Changeset 5535a47 for unix.c


Ignore:
Timestamp:
2015-05-07T23:12:06Z (9 years ago)
Author:
dequis <dx@…>
Branches:
master
Children:
088b070
Parents:
81a15da
git-author:
dequis <dx@…> (07-05-15 23:04:47)
git-committer:
dequis <dx@…> (07-05-15 23:12:06)
Message:

More coverity fixes!

CID 18634: 'Logically dead code' in jabber_get_info
CID 18638: 'Dereference after null check' in oauth2_access_token_done
CID 18691: 'Copy into fixed size buffer' in bee_irc_user_new
CID 20274: Leak in bee_irc_chat_invite
CID 20297, CID 20283: Leaks in crypt_main

Some the base64 leaks there weren't detected, needs modeling.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • unix.c

    r81a15da r5535a47  
    212212                       argv[0], argv[0], argv[0], argv[0], argv[0]);
    213213        } else if (strcmp(argv[2], "enc") == 0) {
    214                 pass_len = arc_encode(argv[4], strlen(argv[4]), (unsigned char **) &pass_cr, argv[3], 12);
    215                 printf("%s\n", base64_encode(pass_cr, pass_len));
     214                char *encoded;
     215
     216                pass_len = arc_encode(argv[4], strlen(argv[4]), &pass_cr, argv[3], 12);
     217
     218                encoded = base64_encode(pass_cr, pass_len);
     219                printf("%s\n", encoded);
     220                g_free(encoded);
     221                g_free(pass_cr);
    216222        } else if (strcmp(argv[2], "dec") == 0) {
    217                 pass_len = base64_decode(argv[4], (unsigned char **) &pass_cr);
     223                pass_len = base64_decode(argv[4], &pass_cr);
    218224                arc_decode(pass_cr, pass_len, (char **) &pass_cl, argv[3]);
    219225                printf("%s\n", pass_cl);
     226
     227                g_free(pass_cr);
     228                g_free(pass_cl);
    220229        } else if (strcmp(argv[2], "hash") == 0) {
    221230                md5_byte_t pass_md5[21];
    222231                md5_state_t md5_state;
     232                char *encoded;
    223233
    224234                random_bytes(pass_md5 + 16, 5);
     
    228238                md5_finish(&md5_state, pass_md5);
    229239
    230                 printf("%s\n", base64_encode(pass_md5, 21));
     240                encoded = base64_encode(pass_md5, 21);
     241                printf("%s\n", encoded);
     242                g_free(encoded);
    231243        } else if (strcmp(argv[2], "unhash") == 0) {
    232244                printf("Hash %s submitted to a massive Beowulf cluster of\n"
Note: See TracChangeset for help on using the changeset viewer.