summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSangwan Kwon <sangwan.kwon@samsung.com>2020-02-17 10:00:02 +0900
committerSangwan Kwon <sangwan.kwon@samsung.com>2020-02-17 11:28:00 +0900
commitc530d32354baeb7b437168ebb3fec286231edf45 (patch)
tree04233c90420f2a351ed4e2773e961cfc4d92902d
parentd373dc45350f5b71aaf31768cbcbbe11ddf00a86 (diff)
downloadpubkey-pinning-tizen.tar.gz
pubkey-pinning-tizen.tar.bz2
pubkey-pinning-tizen.zip
Fix coverity defectsubmit/tizen/20200217.042237accepted/tizen/unified/20200218.145930tizenaccepted/tizen_unified
- Incorrect deallocator used - Bad bit shift operation Change-Id: I2ea1f33da459ee62883be6038dfd7268d2782558 Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
Diffstat
-rw-r--r--src/common/net/http/transport_security_state.cpp4
-rw-r--r--src/curl/tpkp_curl.cpp2
2 files changed, 5 insertions, 1 deletions
diff --git a/src/common/net/http/transport_security_state.cpp b/src/common/net/http/transport_security_state.cpp
index d3b5db5..9703f2d 100644
--- a/src/common/net/http/transport_security_state.cpp
+++ b/src/common/net/http/transport_security_state.cpp
@@ -30,6 +30,8 @@
// This file is subset of chromium-efl/net/http/transport_security_state.cc
+#include <stdexcept>
+
#include "net/http/transport_security_state.h"
#include "net/http/transport_security_state_static.h"
#include "base/logging.h"
@@ -68,6 +70,8 @@ class BitReader {
// insufficient bits in the input or true otherwise.
bool Read(unsigned num_bits, uint32* out) {
DCHECK_LE(num_bits, 32u);
+ if (num_bits > 32u)
+ throw std::invalid_argument("num_bits should be less equal than 32u.");
uint32 ret = 0;
for (unsigned i = 0; i < num_bits; ++i) {
diff --git a/src/curl/tpkp_curl.cpp b/src/curl/tpkp_curl.cpp
index 2e7dd0a..5982754 100644
--- a/src/curl/tpkp_curl.cpp
+++ b/src/curl/tpkp_curl.cpp
@@ -69,7 +69,7 @@ TPKP::RawBuffer getPubkeyHash(X509 *cert, TPKP::HashAlgo algo)
TPKP_E_INVALID_CERT, "Failed to convert pem pubkey to der.");
TPKP::RawBuffer pubkeyder(der, der + len);
- free(der);
+ OPENSSL_free(der);
unsigned char *hashResult = nullptr;
TPKP::RawBuffer out;
switch (algo) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 16:29:43 +0000