bin/71594: pkg_install (sign) - variables ma be used unitialized in
some cases
Dan Lukes
dan at obluda.cz
Sat Sep 11 08:50:15 PDT 2004
>Number: 71594
>Category: bin
>Synopsis: pkg_install (sign) - variables ma be used unitialized in some cases
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Sep 11 15:50:14 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Dan Lukes
>Release: FreeBSD 5.3-BETA3 i386
>Organization:
Obludarium
>Environment:
System: FreeBSD kulesh.obluda.cz 5.3-BETA3 FreeBSD 5.3-BETA3 #8: Sun Sep 5 07:06:40 CEST 2004 dan at kulesh.obluda.cz:/usr/obj/usr/src/sys/Dan i386
usr.sbin/pkg_install/sign/x509.c,v 1.4 2004/06/29 19:06:42 eik
usr.sbin/pkg_install/sign/sign.c,v 1.4 2004/06/29 19:06:42 eik
>Description:
in function retrieve_x509_marker (usr.sbin/pkg_install/sign/x509.c)
the descriptor 'f' isn't closed sometime
usr.sbin/pkg_install/sign/sign.c:106: warning: 'success' might be used uninitialized in this function
usr.sbin/pkg_install/sign/x509.c:206: warning: 'md_ctx' might be used uninitialized in this function
usr.sbin/pkg_install/sign/x509.c:276: warning: 'n' might be used uninitialized in this function
All three warning are sign of error as mentioned variables can be used
uninitialized sometime (especially when package prepared by a poor man).
In advance I'm corrected two typos within messages (Uknown -> Unknown).
>How-To-Repeat:
N/A
>Fix:
*** usr.sbin/pkg_install/sign/sign.c.ORIG Sun Aug 8 21:13:50 2004
--- usr.sbin/pkg_install/sign/sign.c Sat Sep 11 16:52:17 2004
***************
*** 116,121 ****
--- 116,124 ----
case TAG_X509:
success = retrieve_x509_marker(filename, &sign, userid);
break;
+ default:
+ success = 0;
+ fprintf(stderr, "Unknown type %d\n", type);
}
if (!success) {
*** usr.sbin/pkg_install/sign/x509.c.ORIG Sun Aug 8 21:13:50 2004
--- usr.sbin/pkg_install/sign/x509.c Sat Sep 11 17:22:04 2004
***************
*** 152,158 ****
break;
default:
! warnx("Uknown certificate type");
return 0;
}
--- 152,159 ----
break;
default:
! warnx("Unknown certificate type: %d", EVP_PKEY_type(X509_get_pubkey(x509)->type));
! fclose(fp);
return 0;
}
***************
*** 234,246 ****
break;
default:
break;
}
! status = EVP_VerifyFinal(md_ctx,
! n->signature->data,
! n->signature->length,
! pkey);
EVP_PKEY_free(pkey);
X509_free(x509);
--- 235,249 ----
break;
default:
+ warnx("Unknown public key type: %d", EVP_PKEY_type(pkey->type));
+ md_ctx = NULL;
break;
}
! status = (md_ctx == NULL) ? 0 : EVP_VerifyFinal(md_ctx,
! n->signature->data,
! n->signature->length,
! pkey);
EVP_PKEY_free(pkey);
X509_free(x509);
***************
*** 291,303 ****
f = fopen(filename, "r");
if (f == NULL) {
- free(n);
return 0;
}
if (gzip_read_header(f, &h, sign) == GZIP_NOT_GZIP) {
warnx("File %s is not a gzip file\n", filename);
fclose(f);
- free(n);
return 0;
}
--- 294,304 ----
***************
*** 314,319 ****
--- 315,321 ----
if (keyf == NULL)
{
warnx("Cannot open private key %s.", keyfile);
+ fclose(f);
return 0;
}
***************
*** 335,350 ****
{
case EVP_PKEY_RSA:
md_type = EVP_sha1();
- printf("*** It's an RSA key.\n");
break;
case EVP_PKEY_DSA:
md_type = EVP_dss1();
- printf("@@@ It's a DSA key, yippee!\n");
break;
default:
! warnx("Uknown key type");
return 0;
}
--- 337,351 ----
{
case EVP_PKEY_RSA:
md_type = EVP_sha1();
break;
case EVP_PKEY_DSA:
md_type = EVP_dss1();
break;
default:
! warnx("Unknown key type");
! fclose(f);
return 0;
}
***************
*** 352,357 ****
--- 353,360 ----
while ((length = fread(buffer, 1, sizeof buffer, f)) > 0)
EVP_SignUpdate(&md_ctx, buffer, length);
+
+ fclose(f);
sig_buf = malloc(sig_len);
if (sig_buf == NULL) {
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list