summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStef Walter <stefw@gnome.org>2012-06-29 16:26:20 +0200
committerStef Walter <stefw@gnome.org>2012-06-29 16:27:15 +0200
commit413ca6be40a4f9351f12030c791544edd5a52e16 (patch)
tree7f5b39ebb6f5498437085bfde930d09cb2f9f414
parentda2606bfbbdbd36d5e42bf2acf614735dfc515d2 (diff)
Don't allow reading of pin files larger than 4096 bytes
* p11_kit_pin_file_callback() only returns pins up to 4096 bytes now
-rw-r--r--p11-kit/pin.c19
-rw-r--r--tests/files/test-pinfile-large53
-rw-r--r--tests/pin-test.c26
3 files changed, 91 insertions, 7 deletions
diff --git a/p11-kit/pin.c b/p11-kit/pin.c
index ff09d57..f7ec783 100644
--- a/p11-kit/pin.c
+++ b/p11-kit/pin.c
@@ -429,6 +429,8 @@ p11_kit_pin_request (const char *pin_source,
* where an application is expecting to interact with a prompter, but
* instead is interacting with this callback reading a file over and over.
*
+ * This callback fail on larger than 4 Kilobytes.
+ *
* This callback is not registered by default. To register it use code like
* the following:
*
@@ -447,6 +449,7 @@ p11_kit_pin_file_callback (const char *pin_source,
P11KitPinFlags pin_flags,
void *callback_data)
{
+ const size_t block = 1024;
unsigned char *buffer;
unsigned char *memory;
size_t used, allocated;
@@ -469,15 +472,18 @@ p11_kit_pin_file_callback (const char *pin_source,
allocated = 0;
for (;;) {
- if (used + 256 > allocated) {
- memory = realloc (buffer, used + 1024);
+ if (used + block > 4096) {
+ error = EOVERFLOW;
+ break;
+ }
+ if (used + block > allocated) {
+ memory = realloc (buffer, used + block);
if (memory == NULL) {
- free (buffer);
error = ENOMEM;
break;
}
buffer = memory;
- allocated = used + 1024;
+ allocated = used + block;
}
res = read (fd, buffer + used, allocated - used);
@@ -485,8 +491,6 @@ p11_kit_pin_file_callback (const char *pin_source,
if (errno == EAGAIN)
continue;
error = errno;
- free (buffer);
- buffer = NULL;
error = errno;
break;
} else if (res == 0) {
@@ -496,7 +500,8 @@ p11_kit_pin_file_callback (const char *pin_source,
}
}
- if (buffer == NULL) {
+ if (error != 0) {
+ free (buffer);
errno = error;
return NULL;
}
diff --git a/tests/files/test-pinfile-large b/tests/files/test-pinfile-large
new file mode 100644
index 0000000..506668d
--- /dev/null
+++ b/tests/files/test-pinfile-large
@@ -0,0 +1,53 @@
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba yogabbagabba
+yogabbagabba yogabbagabba yogabbagabba yo \ No newline at end of file
diff --git a/tests/pin-test.c b/tests/pin-test.c
index 0f6261f..3a50e46 100644
--- a/tests/pin-test.c
+++ b/tests/pin-test.c
@@ -254,6 +254,31 @@ test_pin_file (CuTest *tc)
}
static void
+test_pin_file_large (CuTest *tc)
+{
+ P11KitUri *uri;
+ P11KitPin *pin;
+ int error;
+
+ uri = p11_kit_uri_new ();
+
+ p11_kit_pin_register_callback (P11_KIT_PIN_FALLBACK, p11_kit_pin_file_callback,
+ NULL, NULL);
+
+ pin = p11_kit_pin_request (SRCDIR "/files/test-pinfile-large", uri, "The token",
+ P11_KIT_PIN_FLAGS_USER_LOGIN);
+
+ error = errno;
+ CuAssertPtrEquals (tc, NULL, pin);
+ CuAssertIntEquals (tc, EOVERFLOW, error);
+
+ p11_kit_pin_unregister_callback (P11_KIT_PIN_FALLBACK, p11_kit_pin_file_callback,
+ NULL);
+
+ p11_kit_uri_free (uri);
+}
+
+static void
test_pin_ref_unref (CuTest *tc)
{
P11KitPin *pin;
@@ -283,6 +308,7 @@ main (void)
SUITE_ADD_TEST (suite, test_pin_register_duplicate);
SUITE_ADD_TEST (suite, test_pin_register_fallback);
SUITE_ADD_TEST (suite, test_pin_file);
+ SUITE_ADD_TEST (suite, test_pin_file_large);
SUITE_ADD_TEST (suite, test_pin_ref_unref);
CuSuiteRun (suite);