From c2adf89ca866c9165b4ffbce646c059a8d6b908f Mon Sep 17 00:00:00 2001 From: jkjo92 Date: Tue, 1 Aug 2017 19:45:03 +0900 Subject: [PATCH 01/16] Migration from 3.0 to 4.0 1. On-demand tine out 2. Changed to be used in system-fw 3. fix memory leak 4. fix svace issue Change-Id: I540151a57555642d8f22d82985fe0a2287ec1b1c Signed-off-by: jkjo92 --- common/fido_json_handler.c | 4 +- common/fido_tlv_util.c | 3 +- packaging/fido-client.spec | 4 ++ packaging/fido.service | 5 ++- packaging/org.tizen.fido.service | 5 +-- server/fido_app_id_handler.c | 2 +- server/fido_asm_plugin_manager.c | 11 +++-- server/fido_privilege_checker.c | 4 +- server/fido_server.c | 96 ++++++++++++++++++++++++++++++++++------ 9 files changed, 107 insertions(+), 27 deletions(-) mode change 100644 => 100755 common/fido_tlv_util.c mode change 100644 => 100755 packaging/fido-client.spec mode change 100644 => 100755 packaging/fido.service mode change 100644 => 100755 packaging/org.tizen.fido.service mode change 100644 => 100755 server/fido_app_id_handler.c mode change 100644 => 100755 server/fido_privilege_checker.c diff --git a/common/fido_json_handler.c b/common/fido_json_handler.c index 4dcb4f7..98ade9f 100755 --- a/common/fido_json_handler.c +++ b/common/fido_json_handler.c @@ -2406,7 +2406,7 @@ _uaf_composer_compose_dereg_request(_response_t *uaf_res) json_builder_add_string_value(header_root, uaf_res->header->app_id); json_builder_set_member_name(header_root, _JSON_KEY_OP); - json_builder_add_string_value(header_root, strdup(_UAF_OPERATION_NAME_KEY_DE_REG)); + json_builder_add_string_value(header_root, _UAF_OPERATION_NAME_KEY_DE_REG); json_builder_set_member_name(header_root, _JSON_KEY_SERVER_DATA); json_builder_add_string_value(header_root, uaf_res->header->server_data); @@ -2488,7 +2488,6 @@ _uaf_composer_compose_dereg_request(_response_t *uaf_res) _INFO("keyid=[%s]", key_id_enc); } SAFE_DELETE(key_id_enc); - } _INFO("after assertions"); @@ -2619,6 +2618,7 @@ _uaf_composer_compose_dereg_request(_response_t *uaf_res) json_object_set_string_member(authObject, _JSON_KEY_KEY_ID, (char *)key_id_enc); _INFO("keyid=[%s]", key_id_enc); } + SAFE_DELETE(key_id_enc); } json_node_take_object(authNode, authObject); json_array_add_element(authArray, authNode); diff --git a/common/fido_tlv_util.c b/common/fido_tlv_util.c old mode 100644 new mode 100755 index 5b2c28d..02d162f --- a/common/fido_tlv_util.c +++ b/common/fido_tlv_util.c @@ -139,11 +139,12 @@ _tlv_util_decode_reg_assertion(char *tlv_enc) } _INFO("Found TAG_KEYID"); + SAFE_DELETE(tlv_dec); return assrt_tlv; } } - + SAFE_DELETE(tlv_dec); return NULL; } diff --git a/packaging/fido-client.spec b/packaging/fido-client.spec old mode 100644 new mode 100755 index a667d9f..7843263 --- a/packaging/fido-client.spec +++ b/packaging/fido-client.spec @@ -123,6 +123,9 @@ install -m 0644 %SOURCE1 %{buildroot}/usr/share/dbus-1/system-services/org.tizen mkdir -p %{buildroot}%{_sysconfdir}/dbus-1/system.d install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/dbus-1/system.d/ +mkdir -p %{buildroot}%{_unitdir} +install -m 644 %SOURCE3 %{buildroot}%{_unitdir}/fido.service + mkdir -p %{buildroot}/usr/share/dbus-1/system-services install -m 0644 %SOURCE4 %{buildroot}/usr/share/dbus-1/system-services/org.tizen.dummyasm.service @@ -175,6 +178,7 @@ chsmack -a '_' %{_libdir}/fido/asm/ %if 0%{?tizen_version_major} >= 3 %attr(0644,root,root) /usr/share/dbus-1/system-services/org.tizen.fido.service +%attr(0644,root,root) %{_unitdir}/fido.service %else %{_libdir}/systemd/system/org.tizen.fido.service diff --git a/packaging/fido.service b/packaging/fido.service old mode 100644 new mode 100755 index 6d09e27..dadfb05 --- a/packaging/fido.service +++ b/packaging/fido.service @@ -1,9 +1,10 @@ [Unit] Description=FIDO Client service -After=tizen-runtime.target -Requires=tizen-runtime.target [Service] +User=service_fw +Group=service_fw +SmackProcessLabel=System Type=dbus BusName=org.tizen.fido ExecStart=/usr/bin/fido-service diff --git a/packaging/org.tizen.fido.service b/packaging/org.tizen.fido.service old mode 100644 new mode 100755 index 2bd3ab3..c8ab4ba --- a/packaging/org.tizen.fido.service +++ b/packaging/org.tizen.fido.service @@ -3,6 +3,5 @@ Description=FIDO Service D-Bus [D-BUS Service] Name=org.tizen.fido -Exec=/usr/bin/fido-service -User=service_fw -Group=service_fw +Exec=/bin/false +SystemdService=fido.service diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c old mode 100644 new mode 100755 index 90637ea..dc38c69 --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -584,7 +584,7 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati cb_data->user_data = user_data; /*Case 1: UAF JSON does not have appID, so no check is required, put facetid*/ - if (uaf_app_id == NULL) { + if ((uaf_app_id == NULL) || (!strcmp(uaf_app_id, ""))) { _DBG("UAF msg does not have appID"); cb_data->real_app_id = __get_tz_facet_id_of_caller(app_id, invocation); g_timeout_add(2, __timer_expired, cb_data); diff --git a/server/fido_asm_plugin_manager.c b/server/fido_asm_plugin_manager.c index d812e34..d8c4e9f 100755 --- a/server/fido_asm_plugin_manager.c +++ b/server/fido_asm_plugin_manager.c @@ -173,8 +173,10 @@ __load_plugins(char **plugin_path) closedir(dir); - if (is_asm_found == false) + if (is_asm_found == false) { + _ERR("Failed to find asm"); return FIDO_ERROR_NOT_SUPPORTED; + } return FIDO_ERROR_NONE; } @@ -293,6 +295,7 @@ _asm_plugin_mgr_discover_all(_asm_plugin_discover_response_cb cb, void *user_dat cb_data->user_data = user_data; if (cb_data->asm_proxy_list_iter == NULL) { + _ERR("asm proxy table is empty"); free(cb_data); return FIDO_ERROR_NOT_SUPPORTED; } @@ -351,6 +354,7 @@ _on_asm_dbus_reply(GObject *proxy, GAsyncResult *res, gpointer user_data) if (dbus_resp != NULL) g_variant_unref(dbus_resp); + SAFE_DELETE(asm_response_json); SAFE_DELETE(cb_data); } @@ -372,7 +376,7 @@ _asm_ipc_send(const char *asm_id, const char *asm_request, _asm_ipc_response_cb _INFO("asm_request=[%s]", asm_request); if (asm_id == NULL) { - _ERR("dbus proxy failed"); + _ERR("asm id is NULL"); return FIDO_ERROR_NOT_SUPPORTED; } @@ -423,7 +427,7 @@ _asm_ipc_send_sync(const char *asm_id, const char *asm_req) _INFO("_asm_ipc_send_sync"); if (asm_id == NULL) { - _ERR("dbus