geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Addressed issues found during the SuSE security review.

Browse Source
This commit is contained in:
Juan Carlos Luciani 2007-02-02 23:02:43 +00:00
parent 77a151fa13
commit 791b0be583
14 changed files with 456 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CASA-auth-token/client/library/authmsg.c
View File

@ -93,7 +93,7 @@ BuildAuthenticateMsg(
//=======================================================================-- //=======================================================================--
{ {
char *pMsg = NULL; char *pMsg = NULL;
int bufferSize; size_t bufferSize;
DbgTrace(1, "-BuildAuthenticateMsg- Start\n", 0); DbgTrace(1, "-BuildAuthenticateMsg- Start\n", 0);
@ -670,7 +670,7 @@ AuthRespEndElementHandler(
CasaStatus CasaStatus
CreateAuthenticateResp( CreateAuthenticateResp(
IN char *pRespMsg, IN char *pRespMsg,
IN int respLen, IN size_t respLen,
INOUT AuthenticateResp **ppAuthenticateResp) INOUT AuthenticateResp **ppAuthenticateResp)
// //
// Arguments: // Arguments:

104
CASA-auth-token/client/library/cache.c
View File

@ -76,7 +76,8 @@ CreateAuthTokenCacheEntry(
int32_t miCasaStatus; int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"}; SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"};
int32_t tokenSize, wrapperEntrySize, entrySize, keySize; uint32_t entrySize, keySize;
size_t tokenSize, wrapperEntrySize, cacheKeyStrLen, groupOrHostNameStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL; WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL; AuthCacheEntry *pEntry = NULL;
char *pKey; char *pKey;
@ -93,6 +94,10 @@ CreateAuthTokenCacheEntry(
} }
wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry); wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry);
// Verify that entrySize will not overflow
if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX)
{
entrySize = tokenSize + sizeof(AuthCacheEntry); entrySize = tokenSize + sizeof(AuthCacheEntry);
// Allocate space for the entry wrapper // Allocate space for the entry wrapper
@ -133,7 +138,13 @@ CreateAuthTokenCacheEntry(
pEntry->doesNotExpire = true; pEntry->doesNotExpire = true;
} }
keySize = (uint32_t)strlen(pCacheKey) + (uint32_t)strlen(pGroupOrHostName) + 2; cacheKeyStrLen = strlen(pCacheKey);
groupOrHostNameStrLen = strlen(pGroupOrHostName);
// Verify that keySize will not overflow
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX)
{
keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2);
pKey = malloc(keySize); pKey = malloc(keySize);
if (pKey) if (pKey)
@ -149,7 +160,7 @@ CreateAuthTokenCacheEntry(
(SS_UTF8_T*) pKey, (SS_UTF8_T*) pKey,
keySize, keySize,
(uint8_t *) pEntry, (uint8_t *) pEntry,
(uint32_t*) &entrySize, &entrySize,
NULL, NULL,
(SSCS_EXT_T*) pCredStoreScope); (SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS) if (miCasaStatus != NSSCS_SUCCESS)
@ -165,9 +176,19 @@ CreateAuthTokenCacheEntry(
} }
} }
else else
{
DbgTrace(0, "-CreateAuthTokenCacheEntry- keySize overflow prevented\n", 0);
}
}
else
{ {
DbgTrace(0, "-CreateAuthTokenCacheEntry- Memory allocation failure\n", 0); DbgTrace(0, "-CreateAuthTokenCacheEntry- Memory allocation failure\n", 0);
} }
}
else
{
DbgTrace(0, "-CreateAuthTokenCacheEntry- entrySize overflow prevented\n", 0);
}
DbgTrace(1, "-CreateAuthTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry); DbgTrace(1, "-CreateAuthTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry);
@ -199,7 +220,8 @@ CreateSessionTokenCacheEntry(
