bugfixes
authorSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>
Mon, 8 Jan 2018 06:58:33 +0000 (07:58 +0100)
committerSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>
Mon, 8 Jan 2018 06:58:33 +0000 (07:58 +0100)
src/credential/credential_misc.c
src/credential/credential_serialization.c
src/credential/gnunet-credential.c
src/credential/gnunet-service-credential.c
src/credential/plugin_gnsrecord_credential.c
src/credential/plugin_rest_credential.c
src/identity-provider/gnunet-idp.c
src/identity-provider/gnunet-service-identity-provider.c
src/identity-provider/identity_provider_api.c

index c94c3391964b29facac2a60d7d7f1fe58329dfb2..2575f1de8ddbed8e72e10946ec61ec188721e351 100644 (file)
@@ -149,6 +149,7 @@ GNUNET_CREDENTIAL_credential_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
   {
     GNUNET_break (0);
     GNUNET_free (crd);
+    GNUNET_free (cred);
     return NULL;
   }
   cred->signature = crd->signature;
index 1d23bb08cf1f293480c0a42dde5db0b92241ec1c..2bbf3bfb82952f433e99b676419243659c7911f3 100644 (file)
@@ -279,7 +279,6 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
     ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len;
   }
   return ret+GNUNET_CREDENTIAL_credentials_get_size(c_count, cd);
-  return ret;
 }
 
 /**
index 03f959b95f7306382e5519bdcbab9055a5ad02a3..b5bcc4d433f1377b070180dea14ffcc47a8d67b3 100644 (file)
@@ -371,12 +371,14 @@ run (void *cls,
       fprintf (stderr,
                _("Failed to connect to CREDENTIAL\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     if (NULL == issuer_attr)
     {
       fprintf (stderr,
                _("You must provide issuer the attribute\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
 
     if (NULL == ego_name)
@@ -432,6 +434,7 @@ run (void *cls,
                _("Issuer public key `%s' is not well-formed\n"),
                issuer_key);
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     credential = GNUNET_CREDENTIAL_connect (cfg);
 
@@ -440,12 +443,14 @@ run (void *cls,
       fprintf (stderr,
                _("Failed to connect to CREDENTIAL\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     if (NULL == issuer_attr || NULL == subject_credential)
     {
       fprintf (stderr,
                _("You must provide issuer and subject attributes\n"));
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
 
     //Subject credentials are comma separated
@@ -457,6 +462,7 @@ run (void *cls,
                "Invalid subject credentials\n");
       GNUNET_free (tmp);
       GNUNET_SCHEDULER_shutdown ();
+      return;
     }
     int count = 1;
     int i;
@@ -490,6 +496,7 @@ run (void *cls,
     {
       GNUNET_free ((char*)credentials[i].issuer_attribute);
     }
+    GNUNET_free (tmp);
   } else if (GNUNET_YES == create_cred) {
     if (NULL == ego_name)
     {
index be88839e975bc4d6f3ae33651c0188b7440c5a81..a2c33936301cff52d636df00844b64930db37e2a 100644 (file)
@@ -722,6 +722,12 @@ backward_resolution (void* cls,
       strcpy (issuer_attribute_name,
               ds_entry->unresolved_attribute_delegation);
       char *next_attr = strtok (issuer_attribute_name, ".");
+      if (NULL == next_attr)
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                    "Failed to parse next attribute\n");
+        continue;
+      }
       GNUNET_asprintf (&lookup_attribute,
                        "%s.gnu",
                        next_attr);
@@ -806,7 +812,7 @@ delegation_chain_resolution_start (void* cls)
    * Check for attributes from the issuer and follow the chain 
    * till you get the required subject's attributes
    */
-  char issuer_attribute_name[strlen (vrh->issuer_attribute)];
+  char issuer_attribute_name[strlen (vrh->issuer_attribute) + strlen (".gnu") + 1];
   strcpy (issuer_attribute_name,
           vrh->issuer_attribute);
   strcpy (issuer_attribute_name + strlen (vrh->issuer_attribute),
@@ -889,7 +895,7 @@ handle_verify (void *cls,
   vrh->issuer_key = v_msg->issuer_key;
   vrh->subject_key = v_msg->subject_key;
   vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
-  if (NULL == issuer_attribute)
+  if (0 == strlen (issuer_attribute))
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 
                 "No issuer attribute provided!\n");
@@ -1033,7 +1039,7 @@ handle_collect (void *cls,
                                       &vrh->subject_key);
   vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
 
