Skip to content

Fix coverity scan defects #424

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mtrojnar merged 4 commits into from
Mar 31, 2025
Merged

Fix coverity scan defects #424

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
7dc8394
Fix memory management for ministream and difat in MSI output, CID 163…
olszomal Mar 31, 2025
4f2c93c
Simplify error handling in PKCS#7 certificate loading, CID 1639170
olszomal Mar 31, 2025
2637601
Fixed directly dereferencing parameter p7, CID 1576008
olszomal Mar 31, 2025
99c509f
Fixed resource leaks, CID 1639164, 1639165, 1639167, 1639168, 1639169
olszomal Mar 31, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 19 additions & 9 deletions appx.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1488,6 +1488,7 @@ static int zipAppendSignatureFile(BIO *bio, ZIP_FILE *zip, uint8_t *data, uint64

if (!get_current_position(bio, &offset)) {
fprintf(stderr, "Unable to get offset\n");
OPENSSL_free(header.fileName);
OPENSSL_free(dataToWrite);
return 0; /* FAILED */
}
Expand All @@ -1497,6 +1498,7 @@ static int zipAppendSignatureFile(BIO *bio, ZIP_FILE *zip, uint8_t *data, uint64
size_t check;
if (!BIO_write_ex(bio, dataToWrite + written, toWrite, &check)
|| check != toWrite) {
OPENSSL_free(header.fileName);
OPENSSL_free(dataToWrite);
return 0; /* FAILED */
}
Expand Down Expand Up @@ -1591,6 +1593,7 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
{
size_t check;
ZIP_LOCAL_HEADER header;
int ret = 0;

memset(&header, 0, sizeof(header));
if (entry->offsetOfLocalHeader >= (uint64_t)zip->fileSize) {
Expand All @@ -1601,7 +1604,7 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
return 0; /* FAILED */
}
if (!zipReadLocalHeader(&header, zip, entry->compressedSize)) {
return 0; /* FAILED */
goto out;
}
if (entry->overrideData) {
header.compressedSize = entry->overrideData->compressedSize;
Expand All @@ -1612,14 +1615,14 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
if (entry->overrideData) {
if (!BIO_write_ex(bio, entry->overrideData->data, entry->overrideData->compressedSize, &check)
|| check != entry->overrideData->compressedSize) {
return 0; /* FAILED */
goto out;
}
if (entry->compressedSize > (uint64_t)zip->fileSize - entry->offsetOfLocalHeader) {
fprintf(stderr, "Corrupted compressedSize : 0x%08" PRIX64 "\n", entry->compressedSize);
return 0; /* FAILED */
goto out;
}
if (fseeko(zip->file, (int64_t)entry->compressedSize, SEEK_CUR) < 0) {
return 0; /* FAILED */
goto out;
}
*sizeOnDisk += entry->overrideData->compressedSize;
} else {
Expand All @@ -1630,12 +1633,12 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
size_t size = fread(data, 1, toWrite, zip->file);
if (size != toWrite) {
OPENSSL_free(data);
return 0; /* FAILED */
goto out;
}
if (!BIO_write_ex(bio, data, toWrite, &check)
|| check != toWrite) {
OPENSSL_free(data);
return 0; /* FAILED */
goto out;
}
*sizeOnDisk += toWrite;
len -= toWrite;
Expand All @@ -1654,19 +1657,21 @@ static int zipRewriteData(ZIP_FILE *zip, ZIP_CENTRAL_DIRECTORY_ENTRY *entry, BIO
}
if (zip->isZip64) {
if (fseeko(zip->file, 24, SEEK_CUR) < 0) {
return 0; /* FAILED */
goto out;
}
*sizeOnDisk += 24;
} else {
if (fseeko(zip->file, 16, SEEK_CUR) < 0) {
return 0; /* FAILED */
goto out;
}
*sizeOnDisk += 16;
}
}
ret = 1; /* OK */
out:
OPENSSL_free(header.fileName);
OPENSSL_free(header.extraField);
return 1; /* OK */
return ret;
}

