niklas/cyclonedds
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix error handling in generating test signatures

Browse source 
Failure to generate a signature for in handshake tests attempted to free
the address of the pointer, instead of the pointed-to memory (CID
304462).

Signed-off-by: Erik Boasson <eb@ilities.com>
This commit is contained in:
Erik Boasson 2020-06-06 12:42:42 +02:00 committed by eboasson
parent 5588edb33e
commit ca79eeb7b9
3 changed files with 27 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/security/builtin_plugins/tests/common/src/handshake_helper.c
View file

@ -157,8 +157,7 @@ screate_asymmetrical_signature_for_test(
goto err_sign; goto err_sign;
} }
//*signature = ddsrt_malloc(sizeof(unsigned char) * (*signatureLen)); *signature = ddsrt_malloc(*signatureLen);
*signature = OPENSSL_malloc(*signatureLen);
if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) { if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) {
char *msg = get_openssl_error_message_for_test(); char *msg = get_openssl_error_message_for_test();
result = DDS_SECURITY_VALIDATION_FAILED; result = DDS_SECURITY_VALIDATION_FAILED;
@ -550,14 +549,13 @@ create_asymmetrical_signature_for_test(
goto err_sign; goto err_sign;
} }
//*signature = os_malloc(sizeof(unsigned char) * (*signatureLen)); *signature = ddsrt_malloc(*signatureLen);
*signature = OPENSSL_malloc(*signatureLen);
if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) { if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) {
char *msg = get_openssl_error_message_for_test(); char *msg = get_openssl_error_message_for_test();
result = DDS_SECURITY_VALIDATION_FAILED; result = DDS_SECURITY_VALIDATION_FAILED;
DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg); DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg);
ddsrt_free(msg); ddsrt_free(msg);
ddsrt_free(signature); ddsrt_free(*signature);
} }
err_sign: err_sign:

26
src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c
View file

@ -1235,14 +1235,13 @@ create_asymmetrical_signature_for_test(
goto err_sign; goto err_sign;
} }
//*signature = ddsrt_malloc(sizeof(unsigned char) * (*signatureLen)); *signature = ddsrt_malloc(*signatureLen);
*signature = OPENSSL_malloc(*signatureLen);
if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) { if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) {
char *msg = get_openssl_error_message_for_test(); char *msg = get_openssl_error_message_for_test();
result = DDS_SECURITY_VALIDATION_FAILED; result = DDS_SECURITY_VALIDATION_FAILED;
DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg); DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg);
ddsrt_free(msg); ddsrt_free(msg);
ddsrt_free(signature); ddsrt_free(*signature);
} }
err_sign: err_sign:
@ -1777,12 +1776,13 @@ fill_handshake_message_token(
{ {
printf("Exception: %s\n", exception.message); printf("Exception: %s\n", exception.message);
} }
CU_ASSERT_FATAL (rc == DDS_SECURITY_VALIDATION_OK); else
assert(rc == DDS_SECURITY_VALIDATION_OK); // for Clang's static analyzer {
CU_ASSERT_FATAL (rc == DDS_SECURITY_VALIDATION_OK);
set_binary_property_value(signature, "signature", sign, (uint32_t)signlen); assert(rc == DDS_SECURITY_VALIDATION_OK); // for Clang's static analyzer
set_binary_property_value(signature, "signature", sign, (uint32_t)signlen);
ddsrt_free(sign); ddsrt_free(sign);
}
EVP_PKEY_free(private_key_x509); EVP_PKEY_free(private_key_x509);
BIO_free(bio); BIO_free(bio);
} }
@ -1865,9 +1865,11 @@ fill_handshake_message_token(
{ {
printf("Exception: %s\n", exception.message); printf("Exception: %s\n", exception.message);
} }
set_binary_property_value(signature, "signature", sign, (uint32_t)signlen); else
{
ddsrt_free(sign); set_binary_property_value(signature, "signature", sign, (uint32_t)signlen);
ddsrt_free(sign);
}
EVP_PKEY_free(private_key_x509); EVP_PKEY_free(private_key_x509);
BIO_free(bio); BIO_free(bio);
} }

16
src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c
View file

@ -1360,9 +1360,11 @@ fill_handshake_message_token(
{ {
printf("Exception: %s\n", exception.message); printf("Exception: %s\n", exception.message);
} }
set_binary_property_value(signature, "signature", sign, (uint32_t ) signlen); else
{
ddsrt_free(sign); set_binary_property_value(signature, "signature", sign, (uint32_t ) signlen);
ddsrt_free(sign);
}
EVP_PKEY_free(private_key_x509); EVP_PKEY_free(private_key_x509);
BIO_free(bio); BIO_free(bio);
} }
@ -1445,9 +1447,11 @@ fill_handshake_message_token(
{ {
printf("Exception: %s\n", exception.message); printf("Exception: %s\n", exception.message);
} }
set_binary_property_value(signature, "signature", sign, (uint32_t) signlen); else
{
ddsrt_free(sign); set_binary_property_value(signature, "signature", sign, (uint32_t) signlen);
ddsrt_free(sign);
}
EVP_PKEY_free(private_key_x509); EVP_PKEY_free(private_key_x509);
BIO_free(bio); BIO_free(bio);
} }