-  if (NULL == issuer_attribute)
+  if (0 == strlen (issuer_attribute))
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 
                 "No issuer attribute provided!\n");
@@ -1076,7 +1082,7 @@ check_collect (void *cls,
   }
   attr = (const char *) &c_msg[1];
 
-  if ( ('\0' != attr[ntohs(c_msg->header.size) - sizeof (struct CollectMessage) - 1]) ||
+  if ( ('\0' != attr[msg_size - sizeof (struct CollectMessage) - 1]) ||
        (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH) )
   {
     GNUNET_break (0);
index 342790b7ae959711ab272e7753b1201b55aea85f..ffb2857dc125fb858ccbb397fafc5485fdf88061 100644 (file)
@@ -199,6 +199,13 @@ credential_string_to_value (void *cls,
         GNUNET_free (tmp_str);
         tmp_str = GNUNET_strdup (s);
         token = strtok (tmp_str, ",");
+        if (NULL == token)
+        {
+          GNUNET_free (tmp_str);
+          GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                      "Malformed string %s\n", s);
+          return GNUNET_SYSERR;
+        }
         struct GNUNET_CREDENTIAL_DelegationSet set[entries];
         for (i=0;i<entries;i++)
         {
@@ -219,7 +226,10 @@ credential_string_to_value (void *cls,
                                                                    set);
         