int32_t miCasaStatus; int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"}; SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"};
int32_t tokenSize, wrapperEntrySize, entrySize; uint32_t entrySize;
size_t tokenSize, wrapperEntrySize, cacheKeyStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL; WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL; AuthCacheEntry *pEntry = NULL;
@ -215,6 +237,10 @@ CreateSessionTokenCacheEntry(
} }
wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry); wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry);
// Verify that entrySize will not overflow
if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX)
{
entrySize = tokenSize + sizeof(AuthCacheEntry); entrySize = tokenSize + sizeof(AuthCacheEntry);
// Allocate space for the entry wrapper // Allocate space for the entry wrapper
@ -255,14 +281,19 @@ CreateSessionTokenCacheEntry(
pEntry->doesNotExpire = true; pEntry->doesNotExpire = true;
} }
cacheKeyStrLen = strlen(pCacheKey) + 1;
// Verify that the cacheKeyStrLen can be casted to a uint32_t
if (cacheKeyStrLen <= U32_MAX)
{
miCasaStatus = miCASAWriteBinaryKey(g_hCASAContext, miCasaStatus = miCASAWriteBinaryKey(g_hCASAContext,
0, 0,
&sessionKeyChain, &sessionKeyChain,
&sharedId, &sharedId,
(SS_UTF8_T*) pCacheKey, (SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1, (uint32_t) cacheKeyStrLen,
(uint8_t *) pEntry, (uint8_t *) pEntry,
(uint32_t*) &entrySize, &entrySize,
NULL, NULL,
(SSCS_EXT_T*) pCredStoreScope); (SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS) if (miCasaStatus != NSSCS_SUCCESS)
@ -271,9 +302,19 @@ CreateSessionTokenCacheEntry(
} }
} }
else else
{
DbgTrace(0, "-CreateSessionTokenCacheEntry- cacheKeyStrLen overflow prevented\n", 0);
}
}
else
{ {
DbgTrace(0, "-CreateSessionTokenCacheEntry- Memory allocation failure\n", 0); DbgTrace(0, "-CreateSessionTokenCacheEntry- Memory allocation failure\n", 0);
} }
}
else
{
DbgTrace(0, "-CreateSessionTokenCacheEntry- entrySize overflow prevented\n", 0);
}
DbgTrace(1, "-CreateSessionTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry); DbgTrace(1, "-CreateSessionTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry);
@ -401,7 +442,8 @@ FindSessionTokenEntryInCache(
int32_t miCasaStatus; int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"}; SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"};
int32_t valueLength, wrapperEntrySize, bytesRequired; uint32_t valueLength, bytesRequired;
size_t wrapperEntrySize, cacheKeyStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL; WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL; AuthCacheEntry *pEntry = NULL;
@ -410,16 +452,21 @@ FindSessionTokenEntryInCache(
valueLength = 0; valueLength = 0;
bytesRequired = 0; bytesRequired = 0;
cacheKeyStrLen = strlen(pCacheKey) + 1;
// Verify that the cacheKeyStrLen can be casted to a uint32_t
if (cacheKeyStrLen <= U32_MAX)
{
miCasaStatus = miCASAReadBinaryKey(g_hCASAContext, miCasaStatus = miCASAReadBinaryKey(g_hCASAContext,
0, 0,
&sessionKeyChain, &sessionKeyChain,
&sharedId, &sharedId,
(SS_UTF8_T*) pCacheKey, (SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1, cacheKeyStrLen,
NULL, NULL,
(uint32_t*) &valueLength, &valueLength,
(SSCS_PASSWORD_T*) NULL, (SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired, &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope); (SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
@ -439,11 +486,11 @@ FindSessionTokenEntryInCache(
