
 	pfx->old = PR_TRUE;
-	SGN_CopyDigestInfo(pfx->poolp, &pfx->macData.safeMac, &pfx->old_safeMac);
-	SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, &pfx->old_macSalt);
+	rv = SGN_CopyDigestInfo(pfx->poolp, &pfx->macData.safeMac, &pfx->old_safeMac);
+	if(rv != SECSuccess) {
+	    PORT_SetError(SEC_ERROR_NO_MEMORY);
+	    PORT_FreeArena(pfx->poolp, PR_TRUE);
+	    return NULL;
+	}
+	rv = SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, &pfx->old_macSalt);
+	if(rv != SECSuccess) {
+	    PORT_SetError(SEC_ERROR_NO_MEMORY);
+	    PORT_FreeArena(pfx->poolp, PR_TRUE);
+	    return NULL;
+	}
     } else {
 	pfx->old = PR_FALSE;
     }
diff --git a/lib/smime/cmsrecinfo.c b/lib/smime/cmsrecinfo.c
index 77a1541ec..3c827a8e6 100644
--- a/lib/smime/cmsrecinfo.c
+++ b/lib/smime/cmsrecinfo.c
@@ -138,8 +138,8 @@ nss_cmsrecipientinfo_create(NSSCMSMessage *cmsg,
 		PORT_SetError(SEC_ERROR_NO_MEMORY);
 		break;
 	    } 
-	    SECITEM_CopyItem(poolp, rid->id.subjectKeyID, subjKeyID);
-	    if (rid->id.subjectKeyID->data == NULL) {
+	    rv = SECITEM_CopyItem(poolp, rid->id.subjectKeyID, subjKeyID);
+	    if (rv != SECSuccess || rid->id.subjectKeyID->data == NULL) {
 		rv = SECFailure;
 		PORT_SetError(SEC_ERROR_NO_MEMORY);
 		break;
diff --git a/lib/smime/cmssiginfo.c b/lib/smime/cmssiginfo.c
index f3635c2da..b39494199 100644
--- a/lib/smime/cmssiginfo.c
+++ b/lib/smime/cmssiginfo.c
@@ -51,6 +51,7 @@ nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type,
     NSSCMSSignerInfo *signerinfo;
     int version;
     PLArenaPool *poolp;
+    SECStatus rv;
 
     poolp = cmsg->poolp;
 
@@ -80,8 +81,11 @@ nss_cmssignerinfo_create(NSSCMSMessage *cmsg, NSSCMSSignerIDSelector type,
             goto loser;
 
         signerinfo->signerIdentifier.id.subjectKeyID = PORT_ArenaNew(poolp, SECItem);
-        SECITEM_CopyItem(poolp, signerinfo->signerIdentifier.id.subjectKeyID,
-                         subjKeyID);
+        rv = SECITEM_CopyItem(poolp, signerinfo->signerIdentifier.id.subjectKeyID,
+                              subjKeyID);
+        if (rv != SECSuccess) {
+            goto loser;
+        }
         signerinfo->signingKey = SECKEY_CopyPrivateKey(signingKey);
         if (!signerinfo->signingKey)
             goto loser;
author	Franziskus Kiefer <franziskuskiefer@gmail.com>	2016-04-29 21:57:47 +0200
committer	Franziskus Kiefer <franziskuskiefer@gmail.com>	2016-04-29 21:57:47 +0200
commit	cc2742adb4161ff24b5c5199352e726599d59c24 (patch)
tree	e7084b032d9af6c0df535f5514c9deeb04705d44
parent	92da0330089143c60f0178d6973560980c51a01c (diff)
download	nss-hg-cc2742adb4161ff24b5c5199352e726599d59c24.tar.gz