From 23a2d6030337869f2b00ae2c30d805b0b85cc7d1 Mon Sep 17 00:00:00 2001
From: Jaroslaw Pelczar <j.pelczar@samsung.com>
Date: Fri, 20 Oct 2017 17:53:47 +0200
Subject: [PATCH] Fix for SVACE DEREF_AFTER_NULL

DEREF_AFTER_NULL: After having been compared to NULL value at
ssf_crypto.cpp:1990, pointer 'key1' is dereferenced at
ssf_crypto.cpp:1999.
    [dereference] Dereference at /home/abuild/rpmbuild/BUILD/tef-
simulator-0.0.1/ssflib/src/ssf_crypto.cpp:1999
    [null check] null check at /home/abuild/rpmbuild/BUILD/tef-
simulator-0.0.1/ssflib/src/ssf_crypto.cpp:1990

Change-Id: Iaf1ed9dd32b30bc958a91ac1a30382c71b3d4b43
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
---
 ssflib/src/ssf_crypto.cpp | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/ssflib/src/ssf_crypto.cpp b/ssflib/src/ssf_crypto.cpp
index 96f9489..4780887 100644
--- a/ssflib/src/ssf_crypto.cpp
+++ b/ssflib/src/ssf_crypto.cpp
@@ -1996,15 +1996,20 @@ TEE_Result TEE_SetOperationKey2( TEE_OperationHandle operation, TEE_ObjectHandle
 		return TEE_SUCCESS;
 	}
 
-	if ((key1->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
+	if (key1 && (key1->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
 		CRYPTO_PANIC;
 	}
-	if ((key2->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
+	if (key2 && (key2->tr.info.objectUsage | ~op->info.requiredKeyUsage) != 0xffffffff) {
 		CRYPTO_PANIC;
 	}
 
-	TEE_CopyObjectAttributes(op->key1, key1);
-	TEE_CopyObjectAttributes(op->key2, key2);
+	if(key1) {
+		TEE_CopyObjectAttributes(op->key1, key1);
+	}
+
+	if(key2) {
+		TEE_CopyObjectAttributes(op->key2, key2);
+	}
 
 	op->info.handleState |= TEE_HANDLE_FLAG_KEY_SET;
 	return TEE_SUCCESS;
-- 
2.7.4