diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-07-29 15:41:26 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-08-01 13:42:07 +0900 |
commit | f732baaeb6fc2e9872696cb381b90b8c523d0c53 (patch) | |
tree | f60b7f7af36fd3892dfbbb9e5934ea6ca4b4cc71 | |
parent | 0f64042b733dfc42709af8a38d21679060c239af (diff) | |
download | xmlsec1-f732baaeb6fc2e9872696cb381b90b8c523d0c53.tar.gz xmlsec1-f732baaeb6fc2e9872696cb381b90b8c523d0c53.tar.bz2 xmlsec1-f732baaeb6fc2e9872696cb381b90b8c523d0c53.zip |
Replace vulnerable function to thread safety
* rand() -> rand_r()
* strcpy() -> strncpy()
* sprintf() -> snprintf()
* strerror() -> strerror_r()
Change-Id: Ib6d91ac0f5c75a54b3be5546ba281c53b1844828
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | src/errors.c | 2 | ||||
-rw-r--r-- | src/io.c | 8 | ||||
-rw-r--r-- | src/openssl/app.c | 3 | ||||
-rw-r--r-- | src/templates.c | 2 | ||||
-rw-r--r-- | src/transforms.c | 2 | ||||
-rw-r--r-- | src/xmldsig.c | 330 | ||||
-rw-r--r-- | src/xmltree.c | 4 | ||||
-rw-r--r-- | src/xpath.c | 7 |
8 files changed, 181 insertions, 177 deletions
diff --git a/src/errors.c b/src/errors.c index 1c7e989e..2cb0801d 100644 --- a/src/errors.c +++ b/src/errors.c @@ -236,7 +236,7 @@ xmlSecError(const char* file, int line, const char* func, for(i = 0; (i < XMLSEC_ERRORS_MAX_NUMBER) && (xmlSecErrorsGetMsg(i) != NULL); ++i) { if(xmlSecErrorsGetCode(i) == reason) { e_msg = xmlSecErrorsGetMsg(i); - sprintf(error_msg , "%s] [", e_msg); + snprintf(error_msg, sizeof(error_msg), "%s] [", e_msg); len = strlen(error_msg); break; } @@ -33,6 +33,8 @@ #include <xmlsec/io.h> #include <xmlsec/errors.h> +#define ERR_BUF_SIZE 1024 + /******************************************************************* * * Input I/O callback sets @@ -419,6 +421,7 @@ xmlSecTransformInputURIOpen(xmlSecTransformPtr transform, const xmlChar *uri) { } } + char buf[ERR_BUF_SIZE]; if((ctx->clbks == NULL) || (ctx->clbksCtx == NULL)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), @@ -426,7 +429,7 @@ xmlSecTransformInputURIOpen(xmlSecTransformPtr transform, const xmlChar *uri) { XMLSEC_ERRORS_R_IO_FAILED, "uri=%s;error=%s", xmlSecErrorsSafeString(uri), - strerror(errno)); + strerror_r(errno, buf, sizeof(buf))); return(-1); } @@ -519,11 +522,12 @@ xmlSecTransformInputURIPopBin(xmlSecTransformPtr transform, xmlSecByte* data, if((ctx->clbksCtx != NULL) && (ctx->clbks != NULL) && (ctx->clbks->readcallback != NULL)) { ret = (ctx->clbks->readcallback)(ctx->clbksCtx, (char*)data, (int)maxDataSize); if(ret < 0) { + char buf[ERR_BUF_SIZE]; xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "readcallback", XMLSEC_ERRORS_R_IO_FAILED, - "error=%s", strerror(errno)); + "error=%s", strerror_r(errno, buf, sizeof(buf))); return(-1); } (*dataSize) = ret; diff --git a/src/openssl/app.c b/src/openssl/app.c index 373e03a8..8e519883 100644 --- a/src/openssl/app.c +++ b/src/openssl/app.c @@ -1631,7 +1631,8 @@ xmlSecOpenSSLDummyPasswordCallback(char *buf, int bufsize, return(-1); } - strcpy(buf, password); + strncpy(buf, password, strlen(password) + 1); + return (strlen(buf)); } diff --git a/src/templates.c b/src/templates.c index 374917c9..8764da40 100644 --- a/src/templates.c +++ b/src/templates.c @@ -1772,7 +1772,7 @@ xmlSecTmplTransformAddHmacOutputLength(xmlNodePtr transformNode, xmlSecSize bits return(-1); } - sprintf(buf, "%u", bitsLen); + snprintf(buf, sizeof(buf), "%u", bitsLen); xmlNodeSetContent(cur, BAD_CAST buf); return(0); } diff --git a/src/transforms.c b/src/transforms.c index b1f16f74..2761929f 100644 --- a/src/transforms.c +++ b/src/transforms.c @@ -925,7 +925,7 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP "size=%d", size); return(-1); } - sprintf((char*)buf, tmpl, xptr + 1); + snprintf((char*)buf, size * sizeof(xmlChar), tmpl, xptr + 1); xptr = buf; nodeSetType = xmlSecNodeSetTreeWithoutComments; } diff --git a/src/xmldsig.c b/src/xmldsig.c index 1c45fd0e..7d8760b7 100644 --- a/src/xmldsig.c +++ b/src/xmldsig.c @@ -1657,7 +1657,7 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP /* finally get transforms results */ ret = xmlSecTransformCtxExecute(transformCtx, node->doc); if(ret < 0) { - sprintf(logMsg, "uri:%s", (char*)dsigRefCtx->uri); + snprintf(logMsg, sizeof(logMsg), "uri:%s", (char*)dsigRefCtx->uri); logMsg[strlen(dsigRefCtx->uri)+5] = '\0'; xmlSecError(XMLSEC_ERRORS_HERE, NULL, @@ -1690,7 +1690,7 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod, digestValueNode, transformCtx); if(ret < 0) { - sprintf(logMsg, "uri:%s", (char*)dsigRefCtx->uri); + snprintf(logMsg, sizeof(logMsg), "uri:%s", (char*)dsigRefCtx->uri); logMsg[strlen(dsigRefCtx->uri)+5] = '\0'; xmlSecError(XMLSEC_ERRORS_HERE, NULL, @@ -1928,7 +1928,8 @@ xmlSecDSigCtxProcessSignatureNodeEx (xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, _start xmlSecAssert2(dsigCtx != NULL, -1); - xmlSecAssert2((dsigCtx->operation == xmlSecTransformOperationSign) || (dsigCtx->operation == xmlSecTransformOperationVerify), -1); + xmlSecAssert2((dsigCtx->operation == xmlSecTransformOperationSign) || + (dsigCtx->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1); xmlSecAssert2(dsigCtx->signValueNode == NULL, -1); xmlSecAssert2(dsigCtx->signMethod == NULL, -1); @@ -1943,7 +1944,7 @@ xmlSecDSigCtxProcessSignatureNodeEx (xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, "expected=%s", xmlSecErrorsSafeString(xmlSecNodeSignature)); return(-1); - } + } /* read node data */ xmlSecAssert2(dsigCtx->id == NULL, -1); @@ -2132,7 +2133,7 @@ xmlSecDSigCtxProcessSignedInfoNodeEx(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, ret = -1; goto error; } - } else if(dsigCtx->defC14NMethodId != xmlSecTransformIdUnknown) { + } else if(dsigCtx->defC14NMethodId != xmlSecTransformIdUnknown) { /* the dsig spec does require CanonicalizationMethod node * to be present but in some case it application might decide to * minimize traffic */ @@ -2228,47 +2229,47 @@ xmlSecDSigCtxProcessSignedInfoNodeEx(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, XMLSEC_ERRORS_NO_MESSAGE); ret = -1; goto error; - } - - /* add to the list */ - ret = xmlSecPtrListAdd(&(dsigCtx->signedInfoReferences), dsigRefCtx); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecPtrListAdd", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - xmlSecDSigReferenceCtxDestroy(dsigRefCtx); - ret = -1; - goto error; } - /* process */ - if(noHash != 1){ //if 0, then partial ///if 1, then no_hash - ret = xmlSecDSigReferenceCtxProcessNodeEx(dsigRefCtx, cur, noHash, pList); + /* add to the list */ + ret = xmlSecPtrListAdd(&(dsigCtx->signedInfoReferences), dsigRefCtx); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, - "xmlSecDSigReferenceCtxProcessNode", + "xmlSecPtrListAdd", XMLSEC_ERRORS_R_XMLSEC_FAILED, - "node=%s", - xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); - + XMLSEC_ERRORS_NO_MESSAGE); + xmlSecDSigReferenceCtxDestroy(dsigRefCtx); ret = -1; goto error; + } + + /* process */ + if(noHash != 1) { //if 0, then partial ///if 1, then no_hash + ret = xmlSecDSigReferenceCtxProcessNodeEx(dsigRefCtx, cur, noHash, pList); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecDSigReferenceCtxProcessNode", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); + + ret = -1; + goto error; } - } + } - dsigRefCtx->status = xmlSecDSigStatusSucceeded; + dsigRefCtx->status = xmlSecDSigStatusSucceeded; - /* bail out if next Reference processing failed */ - if(dsigRefCtx->status != xmlSecDSigStatusSucceeded) { - xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, "###### false"); - dsigCtx->status = xmlSecDSigStatusInvalid; - ret = -1; - goto error; + /* bail out if next Reference processing failed */ + if(dsigRefCtx->status != xmlSecDSigStatusSucceeded) { + xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, "###### false"); + dsigCtx->status = xmlSecDSigStatusInvalid; + ret = -1; + goto error; } - cur = xmlSecGetNextElementNode(cur->next); + cur = xmlSecGetNextElementNode(cur->next); } /* check that we have at least one Reference */ @@ -2280,7 +2281,7 @@ xmlSecDSigCtxProcessSignedInfoNodeEx(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, XMLSEC_ERRORS_NO_MESSAGE); ret = -1; goto error; - } + } /* if there is something left than it's an error */ if(cur != NULL) { @@ -2291,7 +2292,7 @@ xmlSecDSigCtxProcessSignedInfoNodeEx(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, XMLSEC_ERRORS_NO_MESSAGE); ret = -1; goto error; - } + } _end error: return(ret); @@ -2321,28 +2322,27 @@ xmlSecDSigReferenceCtxProcessNodeEx(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNod transformCtx = &(dsigRefCtx->transformCtx); - if(pList == NULL){ + if(pList == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_R_UNEXPECTED_NODE, XMLSEC_ERRORS_NO_MESSAGE); return(-1); - } + } /* read attributes first */ dsigRefCtx->uri = xmlGetProp(node, xmlSecAttrURI); - while(pNextTmp[i] != NULL) - { - len = strlen(pNextTmp[i]); - cmpResult = strncmp((const char *)dsigRefCtx->uri, (const char *)pNextTmp[i], len); - if( cmpResult == 0 ) { - sprintf(logMsg, "uri: %s", (char*)pNextTmp[i]); - xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, logMsg); - break; - } - ++i; + while(pNextTmp[i] != NULL) { + len = strlen(pNextTmp[i]); + cmpResult = strncmp((const char *)dsigRefCtx->uri, (const char *)pNextTmp[i], len); + if(cmpResult == 0) { + snprintf(logMsg, sizeof(logMsg), "uri: %s", (char*)pNextTmp[i]); + xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, logMsg); + break; + } + ++i; } if(cmpResult != 0) { @@ -2363,31 +2363,30 @@ xmlSecDSigReferenceCtxProcessNodeEx(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNod "uri=%s", xmlSecErrorsSafeString(dsigRefCtx->uri)); return(-1); - } + } /* first is optional Transforms node */ cur = xmlSecGetNextElementNode(node->children); if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeTransforms, xmlSecDSigNs))) { - ret = xmlSecTransformCtxNodesListRead(transformCtx, - cur, xmlSecTransformUsageDSigTransform); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, + ret = xmlSecTransformCtxNodesListRead(transformCtx, + cur, xmlSecTransformUsageDSigTransform); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, NULL, - "xmlSecTransformCtxNodesListRead", + "xmlSecTransformCtxNodesListRead", XMLSEC_ERRORS_R_XMLSEC_FAILED, "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); return(-1); - } - - cur = xmlSecGetNextElementNode(cur->next); - } + } + cur = xmlSecGetNextElementNode(cur->next); + } /* insert membuf if requested */ if(((dsigRefCtx->origin == xmlSecDSigReferenceOriginSignedInfo) && - ((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES) != 0)) || - ((dsigRefCtx->origin == xmlSecDSigReferenceOriginManifest) && - ((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES) != 0))) { + ((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES) != 0)) || + ((dsigRefCtx->origin == xmlSecDSigReferenceOriginManifest) && + ((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES) != 0))) { xmlSecAssert2(dsigRefCtx->preDigestMemBufMethod == NULL, -1); dsigRefCtx->preDigestMemBufMethod = xmlSecTransformCtxCreateAndAppend( transformCtx, @@ -2400,8 +2399,8 @@ xmlSecDSigReferenceCtxProcessNodeEx(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNod "transform=%s", xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId))); return(-1); - } } + } /* next node is required DigestMethod. */ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDigestMethod, xmlSecDSigNs))) { @@ -2415,140 +2414,139 @@ xmlSecDSigReferenceCtxProcessNodeEx(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNod "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); return(-1); - } - cur = xmlSecGetNextElementNode(cur->next); - } else if(dsigRefCtx->dsigCtx->defSignMethodId != xmlSecTransformIdUnknown) { - /* the dsig spec does require DigestMethod node - * to be present but in some case it application might decide to - * minimize traffic */ - dsigRefCtx->digestMethod = xmlSecTransformCtxCreateAndAppend(&(dsigRefCtx->transformCtx), - dsigRefCtx->dsigCtx->defSignMethodId); - if(dsigRefCtx->digestMethod == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecTransformCtxAppend", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - } else { + } + cur = xmlSecGetNextElementNode(cur->next); + } else if(dsigRefCtx->dsigCtx->defSignMethodId != xmlSecTransformIdUnknown) { + /* the