diff options
author | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2017-08-23 09:45:21 +0200 |
---|---|---|
committer | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2017-08-23 11:46:38 +0200 |
commit | bc24105b814b1747bc582433f6036e1ffe128fc8 (patch) | |
tree | 16932382e5b0e42f326af5a1a0cccc7dc1577a03 /src/manager/client/client-manager-impl.cpp | |
parent | 75ebd56f472760551fe27443d7c2779291acdc76 (diff) | |
download | key-manager-bc24105b814b1747bc582433f6036e1ffe128fc8.tar.gz key-manager-bc24105b814b1747bc582433f6036e1ffe128fc8.tar.bz2 key-manager-bc24105b814b1747bc582433f6036e1ffe128fc8.zip |
Ensure key/cert pointer validity before accessing the DER
In many cases the getDER() function is called on a shared_ptr to a key or
certficiate without checking the pointer validity which may lead to segfaults.
Add proper checks before calling the getDER() function.
Change-Id: Ifb209737f14a13f6e7946e21c9d7c1cf5791973e
Diffstat (limited to 'src/manager/client/client-manager-impl.cpp')
-rw-r--r-- | src/manager/client/client-manager-impl.cpp | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/src/manager/client/client-manager-impl.cpp b/src/manager/client/client-manager-impl.cpp index f1b68bb1..fa4f5a9f 100644 --- a/src/manager/client/client-manager-impl.cpp +++ b/src/manager/client/client-manager-impl.cpp @@ -143,7 +143,7 @@ int Manager::Impl::saveBinaryData( int Manager::Impl::saveKey(const Alias &alias, const KeyShPtr &key, const Policy &policy) { - if (key.get() == NULL) + if (key.get() == NULL || key->empty()) return CKM_API_ERROR_INPUT_PARAM; try { @@ -159,7 +159,7 @@ int Manager::Impl::saveCertificate( const CertificateShPtr &cert, const Policy &policy) { - if (cert.get() == NULL) + if (cert.get() == NULL || cert->empty()) return CKM_API_ERROR_INPUT_PARAM; return saveBinaryData(alias, DataType::CERTIFICATE, cert->getDER(), policy); @@ -626,11 +626,17 @@ int Manager::Impl::getCertificateChain( if (!certificate || certificate->empty()) return CKM_API_ERROR_INPUT_PARAM; - for (auto &e : untrustedCertificates) + for (auto &e : untrustedCertificates) { + if (!e || e->empty()) + return CKM_API_ERROR_INPUT_PARAM; untrustedVector.push_back(e->getDER()); + } - for (auto &e : trustedCertificates) + for (auto &e : trustedCertificates) { + if (!e || e->empty()) + return CKM_API_ERROR_INPUT_PARAM; trustedVector.push_back(e->getDER()); + } return getCertChain( m_storageConnection, |