proxy failed"); + _ERR("asm id is NULL"); return NULL; } @@ -459,6 +463,7 @@ _asm_ipc_send_sync(const char *asm_id, const char *asm_req) NULL, &error); + SAFE_DELETE(method_name); if (error != NULL) _ERR("g_dbus_proxy_call_sync failed [%s]", error->message); else diff --git a/server/fido_privilege_checker.c b/server/fido_privilege_checker.c old mode 100644 new mode 100755 index 59a9633..cbbe15f --- a/server/fido_privilege_checker.c +++ b/server/fido_privilege_checker.c @@ -95,9 +95,9 @@ __check_privilege_by_cynara(const char *client, const char *session, const char } return FIDO_ERROR_NONE; -#endif - +#else return FIDO_ERROR_NONE; +#endif } static int diff --git a/server/fido_server.c b/server/fido_server.c index d6c6201..b7b4bc5 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -36,9 +36,17 @@ #include "fido-stub.h" #define _FIDO_SERVICE_DBUS_PATH "/org/tizen/fido" + +/* timeout for terminating on-demand service */ +#define _FIDO_SERVICE_MIN_TIMEOUT 1 /* seconds */ +#define _FIDO_SERVICE_BOOTUP_TIMEOUT 30 /* seconds */ +#define _FIDO_SERVICE_PROCESS_TIMEOUT 90 /* seconds */ + static guint owner_id = 0; //GDBusObjectManagerServer *fido_dbus_mgr = NULL; static Fido* fido_dbus_obj = NULL; +static GMainLoop *mainloop = NULL; +static guint timeout_handle; //TODO : current assumption is, ASM will handle multiple request queueing @@ -75,6 +83,7 @@ typedef struct _process_cb_data { } _process_cb_data_t; static void __process_dereg_queue(_dereg_q_t *dereg_q); +static void __set_timeout(int seconds); static char** __create_empty_json_2d_array(void) @@ -179,6 +188,11 @@ _send_process_response(_process_cb_data_t *cb_data, int tz_err_code, char *uaf_r { _INFO("_send_process_response"); + if (cb_data == NULL) { + SAFE_DELETE(uaf_response_json); + return; + } + /*TODO*/ _dbus_info_t *dbus_info = (_dbus_info_t *)(cb_data->dbus_info); if (dbus_info != NULL) { @@ -234,6 +248,8 @@ _discover_response_intermediate_cb(GList *asm_response_list, void *user_data) if (asm_response_list != NULL) g_list_free_full(asm_response_list, __free_asm_discover_response_list_item); + + SAFE_DELETE(cb_data); } static int @@ -671,6 +687,7 @@ __handle_auth(_process_cb_data_t *cb_data, _matched_auth_data_t *matched_auth) _ERR("ASM in data missing"); _send_process_response(cb_data, FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR, NULL); + _free_fido_asm_auth_in(auth_asm_in); SAFE_DELETE(version); return; @@ -710,10 +727,13 @@ _ui_response_callback(int error_code, _ui_auth_data_t *selected_auth_data, void if (cb_data->type == _PROCESS_TYPE_REG) __handle_reg(cb_data, match_data); - else if (cb_data->type == _PROCESS_TYPE_AUTH) __handle_auth(cb_data, match_data); - + else { + _send_process_response(cb_data, FIDO_ERROR_UNKNOWN, NULL); + _free_matched_auth_data(match_data); + return; + } _free_matched_auth_data(match_data); } @@ -724,8 +744,10 @@ _asm_response_dereg_process(int error_code, const char *asm_response_json, void _dereg_q_t *dereg_q = (_dereg_q_t*)(user_data); _process_cb_data_t *cb_data = (_process_cb_data_t*)(dereg_q->cb_data); - if (cb_data == NULL) + if (cb_data == NULL) { + SAFE_DELETE(dereg_q); return; + } /*Process next dereg*/ GQueue *q = (GQueue*) (dereg_q->dereg_asm_in_q); @@ -741,6 +763,8 @@ _asm_response_dereg_process(int error_code, const char *asm_response_json, void g_queue_free(dereg_q->dereg_asm_in_q); dereg_q->dereg_asm_in_q = NULL; _INFO("After Deleting dereg_asm_in_q"); + + SAFE_DELETE(dereg_q); } } @@ -751,14 +775,17 @@ __process_dereg_queue(_dereg_q_t *dereg_q) _INFO("__process_dereg_queue"); GQueue *q = dereg_q->dereg_asm_in_q; - if (q == NULL) + if (q == NULL) { + SAFE_DELETE(dereg_q); return; + } if (g_queue_is_empty(q) == true) { _INFO("Deleting dereg_asm_in_q"); g_queue_free(dereg_q->dereg_asm_in_q); dereg_q->dereg_asm_in_q = NULL; _INFO("After Deleting dereg_asm_in_q"); + SAFE_DELETE(dereg_q); return; } @@ -811,6 +838,7 @@ __process_dereg_queue(_dereg_q_t *dereg_q) asm_req_json, _asm_response_dereg_process, dereg_q); } else { _send_process_response(cb_data, FIDO_ERROR_INVALID_PARAMETER, NULL); + SAFE_DELETE(dereg_q); } _free_matched_auth_dereg(dereg_data); @@ -1170,14 +1198,20 @@ _discover_response_cb_for_process(int tz_error_code, int error_code, GList *avai } } else { GList *allowed_auth_list_iter = allowed_auth_list; - _matched_auth_data_t *match_data = (_matched_auth_data_t *)(allowed_auth_list_iter->data); - - if (cb_data->type == _PROCESS_TYPE_REG) - __handle_reg(cb_data, match_data); - - else if (cb_data->type == _PROCESS_TYPE_AUTH) - __handle_auth(cb_data, match_data); + if (allowed_auth_list_iter != NULL) { + _matched_auth_data_t *match_data = (_matched_auth_data_t *)(allowed_auth_list_iter->data); + if (cb_data->type == _PROCESS_TYPE_REG) + __handle_reg(cb_data, match_data); + else if (cb_data->type == _PROCESS_TYPE_AUTH) + __handle_auth(cb_data, match_data); + else { + _send_process_response(cb_data, FIDO_ERROR_UNKNOWN, NULL); + if (allowed_auth_list != NULL) + g_list_free_full(allowed_auth_list, _free_matched_auth_data); + return; + } + } } if (allowed_auth_list != NULL) g_list_free_full(allowed_auth_list, _free_matched_auth_data); @@ -1242,6 +1276,9 @@ __facet_id_cb(int err, const char *facet_id, void *user_data) gboolean _dbus_on_fido_init(Fido *object, GDBusMethodInvocation *invocation) { + _INFO("_dbus_on_fido_init"); + __set_timeout(_FIDO_SERVICE_PROCESS_TIMEOUT); + fido_complete_fido_uaf_init(object, invocation, FIDO_ERROR_NONE); return true; @@ -1250,6 +1287,9 @@ _dbus_on_fido_init(Fido *object, GDBusMethodInvocation *invocation) gboolean _dbus_on_fido_deinit(Fido *object, GDBusMethodInvocation *invocation) { + _INFO("_dbus_on_fido_deinit"); + __set_timeout(_FIDO_SERVICE_PROCESS_TIMEOUT); + if (is_allowed_to_call(invocation, _FIDO_CLIENT_PRIVILEGE) == false) { fido_complete_fido_uaf_deinit(object, invocation, FIDO_ERROR_PERMISSION_DENIED); } else { @@ -1264,6 +1304,8 @@ gboolean _dbus_on_fido_discover(Fido *object, GDBusMethodInvocation *invocation) { _INFO("_dbus_on_fido_discover"); + + __set_timeout(_FIDO_SERVICE_PROCESS_TIMEOUT); if (is_allowed_to_call(invocation, _FIDO_CLIENT_PRIVILEGE) == false) { __send_discover_response(object, invocation, FIDO_ERROR_PERMISSION_DENIED, @@ -1341,6 +1383,7 @@ _dbus_on_fido_uaf_is_supported(Fido *object, GDBusMethodInvocation *invocation, { _INFO("_dbus_on_fido_uaf_is_supported"); + __set_timeout(_FIDO_SERVICE_PROCESS_TIMEOUT); return _dbus_handle_process_or_check_policy(object, invocation, uaf_request_json, NULL, _PROCESS_TYPE_CHECK_POLICY); } @@ -1351,6 +1394,7 @@ _dbus_on_fido_process_operation(Fido *object, GDBusMethodInvocation *invocation, { _INFO("_dbus_on_fido_process_operation"); + __set_timeout(_FIDO_SERVICE_PROCESS_TIMEOUT); return _dbus_handle_process_or_check_policy(object, invocation, uaf_request_json, channel_binding_json, _PROCESS_TYPE_MIN); } @@ -1359,6 +1403,7 @@ _dbus_on_fido_process_operation(Fido *object, GDBusMethodInvocation *invocation, _dbus_on_fido_uaf_notify_result(Fido *object, GDBusMethodInvocation *invocation, const gchar *arg_cookie, gint arg_respose_code, const gchar *uaf_response_json) { + __set_timeout(_FIDO_SERVICE_PROCESS_TIMEOUT); fido_complete_fido_uaf_notify_result(object, invocation, 0, 0); return true; }*/ @@ -1438,6 +1483,31 @@ on_name_lost(GDBusConnection *connection, exit(1); } + +static gboolean +__timeout_cb(gpointer user_data) +{ + _INFO("__timeout_cb Enter"); + g_main_loop_quit(mainloop); + mainloop = NULL; + return false; +} + +static void +__set_timeout(int seconds) +{ + if (seconds < _FIDO_SERVICE_MIN_TIMEOUT) { + _ERR("timeout value is wrong"); + return; + } + + if (timeout_handle) + g_source_remove(timeout_handle); + + timeout_handle = g_timeout_add_seconds(seconds, __timeout_cb, NULL); + _INFO("__set_timeout handle=%d", timeout_handle); +} + static bool __initialize_dbus(void) { @@ -1479,8 +1549,6 @@ __initialize(void) int main(void) { - GMainLoop *mainloop = NULL; - dlog_print(DLOG_INFO, "FIDO", "start"); _INFO("Starting FIDO SVC"); @@ -1488,8 +1556,10 @@ main(void) mainloop = g_main_loop_new(NULL, FALSE); __initialize(); + __set_timeout(_FIDO_SERVICE_BOOTUP_TIMEOUT); g_main_loop_run(mainloop); + g_main_loop_unref(mainloop); _INFO("Ending FIDO SVC"); return 0; -- 2.7.4 From 316322e561e4cd8bb8882d6b9cbaa33ceb2b665d Mon Sep 17 00:00:00 2001 From: jkjo92 Date: Tue, 5 Sep 2017 14:13:21 +0900 Subject: [PATCH 02/16] fix memory leak Change-Id: I7a408dc99ec2109df98fd99f056e06d12932b5a4 Signed-off-by: jkjo92 --- common/fido_b64_util.c | 7 +++++++ server/fido_app_id_handler.c | 28 +++++++++++++++++++++++++--- 2 files changed, 32 insertions(+), 3 deletions(-) mode change 100644 => 100755 common/fido_b64_util.c diff --git a/common/fido_b64_util.c b/common/fido_b64_util.c old mode 100644 new mode 100755 index cbb4141..c5fbbd4 --- a/common/fido_b64_util.c +++ b/common/fido_b64_util.c @@ -40,6 +40,11 @@ _fido_b64url_encode(const unsigned char *input, int inlen, unsigned char *outpu BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); bmem = BIO_new(BIO_s_mem()); + if (bmem == NULL) { + _ERR("BIO_new with BIO_s_mem failed "); + BIO_free(b64); + return -1; + } b64 = BIO_push(b64, bmem); BIO_write(b64, input, inlen); BIO_flush(b64); @@ -113,6 +118,7 @@ _fido_b64url_decode(const unsigned char *in, int inlen, unsigned char *out, int _ERR("BIO_new_mem_buf failed"); SAFE_DELETE(base64); + BIO_free(b64); return -1; } @@ -122,6 +128,7 @@ _fido_b64url_decode(const unsigned char *in, int inlen, unsigned char *out, int _ERR("BIO_read failed"); SAFE_DELETE(base64); + BIO_free_all(b64); return -1; } diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c index dc38c69..23b01fa 100755 --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -333,6 +333,12 @@ __b64_encode(unsigned char *input, int ip_len) BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); bmem = BIO_new(BIO_s_mem()); + if (bmem == NULL) { + _ERR("BIO_new failed \n"); + free(output); + BIO_free(b64); + return NULL; + } b64 = BIO_push(b64, bmem); BIO_write(b64, input, ip_len); BIO_flush(b64); @@ -341,8 +347,7 @@ __b64_encode(unsigned char *input, int ip_len) memcpy(output, bptr->data, bptr->length); output[bptr->length] = 0; - if (b64) - BIO_free_all(b64); + BIO_free_all(b64); return (char*)output; } @@ -358,8 +363,17 @@ __b64_decode(const char *encoded_data, int encoded_size, unsigned char **decoded (*decoded_data) = (unsigned char *) calloc((*decoded_size) * 1.5, sizeof(char)); BIO *bmem = BIO_new_mem_buf((void *) encoded_data, (*decoded_size)); + if (bmem == NULL) { + _ERR("BIO_new failed \n"); + return -1; + } BIO *bioCmd = BIO_new(BIO_f_base64()); + if (bioCmd == NULL) { + _ERR("BIO_new failed \n"); + BIO_free(bmem); + return -1; + } BIO_set_flags(bioCmd, BIO_FLAGS_BASE64_NO_NL); @@ -422,6 +436,7 @@ __get_pub_key_from_cert(const char *cert_b64) if (ret != 1) { _ERR("EVP_Digest failed"); OPENSSL_free(der_pubkey); + free(cert_raw); return NULL; } @@ -429,6 +444,7 @@ __get_pub_key_from_cert(const char *cert_b64) char *pub_key = __b64_encode(pubkey_der_digest, (int)hashed_len); OPENSSL_free(der_pubkey); + free(cert_raw); if (pub_key != NULL) _INFO("%s", pub_key); @@ -575,6 +591,7 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati */ cb_data->caller_app_id = __get_tz_facet_id_of_caller(app_id, invocation); if (cb_data->caller_app_id == NULL) { + SAFE_DELETE(app_id); SAFE_DELETE(cb_data); return FIDO_ERROR_PERMISSION_DENIED; } @@ -588,6 +605,7 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati _DBG("UAF msg does not have appID"); cb_data->real_app_id = __get_tz_facet_id_of_caller(app_id, invocation); g_timeout_add(2, __timer_expired, cb_data); + SAFE_DELETE(app_id); return FIDO_ERROR_NONE; } @@ -597,7 +615,7 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati cb_data->real_app_id = strdup(uaf_app_id); g_timeout_add(2, __timer_expired, cb_data); - + SAFE_DELETE(app_id); return FIDO_ERROR_NONE; } @@ -606,6 +624,7 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati _INFO("soup_uri_new failed"); _free_app_id_cb_data(cb_data); + SAFE_DELETE(app_id); return FIDO_ERROR_PERMISSION_DENIED; } @@ -616,11 +635,13 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati const char *scheme = soup_uri_get_scheme(parsed_uri); if (scheme == NULL) { _free_app_id_cb_data(cb_data); + SAFE_DELETE(app_id); return FIDO_ERROR_INVALID_PARAMETER; } if (strcmp(SOUP_URI_SCHEME_HTTPS, scheme) != 0) { _free_app_id_cb_data(cb_data); + SAFE_DELETE(app_id); return FIDO_ERROR_INVALID_PARAMETER; } @@ -653,5 +674,6 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati _INFO("Added in soup_session_queue_message"); + SAFE_DELETE(app_id); return FIDO_ERROR_NONE; } -- 2.7.4 From c83bf08e906df76ca1690a60060edae04187e4d3 Mon Sep 17 00:00:00 2001 From: jkjo92 Date: Thu, 21 Sep 2017 15:44:31 +0900 Subject: [PATCH 03/16] fix coding rule Change-Id: I95d8fc6b26f3f3a8f206a335efcafd691599731d Signed-off-by: jkjo92 --- common/fido_internal_types.h | 1 - 1 file changed, 1 deletion(-) mode change 100644 => 100755 common/fido_internal_types.h diff --git a/common/fido_internal_types.h b/common/fido_internal_types.h old mode 100644 new mode 100755 index 8109920..9bce8dc --- a/common/fido_internal_types.h +++ b/common/fido_internal_types.h @@ -123,7 +123,6 @@ typedef struct _match_criteria { GList *attestation_type_list; int auth_version; GList *extension_list; - } _match_criteria_t; void _free_match_criteria(_match_criteria_t *data); -- 2.7.4 From b93fc63044b3ff29486e8ddf4626365e5ff7b170 Mon Sep 17 00:00:00 2001 From: Jooseok Song Date: Tue, 24 Oct 2017 16:13:43 +0900 Subject: [PATCH 04/16] Fix svace issue Change-Id: Ie66dba099180086b56611b3c358ac4ae1d6258e5 --- server/fido_app_id_handler.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) mode change 100755 => 100644 server/fido_app_id_handler.c diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c old mode 100755 new mode 100644 index 23b01fa..d6684e0 --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -402,22 +402,24 @@ __get_pub_key_from_cert(const char *cert_b64) int ret = __b64_decode(cert_b64, strlen(cert_b64), &cert_raw, &cert_raw_len); if (ret != 0) { _ERR("__b64_decode failed"); - free(cert_raw); + SAFE_DELETE(cert_raw); return NULL; } + unsigned char *cert_raw_orig = cert_raw; + X509 *x509 = d2i_X509(NULL, (const unsigned char **)(&cert_raw), cert_raw_len); if (x509 == NULL) { _ERR("d2i_X509 failed"); - free(cert_raw); + SAFE_DELETE(cert_raw_orig); return NULL; } int der_len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), NULL); if (der_len <= 0) { _ERR("i2d_X509_PUBKEY failed"); - free(cert_raw); + SAFE_DELETE(cert_raw_orig); return NULL; } @@ -436,7 +438,7 @@ __get_pub_key_from_cert(const char *cert_b64) if (ret != 1) { _ERR("EVP_Digest failed"); OPENSSL_free(der_pubkey); - free(cert_raw); + SAFE_DELETE(cert_raw_orig); return NULL; } @@ -444,7 +446,7 @@ __get_pub_key_from_cert(const char *cert_b64) char *pub_key = __b64_encode(pubkey_der_digest, (int)hashed_len); OPENSSL_free(der_pubkey); - free(cert_raw); + SAFE_DELETE(cert_raw_orig); if (pub_key != NULL) _INFO("%s", pub_key); -- 2.7.4 From 2866c6ac8bef0364a13cf7640ed8fb23a868a646 Mon Sep 17 00:00:00 2001 From: Susnata Date: Wed, 7 Mar 2018 01:27:55 -0500 Subject: [PATCH 05/16] [fixed documentation typo] Change-Id: Ic248121499c7b33ec982e1f61c0d690cd4fd2faf Signed-off-by: Susnata (cherry picked from commit 5f02052c76ede3fac9941303337b8d1a765a2fc2) --- common/fido_uaf_types.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/common/fido_uaf_types.h b/common/fido_uaf_types.h index a6977c1..e5661b8 100755 --- a/common/fido_uaf_types.h +++ b/common/fido_uaf_types.h @@ -133,11 +133,11 @@ typedef enum { typedef enum { FIDO_AUTH_MATCH_PROT_TYPE_SOFTWARE = 0x01, /**< Authenticator's matcher is running in software. */ FIDO_AUTH_MATCH_PROT_TYPE_TEE = 0x02, /**< Authenticator's matcher is running inside the Trusted Execution Environment. */ - FIDO_AUTH_MATCH_PROT_TYPE_ON_CHIP = 0x04 /**< Aauthenticator's matcher is running on the chip. */ + FIDO_AUTH_MATCH_PROT_TYPE_ON_CHIP = 0x04 /**< Authenticator's matcher is running on the chip. */ } fido_auth_matcher_protection_type_e; /** - * @brief Authenticator's supproted method to communicate to FIDO user device. + * @brief Authenticator's supported method to communicate to FIDO user device. * @remarks Refer to FIDO UAF Registry document for more details. * @since_tizen 3.0 */ @@ -149,7 +149,7 @@ typedef enum { * wireless means. */ FIDO_AUTH_ATTACH_HINT_NFC = 0x10, /**< Authenticator is able to communicate by NFC to the FIDO User Device. */ FIDO_AUTH_ATTACH_HINT_BT = 0x20, /**< Authenticator is able to communicate by Bluetooth to the FIDO User Device. */ - FIDO_AUTH_ATTACH_HINT_NW = 0x40, /**< Authenticator is connected to the FIDO User Device ver a non-exclusive network + FIDO_AUTH_ATTACH_HINT_NW = 0x40, /**< Authenticator is connected to the FIDO User Device over a non-exclusive network * (e.g. over a TCP/IP LAN or WAN, as opposed to a PAN or point-to-point connection). */ FIDO_AUTH_ATTACH_HINT_READY = 0x80, /**< The external authenticator is in a "ready" state. */ @@ -174,7 +174,7 @@ typedef enum { } fido_auth_tc_display_type_e; /** - * @brief The FIDO Server response for successfull interaction. + * @brief The FIDO Server response for successful interaction. * @since_tizen 3.0 */ #define FIDO_SERVER_STATUS_CODE_OK 1200 -- 2.7.4 From 204c1599dbfad851d9900f0adc1a84f63bbc3301 Mon Sep 17 00:00:00 2001 From: Sandeep Sharma Date: Fri, 6 Apr 2018 10:30:10 +0530 Subject: [PATCH 06/16] Fix Coverity issues of fido-client Patch #2 More fido-client fixes Change-Id: Ic4590567358b95b827e39e724b79d27126301c1b Signed-off-by: Susnata --- common/fido_json_handler.c | 31 ++++++++++++++++--------------- server/fido_app_id_handler.c | 19 ++++++++++++++----- test/Dummy_ASM_DBUS/dummy_asm_server.c | 9 ++++++--- 3 files changed, 36 insertions(+), 23 deletions(-) mode change 100644 => 100755 server/fido_app_id_handler.c diff --git a/common/fido_json_handler.c b/common/fido_json_handler.c index 98ade9f..d7cb399 100755 --- a/common/fido_json_handler.c +++ b/common/fido_json_handler.c @@ -479,9 +479,13 @@ __get_string_from_json_object(JsonObject *obj, const char *key) return NULL; const char *str = json_object_get_string_member(obj, key); - _INFO("[%s] = [%s]", key, str); - - return strdup(str); + _INFO("[%s] ", key); + if (str != NULL) { + _INFO("[%s] ", str); + return strdup(str); + } else { + return NULL; + } } static int @@ -1906,10 +1910,16 @@ _uaf_composer_compose_final_challenge(const char *app_id, const char *challenge, return NULL; JsonNode *chb_root = json_parser_get_root(chb_parser); - RET_IF_FAIL(chb_root != NULL, NULL); + if (chb_root == NULL) { + g_object_unref(builder); + return