[pkg-opensc-commit] [opensc] 04/295: avoid using an uninitialized buffer
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:10 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit 04825d8d7ebb41bf0ab0bdab14c84de68636271f
Author: Frank Morgner <frankmorgner at gmail.com>
Date: Sat Jun 4 01:02:01 2016 +0200
avoid using an uninitialized buffer
---
src/tools/pkcs11-tool.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index 15677b4..d8ccc2c 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -388,6 +388,7 @@ static const char * CKR2Str(CK_ULONG res);
static int p11_test(CK_SESSION_HANDLE session);
static int test_card_detection(int);
static int hex_to_bin(const char *in, CK_BYTE *out, size_t *outlen);
+static void pseudo_randomize(unsigned char *data, size_t dataLen);
static void test_kpgen_certwrite(CK_SLOT_ID slot, CK_SESSION_HANDLE session);
static void test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session);
#ifndef _WIN32
@@ -3313,6 +3314,7 @@ static int test_digest(CK_SESSION_HANDLE session)
}
/* 1st test */
+ pseudo_randomize(data, sizeof(data));
ck_mech.mechanism = firstMechType;
rv = p11->C_DigestInit(session, &ck_mech);
@@ -3686,9 +3688,6 @@ static int test_signature(CK_SESSION_HANDLE sess)
return 0;
}
- data[0] = 0;
- data[1] = 1;
-
/* 1st test */
/* assume --login has already authenticated the key */
@@ -3705,6 +3704,8 @@ static int test_signature(CK_SESSION_HANDLE sess)
break;
}
+ pseudo_randomize(data, dataLen);
+
ck_mech.mechanism = firstMechType;
rv = p11->C_SignInit(sess, &ck_mech, privKeyObject);
/* mechanism not implemented, don't test */
@@ -4838,6 +4839,17 @@ static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
return 1;
}
+static void pseudo_randomize(unsigned char *data, size_t dataLen)
+{
+ size_t i = 0;
+ /* initialization with some data */
+ while (i < dataLen) {
+ *data = rand() & 0xFF;
+ data++;
+ i++;
+ }
+}
+
static struct mech_info p11_mechanisms[] = {
{ CKM_RSA_PKCS_KEY_PAIR_GEN, "RSA-PKCS-KEY-PAIR-GEN", NULL },
{ CKM_RSA_PKCS, "RSA-PKCS", NULL },
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list