diff options
author | Elio Maldonado <emaldona@redhat.com> | 2015-04-16 20:14:54 -0700 |
---|---|---|
committer | Elio Maldonado <emaldona@redhat.com> | 2015-04-16 20:14:54 -0700 |
commit | 775c70de5d2508d4339aeea73311b9820c722937 (patch) | |
tree | 39ee8874cf23c69ec05fd7fb0e451186fd36dd54 | |
parent | 43deb3a0206428de8199b303c02c5cd27635567a (diff) | |
download | nss-hg-775c70de5d2508d4339aeea73311b9820c722937.tar.gz |
Bug 1054069 - Address coverity scan reported flaws, r=wtc
-rw-r--r-- | cmd/certutil/certext.c | 13 | ||||
-rw-r--r-- | cmd/checkcert/checkcert.c | 35 | ||||
-rw-r--r-- | cmd/modutil/install.c | 7 | ||||
-rw-r--r-- | lib/smime/cmsmessage.c | 34 |
4 files changed, 57 insertions, 32 deletions
diff --git a/cmd/certutil/certext.c b/cmd/certutil/certext.c index a87b4b1fa..c36bc2d25 100644 --- a/cmd/certutil/certext.c +++ b/cmd/certutil/certext.c @@ -987,10 +987,13 @@ AddNameConstraints(void *extHandle) GEN_BREAK(SECFailure); } - PrintChoicesAndGetAnswer("Type of Name Constraint?\n" + if (PrintChoicesAndGetAnswer("Type of Name Constraint?\n" "\t1 - permitted\n\t2 - excluded\n\tAny" "other number to finish\n\tChoice", - buffer, sizeof(buffer)); + buffer, sizeof(buffer)) != SECSuccess) { + GEN_BREAK(SECFailure); + } + intValue = PORT_Atoi(buffer); switch (intValue) { case 1: @@ -1826,11 +1829,13 @@ AddInfoAccess(void *extHandle, PRBool addSIAExt, PRBool isCACert) intValue = timeStamping; } } else { - PrintChoicesAndGetAnswer("Enter access method type " + if (PrintChoicesAndGetAnswer("Enter access method type " "for Authority Information Access extension:\n" "\t1 - CA Issuers\n\t2 - OCSP\n\tAny" "other number to finish\n\tChoice", - buffer, sizeof(buffer)); + buffer, sizeof(buffer)) != SECSuccess) { + GEN_BREAK (SECFailure); + } intValue = PORT_Atoi(buffer); } if (addSIAExt) { diff --git a/cmd/checkcert/checkcert.c b/cmd/checkcert/checkcert.c index 63beea587..2a62a08ee 100644 --- a/cmd/checkcert/checkcert.c +++ b/cmd/checkcert/checkcert.c @@ -220,14 +220,12 @@ CERTCertificate *createEmptyCertificate(void) } return c; -} - - +} int main(int argc, char **argv) { - int rv, verbose=0, force=0; + int verbose=0, force=0; int ascii=0, issuerAscii=0; char *progName=0; PRFileDesc *inFile=0, *issuerCertFile=0; @@ -244,6 +242,7 @@ int main(int argc, char **argv) char *inFileName = NULL, *issuerCertFileName = NULL; PLOptState *optstate; PLOptStatus status; + SECStatus rv; PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption)); PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption)); @@ -405,17 +404,37 @@ int main(int argc, char **argv) printf("\n"); /* Check algorithms */ - SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption, + rv = SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL); + if (rv) { + fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION.\n", + progName); + exit(1); + } - SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption, + rv = SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption, SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL); + if (rv) { + fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION.\n", + progName); + exit(1); + } - SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption, + rv = SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption, SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL); + if (rv) { + fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION.\n", + progName); + exit(1); + } - SECOID_SetAlgorithmID(arena, &rsaEncryption, + rv = SECOID_SetAlgorithmID(arena, &rsaEncryption, SEC_OID_PKCS1_RSA_ENCRYPTION, NULL); + if (rv) { + fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_RSA_ENCRYPTION.\n", + progName); + exit(1); + } { int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature, diff --git a/cmd/modutil/install.c b/cmd/modutil/install.c index 839cf4021..283fc790e 100644 --- a/cmd/modutil/install.c +++ b/cmd/modutil/install.c @@ -120,9 +120,10 @@ typedef struct StringNode_str { StringNode* StringNode_new() { StringNode* new_this; - new_this = (StringNode*)malloc(sizeof(StringNode)); - new_this->str=NULL; - new_this->next=NULL; + new_this = (StringNode*)PR_Malloc(sizeof(StringNode)); + PORT_Assert(new_this != NULL); + new_this->str = NULL; + new_this->next = NULL; return new_this; } diff --git a/lib/smime/cmsmessage.c b/lib/smime/cmsmessage.c index 72026e6ca..a44fb0b5c 100644 --- a/lib/smime/cmsmessage.c +++ b/lib/smime/cmsmessage.c @@ -28,26 +28,26 @@ NSS_CMSMessage_Create(PLArenaPool *poolp) PRBool poolp_is_ours = PR_FALSE; if (poolp == NULL) { - poolp = PORT_NewArena (1024); /* XXX what is right value? */ - if (poolp == NULL) - return NULL; - poolp_is_ours = PR_TRUE; - } + poolp = PORT_NewArena (1024); /* XXX what is right value? */ + if (poolp == NULL) + return NULL; + poolp_is_ours = PR_TRUE; + } if (!poolp_is_ours) - mark = PORT_ArenaMark(poolp); - - cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSMessage)); - if (cmsg == NULL) { - if (!poolp_is_ours) { - if (mark) { - PORT_ArenaRelease(poolp, mark); - } - } else - PORT_FreeArena(poolp, PR_FALSE); - return NULL; + mark = PORT_ArenaMark(poolp); + + cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSMessage)); + if (cmsg == NULL || + NSS_CMSContentInfo_Private_Init(&(cmsg->contentInfo)) != SECSuccess) { + if (!poolp_is_ours) { + if (mark) { + PORT_ArenaRelease(poolp, mark); + } + } else + PORT_FreeArena(poolp, PR_FALSE); + return NULL; } - NSS_CMSContentInfo_Private_Init(&(cmsg->contentInfo)); cmsg->poolp = poolp; cmsg->poolp_is_ours = poolp_is_ours; |