gck: Fix crash when hashing an unsupported attributes

PKCS#11 modules return attributes with a negative length and a
NULL value, when they don't support the attribute in question.

https://bugzilla.gnome.org/show_bug.cgi?id=696305

diff --git a/gck/gck-attributes.c b/gck/gck-attributes.c
index 356d6f1..5b6dad9 100644 (file)
--- a/gck/gck-attributes.c
+++ b/gck/gck-attributes.c
@@ -1996,8 +1996,10 @@ gck_attribute_hash (gconstpointer attr)
 
        h ^= _gck_ulong_hash (&a->type);
 
-       for (p = (signed char *)a->value, e = p + a->length; p != e; p++)
-               h = (h << 5) + h + *p;
+       if (a->value) {
+               for (p = (signed char *)a->value, e = p + a->length; p != e; p++)
+                       h = (h << 5) + h + *p;
+       }
 
        return h;
 }

diff --git a/gck/tests/test-gck-attributes.c b/gck/tests/test-gck-attributes.c
index 3ca3428..f3c532b 100644 (file)
--- a/gck/tests/test-gck-attributes.c
+++ b/gck/tests/test-gck-attributes.c
@@ -961,6 +961,31 @@ test_builder_add_attr (void)
 }
 
 static void
+test_attribute_hash (void)
+{
+       guchar *data = (guchar *)"extra attribute";
+       GckAttribute one = { CKA_LABEL, (guchar *)"yay", 3 };
+       GckAttribute null = { CKA_LABEL, (guchar *)NULL, 3 };
+       GckAttribute zero = { CKA_LABEL, (guchar *)NULL, 0 };
+       GckAttribute two = { CKA_VALUE, (guchar *)"yay", 3 };
+       GckAttribute other = { CKA_VALUE, data, 5 };
+       GckAttribute overflow = { CKA_VALUE, data, 5 };
+       GckAttribute content = { CKA_VALUE, (guchar *)"conte", 5 };
+       guint hash;
+
+       hash = gck_attribute_hash (&one);
+       g_assert_cmpuint (hash, !=, 0);
+
+       g_assert_cmpuint (gck_attribute_hash (&one), ==, hash);
+       g_assert_cmpuint (gck_attribute_hash (&two), !=, hash);
+       g_assert_cmpuint (gck_attribute_hash (&other), !=, hash);
+       g_assert_cmpuint (gck_attribute_hash (&overflow), !=, hash);
+       g_assert_cmpuint (gck_attribute_hash (&null), !=, hash);
+       g_assert_cmpuint (gck_attribute_hash (&zero), !=, hash);
+       g_assert_cmpuint (gck_attribute_hash (&content), !=, hash);
+}
+
+static void
 test_attributes_refs (void)
 {
        GckBuilder builder = GCK_BUILDER_INIT;
@@ -1301,6 +1326,7 @@ main (int argc, char **argv)
        g_test_add_func ("/gck/attribute/get_string", test_get_string);
        g_test_add_func ("/gck/attribute/dup_attribute", test_dup_attribute);
        g_test_add_func ("/gck/attribute/copy_attribute", test_copy_attribute);
+       g_test_add_func ("/gck/attribute/hash", test_attribute_hash);
        g_test_add_func ("/gck/builder/blank", test_builder_blank);
        g_test_add_func ("/gck/builder/data", test_build_data);
        g_test_add_func ("/gck/builder/data-invalid", test_build_data_invalid);