diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-10-03 09:09:00 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-10-03 09:09:00 +0000 |
commit | 36d366fdd3e1878ea909a64c6c6714d56f7de044 (patch) | |
tree | f6de84e95c9c16d1673f92aff1b0d98c6f1e8d44 /src | |
parent | 03db4502495eb31346d2978c3d9e37fdeaf93d73 (diff) | |
download | gnutls-36d366fdd3e1878ea909a64c6c6714d56f7de044.tar.gz |
Applied patch by Arne that fixes several possible NULL pointer dereferences.
Diffstat (limited to 'src')
-rw-r--r-- | src/cli.c | 8 | ||||
-rw-r--r-- | src/common.c | 20 | ||||
-rw-r--r-- | src/common.h | 2 | ||||
-rw-r--r-- | src/serv.c | 23 |
4 files changed, 35 insertions, 18 deletions
@@ -35,7 +35,7 @@ #include <sys/time.h> #include <signal.h> #include <netdb.h> -#include <common.h> +#include "common.h" #include "cli-gaa.h" #ifndef SHUT_WR @@ -222,7 +222,7 @@ static int handle_error(socket_st hd, int err) } str = gnutls_strerror(err); - if (str == NULL) str = "(unknown)"; + if (str == NULL) str = str_unknown; fprintf(stderr, "*** %s error: %s\n", err_type, str); @@ -230,7 +230,7 @@ static int handle_error(socket_st hd, int err) || err == GNUTLS_E_FATAL_ALERT_RECEIVED) { alert = gnutls_alert_get(hd.session); str = gnutls_alert_get_name(alert); - if (str == NULL) str = "(unknown)"; + if (str == NULL) str = str_unknown; printf("*** Received alert [%d]: %s\n", alert, str); } @@ -240,7 +240,7 @@ static int handle_error(socket_st hd, int err) return ret; } -int starttls_alarmed; +int starttls_alarmed = 0; void starttls_alarm (int signum) { diff --git a/src/common.c b/src/common.c index 4fbd6132a8..702136bd2a 100644 --- a/src/common.c +++ b/src/common.c @@ -15,6 +15,8 @@ int xml = 0; #define PRINT_PGP_NAME(X) PRINTX( "NAME:", X.name); \ PRINTX( "EMAIL:", X.email) +const char str_unknown[] = "(unknown)"; + static const char *my_ctime(const time_t * tv) { static char buf[256]; @@ -22,7 +24,7 @@ static const char *my_ctime(const time_t * tv) if ( ( (tp = localtime(tv)) == NULL ) || (!strftime(buf, sizeof buf, "%a %b %e %H:%M:%S %Z %Y\n", tp)) ) - strcpy(buf, "unknown"); /* make sure buf text isn't garbage */ + strcpy(buf, str_unknown);/* make sure buf text isn't garbage */ return buf; @@ -64,7 +66,7 @@ void print_x509_info(gnutls_session session, const char* hostname) GNUTLS_X509_FMT_DER); if (ret < 0) { const char* str = gnutls_strerror(ret); - if (str == NULL) str = "(unknown)"; + if (str == NULL) str = str_unknown; fprintf(stderr, "Decoding error: %s\n", str); return; } @@ -90,7 +92,7 @@ void print_x509_info(gnutls_session session, const char* hostname) ret = gnutls_x509_crt_to_xml( crt, &xml_data, 0); if (ret < 0) { const char* str = gnutls_strerror(ret); - if (str == NULL) str = "(unknown)"; + if (str == NULL) str = str_unknown; fprintf(stderr, "XML encoding error: %s\n", str); return; @@ -127,7 +129,7 @@ void print_x509_info(gnutls_session session, const char* hostname) if ((ret=gnutls_x509_crt_get_fingerprint(crt, GNUTLS_DIG_MD5, digest, &digest_size)) < 0) { const char* str = gnutls_strerror(ret); - if (str == NULL) str = "(unknown)"; + if (str == NULL) str = str_unknown; fprintf(stderr, "Error in fingerprint calculation: %s\n", str); } else { print = printable; @@ -354,19 +356,19 @@ int print_info(gnutls_session session, const char* hostname) tmp = gnutls_protocol_get_name(gnutls_protocol_get_version(session)); - printf("- Version: %s\n", tmp); + if (tmp != NULL) printf("- Version: %s\n", tmp); tmp = gnutls_kx_get_name(kx); - printf("- Key Exchange: %s\n", tmp); + if (tmp != NULL) printf("- Key Exchange: %s\n", tmp); tmp = gnutls_cipher_get_name(gnutls_cipher_get(session)); - printf("- Cipher: %s\n", tmp); + if (tmp != NULL) printf("- Cipher: %s\n", tmp); tmp = gnutls_mac_get_name(gnutls_mac_get(session)); - printf("- MAC: %s\n", tmp); + if (tmp != NULL) printf("- MAC: %s\n", tmp); tmp = gnutls_compression_get_name(gnutls_compression_get(session)); - printf("- Compression: %s\n", tmp); + if (tmp != NULL) printf("- Compression: %s\n", tmp); fflush (stdout); diff --git a/src/common.h b/src/common.h index 594b33ea9e..7def7bde99 100644 --- a/src/common.h +++ b/src/common.h @@ -7,6 +7,8 @@ */ #define PRI_MAX 16 +extern const char str_unknown[]; + int print_info( gnutls_session state, const char* hostname); void print_cert_info( gnutls_session state, const char* hostname); void print_list(void); diff --git a/src/serv.c b/src/serv.c index 74a3a2bb59..0ffebc8f4a 100644 --- a/src/serv.c +++ b/src/serv.c @@ -87,7 +87,7 @@ char *x509_crlfile = NULL; #define SA struct sockaddr #define ERR(err,s) if(err==-1) {perror(s);return(1);} -#define GERR(ret) fprintf(stdout, "Error: %s\n", gnutls_strerror(ret)) +#define GERR(ret) fprintf(stdout, "Error: %s\n", safe_strerror(ret)) #define MAX_BUF 1024 #undef max @@ -134,6 +134,12 @@ LIST_TYPE_DECLARE(listener_item, char *http_request; int http_state; int fd; gnutls_session tls_session; int handshake_ok;); +static const char *safe_strerror(int value) +{ const char *ret = gnutls_strerror(value); + if (ret == NULL) ret = str_unknown; + return ret; +} + static void listener_free(listener_item * j) { if (j->http_request) @@ -213,7 +219,7 @@ static void read_dh_params(void) size = gnutls_dh_params_import_pkcs3( dh_params, ¶ms, GNUTLS_X509_FMT_PEM); if (size < 0) { - fprintf(stderr, "Error parsing dh params: %s\n", gnutls_strerror(size)); + fprintf(stderr, "Error parsing dh params: %s\n", safe_strerror(size)); exit(1); } @@ -385,6 +391,7 @@ char *peer_print_info(gnutls_session session, int *ret_length, strcat(http_buffer, "<P>\n"); tmp = gnutls_protocol_get_name(gnutls_protocol_get_version(session)); + if (tmp == NULL) tmp = str_unknown; sprintf(tmp2, "<TABLE border=1><TR><TD>Protocol version:</TD><TD>%s</TD></TR>\n", tmp); @@ -393,25 +400,31 @@ char *peer_print_info(gnutls_session session, int *ret_length, tmp = gnutls_certificate_type_get_name(gnutls_certificate_type_get (session)); + if (tmp == NULL) tmp = str_unknown; sprintf(tmp2, "<TR><TD>Certificate Type:</TD><TD>%s</TD></TR>\n", tmp); } tmp = gnutls_kx_get_name(kx_alg); + if (tmp == NULL) tmp = str_unknown; sprintf(tmp2, "<TR><TD>Key Exchange:</TD><TD>%s</TD></TR>\n", tmp); tmp = gnutls_compression_get_name(gnutls_compression_get(session)); + if (tmp == NULL) tmp = str_unknown; sprintf(tmp2, "<TR><TD>Compression</TD><TD>%s</TD></TR>\n", tmp); tmp = gnutls_cipher_get_name(gnutls_cipher_get(session)); + if (tmp == NULL) tmp = str_unknown; sprintf(tmp2, "<TR><TD>Cipher</TD><TD>%s</TD></TR>\n", tmp); tmp = gnutls_mac_get_name(gnutls_mac_get(session)); + if (tmp == NULL) tmp = str_unknown; sprintf(tmp2, "<TR><TD>MAC</TD><TD>%s</TD></TR>\n", tmp); tmp = gnutls_cipher_suite_get_name(kx_alg, gnutls_cipher_get(session), gnutls_mac_get(session)); + if (tmp == NULL) tmp = str_unknown; sprintf(tmp2, "<TR><TD>Ciphersuite</TD><TD>%s</TD></TR></p></TABLE>\n", tmp); @@ -537,8 +550,8 @@ int main(int argc, char **argv) signal(SIGPIPE, SIG_IGN); signal(SIGHUP, SIG_IGN); signal(SIGTERM, terminate); - signal(SIGINT, terminate); - /* CHECKME: background processes shouldn't handle SIGINT! */ + if (signal(SIGINT, terminate) == SIG_IGN) + signal(SIGINT, SIG_IGN); /* e.g. background process */ gaa_parser(argc, argv); @@ -1108,7 +1121,7 @@ recv_openpgp_key(gnutls_session session, const unsigned char *keyfpr, unsigned int keyfpr_length, gnutls_datum * key) { static const char hostname[] = "hkp://wwwkeys.pgp.net"; - static const short port = 11371; + static const int port = 11371; int rc; CDK_KBNODE knode = NULL; unsigned int i; |