         if (-1 == tmp_data_size)
+        {
+          GNUNET_free (tmp_str);
           return GNUNET_SYSERR;
+        }
         *data_size += tmp_data_size;
         *data = sets = GNUNET_malloc (*data_size);
         GNUNET_CREDENTIAL_delegation_set_serialize (entries,
index 4806588226149eee9fbc5315efb968da51e2bca3..2e43139de0769c798b32e411ef06a04622f88cd3 100644 (file)
@@ -617,7 +617,6 @@ collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Missing subject\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
@@ -627,7 +626,6 @@ collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Malformed subject\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle); 
     return;
   }
@@ -728,7 +726,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Missing subject key\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
@@ -738,7 +735,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Malformed subject\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle); 
     return;
   }
@@ -748,7 +744,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
                                                   &handle->subject_key)) {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Malformed subject key\n");
-    GNUNET_free (entity_attr);
     GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
@@ -858,6 +853,7 @@ send_cred_response (struct RequestHandle *handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Subject malformed\n");
+    GNUNET_free (issuer);
     return;
   }
   GNUNET_asprintf (&id,
@@ -869,6 +865,8 @@ send_cred_response (struct RequestHandle *handle,
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Subject malformed\n");
+    GNUNET_free (id);
+    GNUNET_free (issuer);
     return;
   }
   GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
@@ -953,6 +951,14 @@ get_cred_issuer_cb (void *cls,
   }
   expiration_str = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
                                                       &key);
+  if ( NULL == expiration_str )
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Expiration malformed\n");
+    GNUNET_SCHEDULER_add_now (&do_error, handle); 
+    return;
+  }
+
   if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration_str,
                                                           &etime_rel))
   {
index 62f07842b9089d0d919c074102c9f39cee60a907..995dd577529791cc497a13a75f068dab4cdb2cd6 100644 (file)
@@ -432,8 +432,7 @@ main(int argc, char *const argv[])
                                  &type_str),
     GNUNET_GETOPT_OPTION_END
   };
-  GNUNET_PROGRAM_run (argc, argv, "ct",
+  return (GNUNET_OK == GNUNET_PROGRAM_run (argc, argv, "ct",
                       "ct", options,
-                      &run, NULL);
-  return ret;
+                      &run, NULL));
 }
index 711ae76cece7ab3697b269f0ec965956c7058d5d..265719d5828c2c967bac3809dd70d9f5de3c15f5 100644 (file)
@@ -704,7 +704,6 @@ static void
 bootstrap_abe_error (void *cls)
 {
   struct AbeBootstrapHandle *abh = cls;
-  GNUNET_free (abh);
   abh->proc (abh->proc_cls, NULL);
   GNUNET_free (abh);
 }
@@ -1348,7 +1347,18 @@ reenc_next_attribute (struct TicketRevocationHandle *rh)
                                           rh->abe_key,
                                           (void**)&enc_buf);
   GNUNET_free (buf);
+  if (GNUNET_SYSERR == enc_size)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Unable to re-encrypt with policy %s\n",
+                policy);
+    GNUNET_free (policy);
+    send_revocation_finished (rh, GNUNET_SYSERR);
+    cleanup_revoke_ticket_handle (rh);
+    return;
+  }
   GNUNET_free (policy);
+
   rd[0].data_size = enc_size + sizeof (uint32_t);
   rd_buf = GNUNET_malloc (rd[0].data_size);
   attr_ver = htonl (rh->attrs->list_head->claim->version);
@@ -1501,7 +1511,7 @@ cleanup_consume_ticket_handle (struct ConsumeTicketHandle *handle)
 {
   if (NULL != handle->key)
     GNUNET_ABE_cpabe_delete_key (handle->key,
-                                    GNUNET_YES);
+                                 GNUNET_YES);
   if (NULL != handle->attrs)
     GNUNET_IDENTITY_ATTRIBUTE_list_destroy (handle->attrs);
   GNUNET_free (handle);
@@ -1563,9 +1573,9 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count,
   {
     decrypt_duration = GNUNET_TIME_absolute_get ();
     attr_len = GNUNET_ABE_cpabe_decrypt (rd->data + sizeof (uint32_t),
-                                            rd->data_size - sizeof (uint32_t),
-                                            handle->key,
-                                            (void**)&data);
+                                         rd->data_size - sizeof (uint32_t),
+                                         handle->key,
+                                         (void**)&data);
     if (GNUNET_SYSERR != attr_len) 
     {
       GNUNET_STATISTICS_update (stats,
@@ -1579,7 +1589,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count,
 
       attr_le = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
       attr_le->claim = GNUNET_IDENTITY_ATTRIBUTE_deserialize (data,
-                                                  attr_len);
+                                                              attr_len);
       attr_le->claim->version = ntohl(*(uint32_t*)rd->data);
       GNUNET_CONTAINER_DLL_insert (handle->attrs->list_head,
                                    handle->attrs->list_tail,
@@ -1611,7 +1621,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count,
   crm->identity = handle->ticket.identity;
   data_tmp = (char *) &crm[1];
   GNUNET_IDENTITY_ATTRIBUTE_list_serialize (handle->attrs,
-                            data_tmp);
+                                            data_tmp);
   GNUNET_MQ_send (handle->client->mq, env);
   cleanup_consume_ticket_handle (handle);
 }
@@ -1705,8 +1715,8 @@ process_consume_abe_key (void *cls, uint32_t rd_count,
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Scopes %s\n", scopes);
   handle->key = GNUNET_ABE_cpabe_deserialize_key ((void*)(buf + strlen (scopes) + 1),
-                                                     rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)
-                                                     - strlen (scopes) - 1);
+                                                  rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)
+                                                  - strlen (scopes) - 1);
 
   for (scope = strtok (scopes, ","); NULL != scope; scope = strtok (NULL, ","))
   {
@@ -1837,7 +1847,7 @@ attr_store_task (void *cls)
   buf = GNUNET_malloc (buf_size);
 
   GNUNET_IDENTITY_ATTRIBUTE_serialize (as_handle->claim,
-                       buf);
+                                       buf);
 
