summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsangwan.kwon <sangwan.kwon@samsung.com>2016-08-01 08:17:54 (GMT)
committersangwan.kwon <sangwan.kwon@samsung.com>2016-08-01 09:23:07 (GMT)
commit36eb4021277e375bdb179970bac24553cfc0cde9 (patch)
treec688fe61c115d3e6b82aabbcfbdddd35f32e103b
parentf732baaeb6fc2e9872696cb381b90b8c523d0c53 (diff)
downloadxmlsec1-36eb4021277e375bdb179970bac24553cfc0cde9.zip
xmlsec1-36eb4021277e375bdb179970bac24553cfc0cde9.tar.gz
xmlsec1-36eb4021277e375bdb179970bac24553cfc0cde9.tar.bz2
Fix svace defectsrefs/changes/63/82163/3
* null check to return value * overflow check on array * fix dead code (it seem to typo, (++ptr)) Change-Id: I184b29a184812c745a8ee192632ea101e349b10d Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r--src/bn.c2
-rw-r--r--src/templates.c2
-rw-r--r--src/xmldsig.c1
3 files changed, 3 insertions, 2 deletions
diff --git a/src/bn.c b/src/bn.c
index b5333c9..48fb990 100644
--- a/src/bn.c
+++ b/src/bn.c
@@ -252,7 +252,7 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
continue;
}
- xmlSecAssert2(ch <= sizeof(xmlSecBnLookupTable), -1);
+ xmlSecAssert2(ch < sizeof(xmlSecBnLookupTable) / sizeof(xmlSecBnLookupTable[0]), -1);
nn = xmlSecBnLookupTable[ch];
if((nn < 0) || ((xmlSecSize)nn > base)) {
xmlSecError(XMLSEC_ERRORS_HERE,
diff --git a/src/templates.c b/src/templates.c
index 8764da4..88bed3d 100644
--- a/src/templates.c
+++ b/src/templates.c
@@ -2065,7 +2065,7 @@ xmlSecTmplNodeWriteNsList(xmlNodePtr parentNode, const xmlChar** nsList) {
} else {
prefix = (*ptr);
}
- if((++ptr) == NULL) {
+ if(*(++ptr) == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
diff --git a/src/xmldsig.c b/src/xmldsig.c
index 7d8760b..61e3507 100644
--- a/src/xmldsig.c
+++ b/src/xmldsig.c
@@ -2333,6 +2333,7 @@ xmlSecDSigReferenceCtxProcessNodeEx(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNod
/* read attributes first */
dsigRefCtx->uri = xmlGetProp(node, xmlSecAttrURI);
+ xmlSecAssert2(dsigRefCtx->uri != NULL, -1);
while(pNextTmp[i] != NULL) {
len = strlen(pNextTmp[i]);