dsig spec does require DigestMethod node + * to be present but in some case it application might decide to + * minimize traffic */ + dsigRefCtx->digestMethod = xmlSecTransformCtxCreateAndAppend(&(dsigRefCtx->transformCtx), + dsigRefCtx->dsigCtx->defSignMethodId); + if(dsigRefCtx->digestMethod == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, - xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), - XMLSEC_ERRORS_R_INVALID_NODE, - "expected=%s", - xmlSecErrorsSafeString(xmlSecNodeDigestMethod)); + "xmlSecTransformCtxAppend", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); return(-1); } + } else { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), + XMLSEC_ERRORS_R_INVALID_NODE, + "expected=%s", + xmlSecErrorsSafeString(xmlSecNodeDigestMethod)); + return(-1); + } - dsigRefCtx->digestMethod->operation = dsigRefCtx->dsigCtx->operation; + dsigRefCtx->digestMethod->operation = dsigRefCtx->dsigCtx->operation; - /* last node is required DigestValue */ - if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDigestValue, xmlSecDSigNs))) { - digestValueNode = cur; - cur = xmlSecGetNextElementNode(cur->next); - } else { + /* last node is required DigestValue */ + if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDigestValue, xmlSecDSigNs))) { + digestValueNode = cur; + cur = xmlSecGetNextElementNode(cur->next); + } else { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeDigestValue)); + return(-1); + } + + /* if we have something else then it's an error */ + if(cur != NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), + XMLSEC_ERRORS_R_UNEXPECTED_NODE, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + + /* if we need to write result to xml node then we need base64 encode result */ + if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) { + xmlSecTransformPtr base64Encode; + + /* we need to add base64 encode transform */ + base64Encode = xmlSecTransformCtxCreateAndAppend(transformCtx, xmlSecTransformBase64Id); + if(base64Encode == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, - xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), + "xmlSecTransformCtxCreateAndAppend", XMLSEC_ERRORS_R_XMLSEC_FAILED, - "node=%s", - xmlSecErrorsSafeString(xmlSecNodeDigestValue)); + XMLSEC_ERRORS_NO_MESSAGE); return(-1); } + base64Encode->operation = xmlSecTransformOperationEncode; + } - /* if we have something else then it's an error */ - if(cur != NULL) { + /* finally get transforms results */ + ret = xmlSecTransformCtxExecute(transformCtx, node->doc); + if(ret < 0) { + snprintf(logMsg, sizeof(logMsg), "uri:%s", (char*)dsigRefCtx->uri); + logMsg[strlen(dsigRefCtx->uri)+5] = '\0'; + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecTransformCtxExecute", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + logMsg); + return(-1); + } + + dsigRefCtx->result = transformCtx->result; + + if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) { + if((dsigRefCtx->result == NULL) || (xmlSecBufferGetData(dsigRefCtx->result) == NULL)) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, - xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), - XMLSEC_ERRORS_R_UNEXPECTED_NODE, + "xmlSecTransformCtxExecute", + XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); - } - - /* if we need to write result to xml node then we need base64 encode result */ - if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) { - xmlSecTransformPtr base64Encode; - - /* we need to add base64 encode transform */ - base64Encode = xmlSecTransformCtxCreateAndAppend(transformCtx, xmlSecTransformBase64Id); - if(base64Encode == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecTransformCtxCreateAndAppend", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - base64Encode->operation = xmlSecTransformOperationEncode; } - /* finally get transforms results */ - ret = xmlSecTransformCtxExecute(transformCtx, node->doc); + /* write signed data to xml */ + xmlNodeSetContentLen(digestValueNode, + xmlSecBufferGetData(dsigRefCtx->result), + xmlSecBufferGetSize(dsigRefCtx->result)); + + /* set success status and we are done */ + dsigRefCtx->status = xmlSecDSigStatusSucceeded; + } else { + /* verify SignatureValue node content */ + ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod, + digestValueNode, transformCtx); if(ret < 0) { - sprintf(logMsg, "uri:%s", (char*)dsigRefCtx->uri); - logMsg[strlen(dsigRefCtx->uri)+5] = '\0'; - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecTransformCtxExecute", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - logMsg); - return(-1); + snprintf(logMsg, sizeof(logMsg), "uri:%s", (char*)dsigRefCtx->uri); + logMsg[strlen(dsigRefCtx->uri)+5] = '\0'; + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecTransformVerifyNodeContent", + XMLSEC_ERRORS_R_XMLSEC_FAILED, logMsg); + return(-1); } - dsigRefCtx->result = transformCtx->result; - - if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) { - if((dsigRefCtx->result == NULL) || (xmlSecBufferGetData(dsigRefCtx->result) == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecTransformCtxExecute", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - /* write signed data to xml */ - xmlNodeSetContentLen(digestValueNode, - xmlSecBufferGetData(dsigRefCtx->result), - xmlSecBufferGetSize(dsigRefCtx->result)); - - /* set success status and we are done */ + /* set status and we are done */ + if(dsigRefCtx->digestMethod->status == xmlSecTransformStatusOk) { dsigRefCtx->status = xmlSecDSigStatusSucceeded; } else { - /* verify SignatureValue node content */ - ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod, - digestValueNode, transformCtx); - if(ret < 0) { - sprintf(logMsg, "uri:%s", (char*)dsigRefCtx->uri); - logMsg[strlen(dsigRefCtx->uri)+5] = '\0'; - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecTransformVerifyNodeContent", - XMLSEC_ERRORS_R_XMLSEC_FAILED, logMsg); - return(-1); - } - - /* set status and we are done */ - if(dsigRefCtx->digestMethod->status == xmlSecTransformStatusOk) { - dsigRefCtx->status = xmlSecDSigStatusSucceeded; - } else { - dsigRefCtx->status = xmlSecDSigStatusInvalid; - } + dsigRefCtx->status = xmlSecDSigStatusInvalid; } + } - if(dsigRefCtx->digestMethod->status == xmlSecTransformStatusOk) { - dsigRefCtx->status = xmlSecDSigStatusSucceeded; - } + if(dsigRefCtx->digestMethod->status == xmlSecTransformStatusOk) { + dsigRefCtx->status = xmlSecDSigStatusSucceeded; + } - _end + _end partial: return(0); } - /************************************************************************** * * xmlSecDSigReferenceCtxListKlass @@ -2575,5 +2573,3 @@ xmlSecDSigReferenceCtxListGetKlass(void) { } #endif /* XMLSEC_NO_XMLDSIG */ - - diff --git a/src/xmltree.c b/src/xmltree.c index 7084f696..a675cbc9 100644 --- a/src/xmltree.c +++ b/src/xmltree.c @@ -13,6 +13,7 @@ #include <stdlib.h> #include <string.h> #include <ctype.h> +#include <time.h> #include <errno.h> #include <libxml/tree.h> @@ -793,8 +794,9 @@ xmlSecGenerateID(const xmlChar* prefix, xmlSecSize len) { xmlSecAssert2(xmlSecBufferGetSize(&buffer) == binLen, NULL); /* create random bytes */ + unsigned int seed = time(NULL); for(i = 0; i < binLen; i++) { - (xmlSecBufferGetData(&buffer)) [i] = (xmlSecByte) (256.0 * rand() / (RAND_MAX + 1.0)); + (xmlSecBufferGetData(&buffer)) [i] = (xmlSecByte) (256.0 * rand_r(&seed) / (RAND_MAX + 1.0)); } /* base64 encode random bytes */ diff --git a/src/xpath.c b/src/xpath.c index 8b0cf799..2419f133 100644 --- a/src/xpath.c +++ b/src/xpath.c @@ -605,8 +605,9 @@ xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlS /* create full XPath expression */ xmlSecAssert2(data->expr != NULL, -1); - tmp = (xmlChar*) xmlMalloc(sizeof(xmlChar) * (xmlStrlen(data->expr) + - strlen(xpathPattern) + 1)); + size_t tmpSize = sizeof(xmlChar) * (xmlStrlen(data->expr) + + strlen(xpathPattern) + 1); + tmp = (xmlChar*) xmlMalloc(tmpSize); if(tmp == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), @@ -616,7 +617,7 @@ xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlS (int)(xmlStrlen(data->expr) + strlen(xpathPattern) + 1)); return(-1); } - sprintf((char*)tmp, xpathPattern, (char*)data->expr); + snprintf((char*)tmp, tmpSize, xpathPattern, (char*)data->expr); xmlFree(data->expr); data->expr = tmp; |