From: Abhishek Vijay <abhishek.v@samsung.com>
Date: Wed, 24 Oct 2018 09:01:04 +0000 (+0530)
Subject: Fix for SATIZENVUL-1655 & SATIZENVUL-1656 - error handling
X-Git-Tag: submit/tizen/20181116.110836^2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f8296c20dc04eb189dd13cade461d83b9c1bcd2c;p=platform%2Fcore%2Faccount%2Ffido-asm.git

Fix for SATIZENVUL-1655 & SATIZENVUL-1656 - error handling

Change-Id: Ib1aa5f0f37ccd352296e40c01ea25083a1524dc5
Signed-off-by: Abhishek Vijay <abhishek.v@samsung.com>
---

diff --git a/common/cryptoutil/src/AsmCrypto.cpp b/common/cryptoutil/src/AsmCrypto.cpp
index f919196..4c989f5 100755
--- a/common/cryptoutil/src/AsmCrypto.cpp
+++ b/common/cryptoutil/src/AsmCrypto.cpp
@@ -935,6 +935,11 @@ __get_pub_key_from_cert(const char *cert_b64)
 	int hashed_len = 0;
 
 	der_pubkey_temp = der_pubkey = (unsigned char*)OPENSSL_malloc(der_len);
+	if (der_pubkey_temp == NULL || der_pubkey == NULL) {
+		_ERR("OPENSSL_malloc failed for der_pubkey");
+		free(cert_raw);
+		return NULL;
+	}
 
 	i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), (unsigned char **)&der_pubkey_temp);
 
@@ -1143,7 +1148,13 @@ AsmCrypto::fidoSignWithKey(const unsigned char *msg, int msg_len,
 
 	size_t sig_len_loc = 0;
 	EVP_DigestSignFinal(mdctx, NULL, &sig_len_loc);
+
 	unsigned char *sig = (unsigned char *)OPENSSL_malloc(sizeof(unsigned char) * (sig_len_loc));
+	if (sig == NULL) {
+		_ERR("OPENSSL_malloc failed");
+		return NULL;
+	}
+
 	EVP_DigestSignFinal(mdctx, sig, &sig_len_loc);
 
 	*sig_len = sig_len_loc;
@@ -1200,7 +1211,13 @@ AsmCrypto::fidoSign(const unsigned char *msg, int msg_len, const char *private_k
 
 	size_t sig_len_loc = 0;
 	EVP_DigestSignFinal(mdctx, NULL, &sig_len_loc);
+
 	unsigned char *sig = (unsigned char *)OPENSSL_malloc(sizeof(unsigned char) * (sig_len_loc));
+	if (sig == NULL) {
+		_ERR("OPENSSL_malloc failed");
+		return NULL;
+	}
+
 	EVP_DigestSignFinal(mdctx, sig, &sig_len_loc);
 
 	*sig_len = sig_len_loc;
diff --git a/server/src/ClientListener.cpp b/server/src/ClientListener.cpp
index 0e84279..110837c 100755
--- a/server/src/ClientListener.cpp
+++ b/server/src/ClientListener.cpp
@@ -96,13 +96,19 @@ ClientListner::readProc(const char *path, char *buf, int size)
 	ret = read(fd, buf, size - 1);
 	if (ret <= 0) {
 		_ERR("fd read error(%d)\n", fd);
-		close(fd);
+
+		if (close(fd) == -1);
+			_ERR("fd close error");
+
 		return -1;
 	} else {
 		buf[ret] = 0;
 	}
 
-	close(fd);
+	if (close(fd) == -1) {
+		_ERR("fd close error");
+		return -1;
+	}
 
 	return ret;
 }