NULL; + } JsonObject *chb_root_obj = json_node_get_object(chb_root); - RET_IF_FAIL(chb_root_obj != NULL, NULL); + if (chb_root_obj == NULL) { + g_object_unref(builder); + return NULL; + } char *end_pt = __get_string_from_json_object(chb_root_obj, _JSON_KEY_SERVER_END_POINT); char *cert = __get_string_from_json_object(chb_root_obj, _JSON_KEY_TLS_SERVER_CERT); @@ -2489,28 +2499,19 @@ _uaf_composer_compose_dereg_request(_response_t *uaf_res) } SAFE_DELETE(key_id_enc); } - _INFO("after assertions"); _free_auth_reg_assertion_tlv(assrt_tlv); json_builder_end_object(obj); - - assertions_iter = assertions_iter->next; - + SAFE_DELETE(aaid); } - json_builder_end_array(auth_root); /*authenticators*/ - - json_builder_end_object(uaf_1_root); - - json_builder_end_array(root_array); - JsonNode *root_builder = json_builder_get_root(builder); JsonGenerator *gen = json_generator_new(); json_generator_set_root(gen, root_builder); diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c old mode 100644 new mode 100755 index d6684e0..c9cf93a --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -209,10 +209,16 @@ __get_pub_key(const char *json_id_str) RET_IF_FAIL(json_id_str != NULL, NULL); - char *save_ptr; - char *os = strtok_r(strdup(json_id_str), ":", &save_ptr); + char *save_ptr = NULL, *tempStr = NULL; + tempStr = strdup(json_id_str); + RET_IF_FAIL(json_id_str != NULL, NULL); + + char *os = strtok_r(tempStr, ":", &save_ptr); - RET_IF_FAIL(os != NULL, NULL); + if (os == NULL) { + free(tempStr); + return NULL; + } if (strcmp(os, FIDO_APP_ID_KEY_TIZEN) != 0) { _ERR("[%s] is not supported", os); @@ -220,7 +226,10 @@ __get_pub_key(const char *json_id_str) } char *type = strtok_r(NULL, ":", &save_ptr); - RET_IF_FAIL(type != NULL, NULL); + + if (type == NULL) { + return NULL; + } if (strcmp(type, FIDO_APP_ID_KEY_PKG_HASH) != 0) { _ERR("[%s] is not supported", type); @@ -568,7 +577,7 @@ __get_tz_facet_id_of_caller(const char *caller_app_id, GDBusMethodInvocation *in tz_facet_id = (char*)(calloc(1, tz_facet_id_max_len)); snprintf(tz_facet_id, tz_facet_id_max_len, "%s:%s", "tizen:pkg-key-hash", author_cert_hash); - + SAFE_DELETE(author_cert_hash); CATCH: pkgmgrinfo_pkginfo_destroy_certinfo(cert_handle); pkgmgrinfo_pkginfo_destroy_pkginfo(handle); diff --git a/test/Dummy_ASM_DBUS/dummy_asm_server.c b/test/Dummy_ASM_DBUS/dummy_asm_server.c index ad87871..0b24aef 100755 --- a/test/Dummy_ASM_DBUS/dummy_asm_server.c +++ b/test/Dummy_ASM_DBUS/dummy_asm_server.c @@ -159,9 +159,11 @@ __get_request_type(const char *asm_req_json) JsonObject *root_obj = json_node_get_object(root); const char *req_type = json_object_get_string_member(root_obj, "requestType"); - - return strdup(req_type); - + if (req_type != NULL) { + return strdup(req_type); + } else { + return NULL; + } } gboolean @@ -201,6 +203,7 @@ _dbus_on_asm_request(Dummyasm *object, GDBusMethodInvocation *invocation, const if (strcmp(req_type, "GetRegistrations") == 0) dummyasm_complete_asm_request(object, invocation, 0, _GET_REGISTRATIONS_RESPONSE); + free(req_type); return true; } -- 2.7.4 From ca35f683315b18d1344004adf580e5b7a5d127d7 Mon Sep 17 00:00:00 2001 From: jkjo92 Date: Fri, 11 May 2018 11:14:29 +0900 Subject: [PATCH 07/16] [Do Not Merge]Dbus/Cynara Policy Fix Change-Id: If71a04dc87a2f4d440bb2fb681bca753befbb8b5 Signed-off-by: Susnata Sovalin Signed-off-by: jkjo92 Signed-off-by: Hyotaek Shim --- packaging/org.tizen.dummyasm.conf | 13 +++++++------ packaging/org.tizen.fido.conf | 13 +++++++------ 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/packaging/org.tizen.dummyasm.conf b/packaging/org.tizen.dummyasm.conf index e3773ae..f0f3a90 100755 --- a/packaging/org.tizen.dummyasm.conf +++ b/packaging/org.tizen.dummyasm.conf @@ -2,18 +2,19 @@ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> + + + - - - - - - + + + diff --git a/packaging/org.tizen.fido.conf b/packaging/org.tizen.fido.conf index 8a5746a..f271d29 100755 --- a/packaging/org.tizen.fido.conf +++ b/packaging/org.tizen.fido.conf @@ -2,18 +2,19 @@ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> + + + - - - - - - + + + -- 2.7.4 From 372fde7bd1e45186dc096d8dfe702b49c4979c77 Mon Sep 17 00:00:00 2001 From: Randeep Singh Date: Wed, 16 May 2018 12:35:44 +0530 Subject: [PATCH 08/16] Fixed coverity issues Change-Id: Ie78aac97b0bd37ab45883623f8d65e0ca4caab78 Signed-off-by: Randeep Singh --- common/fido_json_handler.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/common/fido_json_handler.c b/common/fido_json_handler.c index d7cb399..e5c276e 100755 --- a/common/fido_json_handler.c +++ b/common/fido_json_handler.c @@ -1906,8 +1906,10 @@ _uaf_composer_compose_final_challenge(const char *app_id, const char *challenge, GError *chb_err = NULL; bool chb_parsed = json_parser_load_from_data(chb_parser, ch_bin, -1, &chb_err); - if (chb_parsed == FALSE) + if (chb_parsed == FALSE) { + g_object_unref(builder); return NULL; + } JsonNode *chb_root = json_parser_get_root(chb_parser); if (chb_root == NULL) { -- 2.7.4 From e5858d5f19c261e4aef6b09b1568296ac0de16e3 Mon Sep 17 00:00:00 2001 From: Youngjae Shin Date: Thu, 24 May 2018 11:53:19 +0900 Subject: [PATCH 09/16] increase code quality(static analysis) Change-Id: If9ba42405574dde1c030d072a7f518c2c4a2e4cd --- server/fido_selection_ui_adaptor.c | 3 +++ server/fido_server.c | 3 --- test/Dummy_ASM_DBUS/dummy_asm_server.c | 5 ++++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/server/fido_selection_ui_adaptor.c b/server/fido_selection_ui_adaptor.c index 9bb5879..3b5d31b 100755 --- a/server/fido_selection_ui_adaptor.c +++ b/server/fido_selection_ui_adaptor.c @@ -480,6 +480,7 @@ _auth_ui_selector_on_ui_response(Fido *object, GDBusMethodInvocation *invocation if (strcmp(caller, _UI_SVC_BIN_PATH) != 0) { _ERR("[%s] is not allowed", caller); __start_ui_svc_term_timer(); + free(caller); return true; } @@ -517,6 +518,8 @@ CATCH: __start_ui_svc_term_timer(); } + free(caller); + g_main_loop_quit(__mainLoop); return true; } diff --git a/server/fido_server.c b/server/fido_server.c index b7b4bc5..9afed7c 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -686,10 +686,7 @@ __handle_auth(_process_cb_data_t *cb_data, _matched_auth_data_t *matched_auth) if (auth_idx_int == -1) { _ERR("ASM in data