   GNUNET_asprintf (&policy,
                    "%s_%lu",
@@ -1849,10 +1859,21 @@ attr_store_task (void *cls)
    * Encrypt the attribute value and store in namestore
    */
   enc_size = GNUNET_ABE_cpabe_encrypt (buf,
-                                          buf_size,
-                                          policy, //Policy
-                                          as_handle->abe_key,
-                                          (void**)&enc_buf);
+                                       buf_size,
+                                       policy, //Policy
+                                       as_handle->abe_key,
+                                       (void**)&enc_buf);
+  if (GNUNET_SYSERR == enc_size)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Failed to encrypt with policy %s\n",
+                policy);
+    cleanup_as_handle (as_handle);
+    GNUNET_free (buf);
+    GNUNET_free (policy);
+    GNUNET_SCHEDULER_add_now (&do_shutdown, NULL);
+    return;
+  }
   GNUNET_free (buf);
   GNUNET_free (policy);
   rd[0].data_size = enc_size + sizeof (uint32_t);
@@ -1921,7 +1942,7 @@ handle_attribute_store_message (void *cls,
 
   as_handle = GNUNET_new (struct AttributeStoreHandle);
   as_handle->claim = GNUNET_IDENTITY_ATTRIBUTE_deserialize ((char*)&sam[1],
-                                                data_len);
+                                                            data_len);
 
   as_handle->r_id = ntohl (sam->id);
   as_handle->identity = sam->identity;
@@ -2004,14 +2025,18 @@ attr_iter_cb (void *cls,
   attrs[0] = policy;
   attrs[1] = 0;
   key = GNUNET_ABE_cpabe_create_key (ai->abe_key,
-                                        attrs);
+                                     attrs);
   msg_extra_len = GNUNET_ABE_cpabe_decrypt (rd->data+sizeof (uint32_t),
-                                               rd->data_size-sizeof (uint32_t),
-                                               key,
-                                               (void**)&attr_ser);
+                                            rd->data_size-sizeof (uint32_t),
+                                            key,
+                                            (void**)&attr_ser);
+  if (GNUNET_SYSERR == msg_extra_len) {
+    GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it);
+    return;
+  }
 
   GNUNET_ABE_cpabe_delete_key (key,
-                                  GNUNET_YES);
+                               GNUNET_YES);
   //GNUNET_free (policy);
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Found attribute: %s\n", label);
index d0ece80fe0c1d8f9a5b8bcfc67469b5dcb88cc5b..38c11841c05b337cac5949e07cc2c6436e6b3c28 100644 (file)
@@ -514,13 +514,16 @@ handle_consume_ticket_result (void *cls,
         GNUNET_IDENTITY_ATTRIBUTE_list_destroy (attrs);
       }
     }
-    op->ar_cb (op->cls,
-               NULL,
-               NULL);
-    GNUNET_CONTAINER_DLL_remove (h->op_head,
-                                 h->op_tail,
-                                 op);
-    GNUNET_free (op);
+    if (NULL != op)
+    {
+      op->ar_cb (op->cls,
+                 NULL,
+                 NULL);
+      GNUNET_CONTAINER_DLL_remove (h->op_head,
+                                   h->op_tail,
+                                   op);
+      GNUNET_free (op);
+    }
     return;
   }
   GNUNET_assert (0);
@@ -926,7 +929,7 @@ GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle
   sam->id = htonl (op->r_id);
 
   GNUNET_IDENTITY_ATTRIBUTE_serialize (attr,
-                       (char*)&sam[1]);
+                                       (char*)&sam[1]);
 
   sam->attr_len = htons (attr_len);
   if (NULL != h->mq)
@@ -1093,7 +1096,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h
   tim->id = htonl (op->r_id);
 
   GNUNET_IDENTITY_ATTRIBUTE_list_serialize (attrs,
-                            (char*)&tim[1]);
+                                            (char*)&tim[1]);
 
   tim->attr_len = htons (attr_len);
   if (NULL != h->mq)