&sessionKeyChain, &sessionKeyChain,
&sharedId, &sharedId,
(SS_UTF8_T*) pCacheKey, (SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1, cacheKeyStrLen,
(uint8_t *) pEntry, (uint8_t *) pEntry,
(uint32_t*) &valueLength, &valueLength,
(SSCS_PASSWORD_T*) NULL, (SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired, &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope); (SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_SUCCESS) if (miCasaStatus == NSSCS_SUCCESS)
{ {
@ -456,7 +503,7 @@ FindSessionTokenEntryInCache(
&sessionKeyChain, &sessionKeyChain,
&sharedId, &sharedId,
(SS_UTF8_T*) pCacheKey, (SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1, cacheKeyStrLen,
(SSCS_PASSWORD_T*) NULL, (SSCS_PASSWORD_T*) NULL,
(SSCS_EXT_T*) pCredStoreScope); (SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS) if (miCasaStatus != NSSCS_SUCCESS)
@ -476,6 +523,11 @@ FindSessionTokenEntryInCache(
} }
} }
} }
}
else
{
DbgTrace(0, "-FindSessionTokenEntryInCache- cacheKeyStrLen overflow prevented\n", 0);
}
DbgTrace(1, "-FindSessionTokenEntryInCache- End, pEntry = %0lX\n", (long) pEntry); DbgTrace(1, "-FindSessionTokenEntryInCache- End, pEntry = %0lX\n", (long) pEntry);
@ -504,7 +556,8 @@ FindAuthTokenEntryInCache(
int32_t miCasaStatus; int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"}; SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"}; SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"};
int32_t valueLength, wrapperEntrySize, bytesRequired, keySize; uint32_t valueLength, bytesRequired, keySize;
size_t wrapperEntrySize, cacheKeyStrLen, groupOrHostNameStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL; WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL; AuthCacheEntry *pEntry = NULL;
char *pKey; char *pKey;
@ -512,7 +565,13 @@ FindAuthTokenEntryInCache(
DbgTrace(1, "-FindAuthTokenEntryInCache- Start\n", 0); DbgTrace(1, "-FindAuthTokenEntryInCache- Start\n", 0);
keySize = (uint32_t)strlen(pCacheKey) + (uint32_t)strlen(pGroupOrHostName) + 2; cacheKeyStrLen = strlen(pCacheKey);
groupOrHostNameStrLen = strlen(pGroupOrHostName);
// Verify that keySize will not overflow
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX)
{
keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2);
pKey = malloc(keySize); pKey = malloc(keySize);
if (pKey) if (pKey)
@ -531,9 +590,9 @@ FindAuthTokenEntryInCache(
(SS_UTF8_T*) pKey, (SS_UTF8_T*) pKey,
keySize, keySize,
NULL, NULL,
(uint32_t*) &valueLength, &valueLength,
(SSCS_PASSWORD_T*) NULL, (SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired, &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope); (SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
&& bytesRequired != 0) && bytesRequired != 0)
@ -554,9 +613,9 @@ FindAuthTokenEntryInCache(
(SS_UTF8_T*) pKey, (SS_UTF8_T*) pKey,
keySize, keySize,
(uint8_t *) pEntry, (uint8_t *) pEntry,
(uint32_t*) &valueLength, &valueLength,
(SSCS_PASSWORD_T*) NULL, (SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired, &bytesRequired,
(SSCS_EXT_T*) pCredStoreScope); (SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_SUCCESS) if (miCasaStatus == NSSCS_SUCCESS)
{ {
@ -592,6 +651,11 @@ FindAuthTokenEntryInCache(
free(pKey); free(pKey);
} }
}
else
{
DbgTrace(0, "-FindAuthTokenEntryInCache- keySize overflow prevented\n", 0);
}
DbgTrace(1, "-FindAuthTokenEntryInCache- End, pEntry = %0lX\n", (long) pEntry); DbgTrace(1, "-FindAuthTokenEntryInCache- End, pEntry = %0lX\n", (long) pEntry);