/*
Expand Down Expand Up @@ -1835,6 +1840,8 @@ static size_t zipReadFileData(ZIP_FILE *zip, uint8_t **pData, ZIP_CENTRAL_DIRECT
uncompressedSize = entry->uncompressedSize;
memset(&header, 0, sizeof(header));
if (!zipReadLocalHeader(&header, zip, compressedSize)) {
OPENSSL_free(header.fileName);
OPENSSL_free(header.extraField);
return 0; /* FAILED */
}
if (header.fileNameLen != entry->fileNameLen
Expand All @@ -1843,6 +1850,8 @@ static size_t zipReadFileData(ZIP_FILE *zip, uint8_t **pData, ZIP_CENTRAL_DIRECT
|| header.uncompressedSize != uncompressedSize
|| header.compression != entry->compression) {
fprintf(stderr, "Local header does not match central directory entry\n");
OPENSSL_free(header.fileName);
OPENSSL_free(header.extraField);
return 0; /* FAILED */
}
/* we don't really need those */
Expand Down Expand Up @@ -2144,6 +2153,7 @@ static int zipDeflate(uint8_t *dest, uint64_t *destLen, uint8_t *source, uLong s

err = deflateInit2(&stream, 8, Z_DEFLATED, -MAX_WBITS, 8, Z_DEFAULT_STRATEGY);
if (err != Z_OK) {
deflateEnd(&stream);
return err;
}
stream.next_out = dest;
Expand Down
5 changes: 4 additions & 1 deletion msi.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1785,7 +1785,6 @@ static int ministream_save(MSI_DIRENT *dirent, BIO *outdata, MSI_OUT *out)
dirent->entry->startSectorLocation = out->sectorNum;
/* ministream save */
BIO_write(outdata, out->ministream, (int)out->miniStreamLen);
OPENSSL_free(out->ministream);
/* fill to the end with known data, such as all zeroes */
if (out->miniStreamLen % out->sectorSize > 0) {
remain = out->sectorSize - out->miniStreamLen % out->sectorSize;
Expand Down Expand Up @@ -2186,6 +2185,8 @@ static int msiout_set(MSI_FILE *msi, uint32_t len_msi, uint32_t len_msiex, MSI_O
out->header = header_new(msi->m_hdr, out);
out->minifatMemallocCount = msi->m_hdr->numMiniFATSector;
out->fatMemallocCount = msi->m_hdr->numFATSector;
out->difatMemallocCount = 0;
out->difat = NULL;
out->ministream = NULL;
out->minifat = OPENSSL_malloc((uint64_t)out->minifatMemallocCount * out->sectorSize);
out->fat = OPENSSL_malloc((uint64_t)out->fatMemallocCount * out->sectorSize);
Expand Down Expand Up @@ -2226,7 +2227,9 @@ static int msi_file_write(MSI_FILE *msi, MSI_DIRENT *dirent, u_char *p_msi, uint
out:
OPENSSL_free(out.header);
OPENSSL_free(out.fat);
OPENSSL_free(out.difat);
OPENSSL_free(out.minifat);
OPENSSL_free(out.ministream);
return ret;
}

Expand Down
4 changes: 2 additions & 2 deletions osslsigncode.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1357,7 +1357,7 @@ static int add_unauthenticated_blob(PKCS7 *p7, const char *blob_file)
fprintf(stderr, "Failed to obtain PKCS#7 signer info list\n");
return 0; /* FAILED */
}
si = sk_PKCS7_SIGNER_INFO_value(p7->d.sign->signer_info, 0);
si = sk_PKCS7_SIGNER_INFO_value(signer_info, 0);
if (!si) {
fprintf(stderr, "Failed to obtain signer info from PKCS#7 structure\n");
return 0; /* FAILED */
Expand Down Expand Up @@ -4269,7 +4269,7 @@ static int read_crypto_params(GLOBAL_OPTIONS *options)

/* OpenSSL store API does not support PKCS#7 format */
if (sk_X509_num(options->certs) == 0 && !read_pkcs7_certfile(options)) {
goto out;
return 0; /* FAILED */
}
out:
return (options->pkey && sk_X509_num(options->certs) > 0) ? 1 : 0;
Expand Down