missing"); _send_process_response(cb_data, FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR, NULL); - - _free_fido_asm_auth_in(auth_asm_in); SAFE_DELETE(version); - return; } diff --git a/test/Dummy_ASM_DBUS/dummy_asm_server.c b/test/Dummy_ASM_DBUS/dummy_asm_server.c index 0b24aef..97039a6 100755 --- a/test/Dummy_ASM_DBUS/dummy_asm_server.c +++ b/test/Dummy_ASM_DBUS/dummy_asm_server.c @@ -181,12 +181,14 @@ _dbus_on_asm_request(Dummyasm *object, GDBusMethodInvocation *invocation, const if (strcmp(caller_path, _FIDO_SERVICE_PATH) != 0) { _ERR("Only fido-service is allowed to call ASM"); dummyasm_complete_asm_request(object, invocation, -1, NULL); + free(caller_path); return true; } char *req_type = __get_request_type(uaf_request_json); if (req_type == NULL) { - dummyasm_complete_asm_request(object, invocation, -1, NULL); + dummyasm_complete_asm_request(object, invocation, -1, NULL); + free(caller_path); return true; } @@ -204,6 +206,7 @@ _dbus_on_asm_request(Dummyasm *object, GDBusMethodInvocation *invocation, const dummyasm_complete_asm_request(object, invocation, 0, _GET_REGISTRATIONS_RESPONSE); free(req_type); + free(caller_path); return true; } -- 2.7.4 From 30fd45092e7ed7c7c6d1c4a387a3b4f12a6f6c99 Mon Sep 17 00:00:00 2001 From: kamaljeet Date: Tue, 7 Aug 2018 11:36:32 +0530 Subject: [PATCH 10/16] Change in dbus policy to remove at_console Change-Id: Icb6f45c7565bc32dff86246c2049ab66436208b0 Signed-off-by: kamaljeet --- packaging/org.tizen.dummyasm.conf | 3 --- packaging/org.tizen.fido.conf | 3 --- 2 files changed, 6 deletions(-) diff --git a/packaging/org.tizen.dummyasm.conf b/packaging/org.tizen.dummyasm.conf index f0f3a90..7b0ff67 100755 --- a/packaging/org.tizen.dummyasm.conf +++ b/packaging/org.tizen.dummyasm.conf @@ -8,9 +8,6 @@ - - - diff --git a/packaging/org.tizen.fido.conf b/packaging/org.tizen.fido.conf index f271d29..f643bb7 100755 --- a/packaging/org.tizen.fido.conf +++ b/packaging/org.tizen.fido.conf @@ -8,9 +8,6 @@ - - - -- 2.7.4 From 50d5b717f2a0305f5b03c5c5eafed59359af13e2 Mon Sep 17 00:00:00 2001 From: Susnata Sovalin Date: Wed, 5 Sep 2018 11:49:08 +0530 Subject: [PATCH 11/16] Typo error fix Change-Id: I8a753cd7405f2cab41a36d412e4057d78dedf26f Signed-off-by: Susnata Sovalin --- doc/fido_doc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/fido_doc.h b/doc/fido_doc.h index 8ac58d9..da37a27 100755 --- a/doc/fido_doc.h +++ b/doc/fido_doc.h @@ -45,13 +45,13 @@ * * @defgroup CAPI_FIDO_UAF_MESSAGES_MODULE FIDO UAF MESSAGES * @ingroup CAPI_FIDO_MODULE - * @brief Fido UAF Messasges + * @brief Fido UAF Messages * * @section CAPI_FIDO_UAF_CLIENT_HEADER Required Header * \#include * * @section CAPI_FIDO_REQUESTS_MODULE_OVERVIEW Overview - * The FIDO UAF Client APIs which process UAF meesages from fido server. + * The FIDO UAF Client APIs which process UAF messages from fido server. * More details about the FIDO specification can be found in https://fidoalliance.org/specifications/download * * @defgroup CAPI_FIDO_AUTHENTICATOR_MODULE FIDO AUTHENTICATOR -- 2.7.4 From c421ea47632406434e61c449705659987e686d7d Mon Sep 17 00:00:00 2001 From: "srinivasa.m" Date: Wed, 13 Feb 2019 12:11:00 +0530 Subject: [PATCH 12/16] SVACE issues Fix Change-Id: I531df4a0c1d0ec4d4478d0560ec2a7c5535f1f51 --- common/fido_json_handler.c | 10 +++++++--- server/fido_server.c | 6 ++++-- server/fido_uaf_policy_checker.c | 5 +++-- 3 files changed, 14 insertions(+), 7 deletions(-) mode change 100644 => 100755 server/fido_uaf_policy_checker.c diff --git a/common/fido_json_handler.c b/common/fido_json_handler.c index e5c276e..31b4aff 100755 --- a/common/fido_json_handler.c +++ b/common/fido_json_handler.c @@ -885,6 +885,7 @@ _uaf_parser_parse_asm_response_discover_client(char **asm_response_list, int len int auth_index = json_object_get_int_member(auth_obj, _JSON_KEY_AUTH_INDEX); char *auth_idx_str = (char*)calloc(1, 128); + CATCH_IF_FAIL(auth_idx_str != NULL); snprintf(auth_idx_str, 127, "%d", auth_index); auth_info->auth_index = auth_idx_str; @@ -981,6 +982,7 @@ _uaf_parser_parse_asm_response_discover_client(char **asm_response_list, int len /* Supported UAF versions is fixed to 1.0*/ fido_version_s *version = calloc(1, sizeof(fido_version_s)); + CATCH_IF_FAIL(version != NULL); version->major = _VERSION_MAJOR; version->minor = _VERSION_MINOR; @@ -1098,10 +1100,11 @@ _uaf_parser_parse_asm_response_discover(GList *asm_response_list, int *error_cod JsonObject *auth_obj = json_array_get_object_element(auth_arr, auth_arr_index); if (auth_obj != NULL) { fido_authenticator_s *auth_info = (fido_authenticator_s *)calloc(1, sizeof(fido_authenticator_s)); - + CATCH_IF_FAIL(auth_info != NULL); int auth_index = json_object_get_int_member(auth_obj, _JSON_KEY_AUTH_INDEX); char *auth_idx_str = (char*)calloc(1, 128); + CATCH_IF_FAIL(auth_idx_str != NULL); snprintf(auth_idx_str, 127, "%d", auth_index); auth_info->auth_index = auth_idx_str; @@ -2776,7 +2779,7 @@ __get_transaction_list(JsonObject *uaf_obj) if (tr_obj != NULL) { _auth_transaction_t *trans = calloc(1, sizeof(_auth_transaction_t)); - + RET_IF_FAIL(trans != NULL, NULL); trans->content_type = __get_string_from_json_object(tr_obj, _JSON_KEY_CONTENT_TYPE); trans->content = __get_string_from_json_object(tr_obj, _JSON_KEY_CONTENT); @@ -3085,6 +3088,7 @@ _uaf_parser_parse_uaf_response(const char *uaf_response) if (assrt_json_obj != NULL) { _auth_reg_assertion_t *assrt_data = (_auth_reg_assertion_t*)calloc(1, sizeof(_auth_reg_assertion_t)); + CATCH_IF_FAIL(assrt_data != NULL); assrt_data->assertion = __get_string_from_json_object(assrt_json_obj, _JSON_KEY_ASSERTION); assrt_data->assertion_schm = __get_string_from_json_object(assrt_json_obj, _JSON_KEY_ASSERT_SCHEME); @@ -3174,7 +3178,7 @@ _uaf_parser_parser_asm_get_reg_response(const char *get_reg_resp) if (app_id != NULL || key_id_list != NULL) { _asm_app_reg_t *app_reg = (_asm_app_reg_t*) calloc(1, sizeof(_asm_app_reg_t)); - + CATCH_IF_FAIL(app_reg != NULL); if (app_id != NULL) { _INFO("app_id = [%s]", app_id); app_reg->app_id = strdup(app_id); diff --git a/server/fido_server.c b/server/fido_server.c index 9afed7c..a036116 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -536,12 +536,12 @@ __copy_convert_uaf_trans_list(GList *uaf_tr_list) _auth_transaction_t *uaf_tr = (_auth_transaction_t*)(uaf_tr_list_iter->data); _fido_asm_transaction_t *asm_tr = calloc(1, sizeof(_fido_asm_transaction_t)); - + RET_IF_FAIL(asm_tr != NULL, NULL); asm_tr->content = __dup_string(uaf_tr->content); asm_tr->content_type = __dup_string(uaf_tr->content_type); if (uaf_tr->display_charac != NULL) { asm_tr->display_charac = calloc(1, sizeof(_fido_asm_display_png_characteristics_descriptor_t)); - + RET_IF_FAIL(asm_tr->display_charac != NULL, NULL); asm_tr->display_charac->bit_depth = uaf_tr->display_charac->bit_depth; asm_tr->display_charac->color_type = uaf_tr->display_charac->color_type; asm_tr->display_charac->compression = uaf_tr->display_charac->compression; @@ -557,6 +557,7 @@ __copy_convert_uaf_trans_list(GList *uaf_tr_list) fido_rgb_pallette_entry_s *uaf_plte_entry = (fido_rgb_pallette_entry_s*)(uaf_plte_iter->data); fido_rgb_pallette_entry_s *asm_plte_entry = calloc(1, sizeof(fido_rgb_pallette_entry_s)); + RET_IF_FAIL(asm_plte_entry != NULL, NULL); asm_plte_entry->r = uaf_plte_entry->r; asm_plte_entry->g = uaf_plte_entry->g; asm_plte_entry->b = uaf_plte_entry->b; @@ -1169,6 +1170,7 @@ _discover_response_cb_for_process(int tz_error_code, int error_code, GList *avai if (match_data != NULL) { _ui_auth_data_t *ui_data = (_ui_auth_data_t*) calloc(1, sizeof(_ui_auth_data_t)); + RET_IF_FAIL_VOID(ui_data != NULL); if (match_data->asm_id != NULL) ui_data->asm_id = strdup(match_data->asm_id); else diff --git a/server/fido_uaf_policy_checker.c b/server/fido_uaf_policy_checker.c old mode 100644 new mode 100755 index f055ac8..4abb312 --- a/server/fido_uaf_policy_checker.c +++ b/server/fido_uaf_policy_checker.c @@ -360,7 +360,7 @@ __copy_png_list(GList *src_list) if (src_data != NULL) { fido_display_png_characteristics_descriptor_s *dest_data = calloc(1, sizeof(fido_display_png_characteristics_descriptor_s)); - + RET_IF_FAIL(dest_data != NULL, NULL); dest_data->bit_depth = src_data->bit_depth; dest_data->color_type = src_data->color_type; dest_data->compression = src_data->compression; @@ -376,6 +376,7 @@ __copy_png_list(GList *src_list) fido_rgb_pallette_entry_s *plte_src_data = (fido_rgb_pallette_entry_s*)(p_iter->data); if (plte_src_data != NULL) { fido_rgb_pallette_entry_s *plte_dest_data = calloc(1, sizeof(fido_rgb_pallette_entry_s)); + RET_IF_FAIL(plte_dest_data != NULL, NULL); plte_dest_data->r = plte_src_data->r; plte_dest_data->g = plte_src_data->g; plte_dest_data->b = plte_src_data->b; @@ -559,7 +560,7 @@ _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) for (; allowed_list_iter_next != NULL; allowed_list_iter_next = allowed_list_iter_next->next) { _matched_auth_data_t *matched_auth_data_nxt = (_matched_auth_data_t*)allowed_list_iter_next->data; - + RET_IF_FAIL(matched_auth_data_nxt != NULL, NULL); if (strcmp(matched_auth_data_nxt->asm_id, matched_auth_data->asm_id) == 0) { if (strcmp(matched_auth_data_nxt->auth_index, matched_auth_data->auth_index) == 0) { -- 2.7.4 From 42da344a31b03a6c0d67d24fdf0d4ccecc672cc8 Mon Sep 17 00:00:00 2001 From: "srinivasa.m" Date: Mon, 18 Feb 2019 12:26:51 +0530 Subject: [PATCH 13/16] SVACE issues Fix Change-Id: I61a0d086b05ba2c12b0946d2512c89849d7ecab4 --- common/fido_json_handler.c | 14 ++++++++++---- server/fido_server.c | 11 +++++++++-- server/fido_uaf_policy_checker.c | 7 +++++-- 3 files changed, 24 insertions(+), 8 deletions(-) diff --git a/common/fido_json_handler.c b/common/fido_json_handler.c index 31b4aff..af212f7 100755 --- a/common/fido_json_handler.c +++ b/common/fido_json_handler.c @@ -771,6 +771,9 @@ _uaf_parser_parse_asm_response_discover_client(char **asm_response_list, int len RET_IF_FAIL(asm_response_list != NULL, NULL); GList *available_authenticators = NULL; + fido_authenticator_s *auth_info = NULL; + char *auth_idx_str = NULL; + fido_version_s *version = NULL; int i = 0; for (; i < len; i++) { @@ -880,11 +883,11 @@ _uaf_parser_parse_asm_response_discover_client(char **asm_response_list, int len for (auth_arr_index = 0; auth_arr_index < auth_arr_len; auth_arr_index++) { JsonObject *auth_obj = json_array_get_object_element(auth_arr, auth_arr_index); if (auth_obj != NULL) { - fido_authenticator_s *auth_info = (fido_authenticator_s *)calloc(1, sizeof(fido_authenticator_s)); - + auth_info = (fido_authenticator_s *)calloc(1, sizeof(fido_authenticator_s)); + CATCH_IF_FAIL(auth_info != NULL); int auth_index = json_object_get_int_member(auth_obj, _JSON_KEY_AUTH_INDEX); - char *auth_idx_str = (char*)calloc(1, 128); + auth_idx_str = (char*)calloc(1, 128); CATCH_IF_FAIL(auth_idx_str != NULL); snprintf(auth_idx_str, 127, "%d", auth_index); @@ -981,7 +984,7 @@ _uaf_parser_parse_asm_response_discover_client(char **asm_response_list, int len auth_info->icon = strdup(icon); /* Supported UAF versions is fixed to 1.0*/ - fido_version_s *version = calloc(1, sizeof(fido_version_s)); + version = calloc(1, sizeof(fido_version_s)); CATCH_IF_FAIL(version != NULL); version->major = _VERSION_MAJOR; version->minor = _VERSION_MINOR; @@ -1006,6 +1009,9 @@ _uaf_parser_parse_asm_response_discover_client(char **asm_response_list, int len return available_authenticators; CATCH: + SAFE_DELETE(auth_info); + SAFE_DELETE(auth_idx_str); + SAFE_DELETE(version); return NULL; } diff --git a/server/fido_server.c b/server/fido_server.c index a036116..ebff8f0 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -541,7 +541,10 @@ __copy_convert_uaf_trans_list(GList *uaf_tr_list) asm_tr->content_type = __dup_string(uaf_tr->content_type); if (uaf_tr->display_charac != NULL) { asm_tr->display_charac = calloc(1, sizeof(_fido_asm_display_png_characteristics_descriptor_t)); - RET_IF_FAIL(asm_tr->display_charac != NULL, NULL); + if(asm_tr->display_charac == NULL) { + SAFE_DELETE(asm_tr); + return NULL; + } asm_tr->display_charac->bit_depth = uaf_tr->display_charac->bit_depth; asm_tr->display_charac->color_type = uaf_tr->display_charac->color_type; asm_tr->display_charac->compression = uaf_tr->display_charac->compression; @@ -557,7 +560,11 @@ __copy_convert_uaf_trans_list(GList *uaf_tr_list) fido_rgb_pallette_entry_s *uaf_plte_entry = (fido_rgb_pallette_entry_s*)(uaf_plte_iter->data); fido_rgb_pallette_entry_s *asm_plte_entry = calloc(1, sizeof(fido_rgb_pallette_entry_s)); - RET_IF_FAIL(asm_plte_entry != NULL, NULL); + if(asm_plte_entry == NULL) { + SAFE_DELETE(asm_tr->display_charac); + SAFE_DELETE(asm_tr); + return NULL; + } asm_plte_entry->r = uaf_plte_entry->r; asm_plte_entry->g = uaf_plte_entry->g; asm_plte_entry->b = uaf_plte_entry->b; diff --git a/server/fido_uaf_policy_checker.c b/server/fido_uaf_policy_checker.c index 4abb312..ece286c 100755 --- a/server/fido_uaf_policy_checker.c +++ b/server/fido_uaf_policy_checker.c @@ -546,7 +546,7 @@ _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) continue; _matched_auth_data_t *matched_auth_data_new = (_matched_auth_data_t*) calloc(1, sizeof(_matched_auth_data_t)); - + RET_IF_FAIL(matched_auth_data_new != NULL, NULL); matched_auth_data_new->auth_index = _SAFE_DUP(matched_auth_data->auth_index); matched_auth_data_new->att_type = matched_auth_data->att_type; matched_auth_data_new->asm_id = _SAFE_DUP(matched_auth_data->asm_id); @@ -560,7 +560,10 @@ _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) for (; allowed_list_iter_next != NULL; allowed_list_iter_next = allowed_list_iter_next->next) { _matched_auth_data_t *matched_auth_data_nxt = (_matched_auth_data_t*)allowed_list_iter_next->data; - RET_IF_FAIL(matched_auth_data_nxt != NULL, NULL); + if(matched_auth_data_nxt == NULL){ + SAFE_DELETE(matched_auth_data_new); + return NULL; + } if (strcmp(matched_auth_data_nxt->asm_id, matched_auth_data->asm_id) == 0) { if (strcmp(matched_auth_data_nxt->auth_index, matched_auth_data->auth_index) == 0) { -- 2.7.4 From 984a80933e88bef2f09875333cd936ba42e29ec8 Mon Sep 17 00:00:00 2001 From: "srinivasa.m" Date: Mon, 18 Feb 2019 13:44:41 +0530 Subject: [PATCH 14/16] SVACE issues Fix Change-Id: I9a8ef157371c7c242f2142c3e15298c9ce738038 --- server/fido_server.c | 4 ++-- server/fido_uaf_policy_checker.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/server/fido_server.c b/server/fido_server.c index ebff8f0..d600cea 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -541,7 +541,7 @@ __copy_convert_uaf_trans_list(GList *uaf_tr_list) asm_tr->content_type = __dup_string(uaf_tr->content_type); if (uaf_tr->display_charac != NULL) { asm_tr->display_charac = calloc(1, sizeof(_fido_asm_display_png_characteristics_descriptor_t)); - if(asm_tr->display_charac == NULL) { + if (asm_tr->display_charac == NULL) { SAFE_DELETE(asm_tr); return NULL; } @@ -560,7 +560,7 @@ __copy_convert_uaf_trans_list(GList *uaf_tr_list) fido_rgb_pallette_entry_s *uaf_plte_entry = (fido_rgb_pallette_entry_s*)(uaf_plte_iter->data); fido_rgb_pallette_entry_s *asm_plte_entry = calloc(1, sizeof(fido_rgb_pallette_entry_s)); - if(asm_plte_entry == NULL) { + if (asm_plte_entry == NULL) { SAFE_DELETE(asm_tr->display_charac); SAFE_DELETE(asm_tr); return NULL; diff --git a/server/fido_uaf_policy_checker.c b/server/fido_uaf_policy_checker.c index ece286c..23fc84f 100755 --- a/server/fido_uaf_policy_checker.c +++ b/server/fido_uaf_policy_checker.c @@ -560,7 +560,7 @@ _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) for (; allowed_list_iter_next != NULL; allowed_list_iter_next = allowed_list_iter_next->next) { _matched_auth_data_t *matched_auth_data_nxt = (_matched_auth_data_t*)allowed_list_iter_next->data; - if(matched_auth_data_nxt == NULL){ + if (matched_auth_data_nxt == NULL) { SAFE_DELETE(matched_auth_data_new); return NULL; } -- 2.7.4 From 7d9ed879683a4aa9f01cc99fc5ec9e17ce10df58 Mon Sep 17 00:00:00 2001 From: chakradhar Date: Tue, 16 Apr 2019 17:17:22 +0530 Subject: [PATCH 15/16] Heap buffer overflow Change-Id: Icbe3f7eb6340404e9a0ef899c91736e2aa237e11 --- server/fido_server.c | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/server/fido_server.c b/server/fido_server.c index d600cea..d1b3347 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -156,27 +156,32 @@ _asm_get_info_cb(GList *asm_resp_list, void *user_data) if (asm_resp_list != NULL) { - int str_list_len = g_list_length(asm_resp_list); - char **asm_resp_json_arr = calloc(str_list_len, sizeof(int)); int data_len = 0; int i = 0; - + int str_list_len = g_list_length(asm_resp_list); GList *asm_resp_list_iter = g_list_first(asm_resp_list); - while (asm_resp_list_iter != NULL) { - _asm_discover_response_t *disc_resp = (_asm_discover_response_t*)(asm_resp_list_iter->data); + char **asm_resp_json_arr = calloc(str_list_len, sizeof(int)); + + if (asm_resp_json_arr != NULL) { + while (asm_resp_list_iter != NULL) { + _asm_discover_response_t *disc_resp = (_asm_discover_response_t*)(asm_resp_list_iter->data); - if (disc_resp->asm_response_json != NULL) { - asm_resp_json_arr[i++] = strdup(disc_resp->asm_response_json); - data_len++; + if (disc_resp->asm_response_json != NULL) { + asm_resp_json_arr[i] = strdup(disc_resp->asm_response_json); + if (asm_resp_json_arr[i] == NULL) { + break; + } + i++; + data_len++; + } + asm_resp_list_iter = g_list_next(asm_resp_list_iter); } - asm_resp_list_iter = g_list_next(asm_resp_list_iter); - } - __send_discover_response(dbus_info->dbus_obj, dbus_info->invocation, FIDO_ERROR_NONE, - asm_resp_json_arr, data_len); + __send_discover_response(dbus_info->dbus_obj, dbus_info->invocation, FIDO_ERROR_NONE, asm_resp_json_arr, data_len); + + } } else - __send_discover_response(dbus_info->dbus_obj, dbus_info->invocation, FIDO_ERROR_NOT_SUPPORTED, - NULL, 0); + __send_discover_response(dbus_info->dbus_obj, dbus_info->invocation, FIDO_ERROR_NOT_SUPPORTED, NULL, 0); } if (asm_resp_list != NULL) -- 2.7.4 From 82979ac9b4cd3acaa43854121d3b66cad9b2c2c6 Mon Sep 17 00:00:00 2001 From: chakradhar Date: Fri, 3 May 2019 11:53:23 +0530 Subject: [PATCH 16/16] heap buffer overflow fixed Change-Id: Ieb868278505ea357827db18330079898b86a80a2 Signed-off-by: chakradhar --- server/fido_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/fido_server.c b/server/fido_server.c index d1b3347..25f5c7d 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -160,7 +160,7 @@ _asm_get_info_cb(GList *asm_resp_list, void *user_data) int i = 0; int str_list_len = g_list_length(asm_resp_list); GList *asm_resp_list_iter = g_list_first(asm_resp_list); - char **asm_resp_json_arr = calloc(str_list_len, sizeof(int)); + char **asm_resp_json_arr = calloc(str_list_len + 1, sizeof(int)); if (asm_resp_json_arr != NULL) { while (asm_resp_list_iter != NULL) { -- 2.7.4