6
CASA-auth-token/client/library/engine.c
View File

@ -83,7 +83,7 @@ ObtainSessionToken(
CASA_STATUS_UNSUCCESSFUL); CASA_STATUS_UNSUCCESSFUL);
LIST_ENTRY *pListEntry; LIST_ENTRY *pListEntry;
AuthCacheEntry *pCacheEntry = NULL; AuthCacheEntry *pCacheEntry = NULL;
AuthContext *pAuthContext; AuthContext *pAuthContext = NULL;
DbgTrace(1, "-ObtainSessionToken- Start\n", 0); DbgTrace(1, "-ObtainSessionToken- Start\n", 0);
@ -139,7 +139,7 @@ ObtainSessionToken(
{ {
char *pReqMsg = NULL; char *pReqMsg = NULL;
char *pRespMsg = NULL; char *pRespMsg = NULL;
int respLen; size_t respLen;
// Get authentication mechanism token // Get authentication mechanism token
retStatus = GetAuthMechToken(pAuthContext, retStatus = GetAuthMechToken(pAuthContext,
@ -328,7 +328,7 @@ ObtainAuthTokenFromServer(
{ {
char *pReqMsg = NULL; char *pReqMsg = NULL;
char *pRespMsg = NULL; char *pRespMsg = NULL;
int respLen; size_t respLen;
AuthPolicy *pAuthPolicy = NULL; AuthPolicy *pAuthPolicy = NULL;
GetAuthPolicyResp *pGetAuthPolicyResp = NULL; GetAuthPolicyResp *pGetAuthPolicyResp = NULL;
GetAuthTokenResp *pGetAuthTokenResp = NULL; GetAuthTokenResp *pGetAuthTokenResp = NULL;

2
CASA-auth-token/client/library/getpolicymsg.c
View File

@ -87,7 +87,7 @@ BuildGetAuthPolicyMsg(
//=======================================================================-- //=======================================================================--
{ {
char *pMsg = NULL; char *pMsg = NULL;
int bufferSize; size_t bufferSize;
DbgTrace(1, "-BuildGetAuthPolicyMsg- Start\n", 0); DbgTrace(1, "-BuildGetAuthPolicyMsg- Start\n", 0);

2
CASA-auth-token/client/library/gettokenmsg.c
View File

@ -89,7 +89,7 @@ BuildGetAuthTokenMsg(
//=======================================================================-- //=======================================================================--
{ {
char *pMsg = NULL; char *pMsg = NULL;
int bufferSize; size_t bufferSize;
DbgTrace(1, "-BuildGetAuthTokenMsg- Start\n", 0); DbgTrace(1, "-BuildGetAuthTokenMsg- Start\n", 0);

19
CASA-auth-token/client/library/internal.h
View File

@ -39,6 +39,12 @@
//===[ Type definitions ]================================================== //===[ Type definitions ]==================================================
#define MAX_RPC_REPLY_SZ (256 * 1024)
#ifndef U32_MAX
#define U32_MAX (~(uint32_t)0)
#endif
// //
// Authentication Context structure // Authentication Context structure
// //
@ -179,6 +185,15 @@ void
RelGetAuthPolicyResp( RelGetAuthPolicyResp(
IN GetAuthPolicyResp *pGetAuthPolicyResp); IN GetAuthPolicyResp *pGetAuthPolicyResp);
extern
int
InitializeLibrary(void);
extern
void
UnInitializeLibrary(void);
// //
// Functions exported by authpolicy.c // Functions exported by authpolicy.c
// //
@ -209,7 +224,7 @@ extern
CasaStatus CasaStatus
CreateAuthenticateResp( CreateAuthenticateResp(
IN char *pRespMsg, IN char *pRespMsg,
IN int respLen, IN size_t respLen,
INOUT AuthenticateResp **ppAuthenticateResp); INOUT AuthenticateResp **ppAuthenticateResp);
extern extern
@ -391,7 +406,7 @@ Rpc(
IN long flags, IN long flags,
IN char *pRequestData, IN char *pRequestData,
INOUT char **ppResponseData, INOUT char **ppResponseData,
INOUT int *pResponseDataLen); INOUT size_t *pResponseDataLen);
extern extern
CasaStatus CasaStatus

2
CASA-auth-token/client/library/invalidcert.c
View File

@ -77,8 +77,6 @@ AllowInvalidCertsFromHost(
// L0 // L0
//=======================================================================-- //=======================================================================--
{ {
bool retStatus = true;
DbgTrace(2, "-AllowInvalidCertsFromHost- Start\n", 0); DbgTrace(2, "-AllowInvalidCertsFromHost- Start\n", 0);
// tbd // tbd

6
CASA-auth-token/client/library/linux/platform.c
View File

@ -36,7 +36,7 @@ typedef struct _NormalizedHostNameCacheEntry
LIST_ENTRY listEntry; LIST_ENTRY listEntry;
char *pHostName; char *pHostName;
char *pNormalizedHostName; char *pNormalizedHostName;
int buffLengthRequired; size_t buffLengthRequired;
} NormalizedHostNameCacheEntry, *PNormalizedHostNameCacheEntry; } NormalizedHostNameCacheEntry, *PNormalizedHostNameCacheEntry;
@ -720,7 +720,7 @@ NormalizeHostName(
NI_NAMEREQD) == 0) NI_NAMEREQD) == 0)
{ {
// We resolved the address to a DNS name, use it as the normalized name. // We resolved the address to a DNS name, use it as the normalized name.
pEntry->buffLengthRequired = (int) strlen(pDnsHostName) + 1; pEntry->buffLengthRequired = strlen(pDnsHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired); pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName) if (pEntry->pNormalizedHostName)
{ {
@ -738,7 +738,7 @@ NormalizeHostName(
// Not able to resolve the name in DNS, just use the host name as // Not able to resolve the name in DNS, just use the host name as
// the normalized name. // the normalized name.
pEntry->buffLengthRequired = (int) strlen(pHostName) + 1; pEntry->buffLengthRequired = strlen(pHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired); pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName) if (pEntry->pNormalizedHostName)
{ {

6
CASA-auth-token/client/library/linux/platform.h
View File

@ -83,12 +83,12 @@ typedef struct _RpcSession
{ {
CURL *hCurl; CURL *hCurl;
char *pPartialHttpUrl; char *pPartialHttpUrl;
int partialHttpUrlLen; size_t partialHttpUrlLen;
char *pPartialHttpsUrl; char *pPartialHttpsUrl;
int partialHttpsUrlLen; size_t partialHttpsUrlLen;
struct curl_slist *headers; struct curl_slist *headers;
char *pRecvData; char *pRecvData;
int recvDataLen; size_t recvDataLen;
} RpcSession, *PRpcSession; } RpcSession, *PRpcSession;

28
CASA-auth-token/client/library/linux/rpc.c
View File

@ -79,6 +79,9 @@ CurlWriteCallback(
if (pSession->pRecvData == NULL) if (pSession->pRecvData == NULL)
{ {
// We have not yet consumed receive data for the current Rpc // We have not yet consumed receive data for the current Rpc
// if the data does not exceed our maximum Rpc reply size.
if ((numDataItems * dataItemSz) <= MAX_RPC_REPLY_SZ)
{
pSession->pRecvData = (char*) malloc(numDataItems * dataItemSz); pSession->pRecvData = (char*) malloc(numDataItems * dataItemSz);
if (pSession->pRecvData) if (pSession->pRecvData)
{ {
@ -94,7 +97,16 @@ CurlWriteCallback(
} }
else else
{ {
// We have already consumed receive data for the current Rpc, append the new data to it. DbgTrace(0, "-CurlWriteCallback- Max Rpc reply size exceeded\n", 0);
dataConsumed = CURLE_WRITE_ERROR; // To abort RPC
}
}
else
{
// We have already consumed receive data for the current Rpc, append the new data to it
// if the data does not exceed our maximum Rpc reply size.
if ((pSession->recvDataLen + (numDataItems * dataItemSz)) <= MAX_RPC_REPLY_SZ)
{
char *pNewRecvDataBuf = (char*) malloc(pSession->recvDataLen + (numDataItems * dataItemSz)); char *pNewRecvDataBuf = (char*) malloc(pSession->recvDataLen + (numDataItems * dataItemSz));
if (pNewRecvDataBuf) if (pNewRecvDataBuf)
{ {
@ -114,6 +126,16 @@ CurlWriteCallback(
pSession->pRecvData = NULL; pSession->pRecvData = NULL;
} }
} }
else
{
DbgTrace(0, "-CurlWriteCallback- Max Rpc reply size exceeded\n", 0);
dataConsumed = CURLE_WRITE_ERROR; // To abort RPC
// Forget about already consumed data
free(pSession->pRecvData);
pSession->pRecvData = NULL;
}
}
DbgTrace(1, "-CurlWriteCallback- End\n", 0); DbgTrace(1, "-CurlWriteCallback- End\n", 0);
@ -308,7 +330,7 @@ InternalRpc(
IN long flags, IN long flags,
IN char *pRequestData, IN char *pRequestData,
INOUT char **ppResponseData, INOUT char **ppResponseData,
INOUT int *pResponseDataLen) INOUT size_t *pResponseDataLen)
// //
// Arguments: // Arguments:
// //
@ -494,7 +516,7 @@ Rpc(
IN long flags, IN long flags,
IN char *pRequestData, IN char *pRequestData,
INOUT char **ppResponseData, INOUT char **ppResponseData,
INOUT int *pResponseDataLen) INOUT size_t *pResponseDataLen)
// //
// Arguments: // Arguments:
// //

14
CASA-auth-token/client/library/mechanisms/pwd/get.c
View File

@ -76,6 +76,7 @@ GetUserCredentials(
uint32_t credtype = SSCS_CRED_TYPE_BASIC_F; uint32_t credtype = SSCS_CRED_TYPE_BASIC_F;
SSCS_BASIC_CREDENTIAL credential = {0}; SSCS_BASIC_CREDENTIAL credential = {0};
SSCS_SECRET_ID_T secretId = {0}; SSCS_SECRET_ID_T secretId = {0};
size_t secretIdLen;
DbgTrace(1, "-GetUserCredentials- Start\n", 0); DbgTrace(1, "-GetUserCredentials- Start\n", 0);
@ -85,7 +86,10 @@ GetUserCredentials(
// Get the length of the realm string into the secret id structure // Get the length of the realm string into the secret id structure
// and verify thatr it is not too long. // and verify thatr it is not too long.
secretId.len = sscs_Utf8Strlen(pRealm) + 1; secretIdLen = sscs_Utf8Strlen(pRealm) + 1;
if (secretIdLen <= U32_MAX)
{
secretId.len = secretIdLen;
if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN) if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN)
{ {
// Set the secret id in the structure // Set the secret id in the structure
@ -132,6 +136,14 @@ GetUserCredentials(
CASA_FACILITY_PWTOKEN, CASA_FACILITY_PWTOKEN,
CASA_STATUS_UNSUCCESSFUL); CASA_STATUS_UNSUCCESSFUL);
} }
}
else
{
DbgTrace(0, "-GetUserCredentials- Realm name too long\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Proceed based on the result of the operatiosn above // Proceed based on the result of the operatiosn above
if (rcode == NSSCS_SUCCESS if (rcode == NSSCS_SUCCESS

4
CASA-auth-token/client/library/mechanisms/pwd/internal.h
View File

@ -37,6 +37,10 @@
//===[ Type definitions ]================================================== //===[ Type definitions ]==================================================
#ifndef U32_MAX
#define U32_MAX (~(uint32_t)0)
#endif
//===[ Inlines functions ]=============================================== //===[ Inlines functions ]===============================================
//===[ Function prototypes ]=============================================== //===[ Function prototypes ]===============================================

6
CASA-auth-token/client/library/windows/platform.c
View File

@ -36,7 +36,7 @@ typedef struct _NormalizedHostNameCacheEntry
LIST_ENTRY listEntry; LIST_ENTRY listEntry;
char *pHostName; char *pHostName;
char *pNormalizedHostName; char *pNormalizedHostName;
int buffLengthRequired; size_t buffLengthRequired;
} NormalizedHostNameCacheEntry, *PNormalizedHostNameCacheEntry; } NormalizedHostNameCacheEntry, *PNormalizedHostNameCacheEntry;
@ -458,7 +458,7 @@ NormalizeHostName(
NI_NAMEREQD) == 0) NI_NAMEREQD) == 0)
{ {
// We resolved the address to a DNS name, use it as the normalized name. // We resolved the address to a DNS name, use it as the normalized name.
pEntry->buffLengthRequired = (int) strlen(pDnsHostName) + 1; pEntry->buffLengthRequired = strlen(pDnsHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired); pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName) if (pEntry->pNormalizedHostName)
{ {
@ -476,7 +476,7 @@ NormalizeHostName(
// Not able to resolve the name in DNS, just use the host name as // Not able to resolve the name in DNS, just use the host name as
// the normalized name. // the normalized name.
pEntry->buffLengthRequired = (int) strlen(pHostName) + 1; pEntry->buffLengthRequired = strlen(pHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired); pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName) if (pEntry->pNormalizedHostName)
{ {

35
CASA-auth-token/client/library/windows/rpc.c
View File

@ -343,7 +343,7 @@ InternalRpc(
IN long flags, IN long flags,
IN char *pRequestData, IN char *pRequestData,
INOUT char **ppResponseData, INOUT char **ppResponseData,
INOUT int *pResponseDataLen) INOUT size_t *pResponseDataLen)
// //
// Arguments: // Arguments:
// //
@ -468,8 +468,8 @@ InternalRpc(
if (memcmp(httpCompStatus, L"200", sizeof(httpCompStatus)) == 0) if (memcmp(httpCompStatus, L"200", sizeof(httpCompStatus)) == 0)
{ {
char *pResponseData; char *pResponseData;
int responseDataBufSize = INITIAL_RESPONSE_DATA_BUF_SIZE; size_t responseDataBufSize = INITIAL_RESPONSE_DATA_BUF_SIZE;
int responseDataRead = 0; size_t responseDataRead = 0;
// Now read the response data, to do so we need to allocate a buffer. // Now read the response data, to do so we need to allocate a buffer.
pResponseData = (char*) malloc(INITIAL_RESPONSE_DATA_BUF_SIZE); pResponseData = (char*) malloc(INITIAL_RESPONSE_DATA_BUF_SIZE);
@ -494,15 +494,28 @@ InternalRpc(
{ {
char *pTmpBuf; char *pTmpBuf;
// We need to upgrade the receive buffer // We need to upgrade the receive buffer.
pTmpBuf = (char*) malloc(responseDataBufSize + INCREMENT_RESPONSE_DATA_BUF_SIZE); //
// Do not allow the reply to exceed our maximum
if (responseDataBufSize < MAX_RPC_REPLY_SZ)
{
size_t incrementSz;
// Determine the buffer size imcrement so that the maximum rpc reply
// size is not exceeded.
if ((responseDataBufSize + INCREMENT_RESPONSE_DATA_BUF_SIZE) <= MAX_RPC_REPLY_SZ)
incrementSz = INCREMENT_RESPONSE_DATA_BUF_SIZE;
else
incrementSz = MAX_RPC_REPLY_SZ - responseDataBufSize;
pTmpBuf = (char*) malloc(responseDataBufSize + incrementSz);
if (pTmpBuf) if (pTmpBuf)
{ {
memcpy(pTmpBuf, pResponseData, responseDataBufSize); memcpy(pTmpBuf, pResponseData, responseDataBufSize);
free(pResponseData); free(pResponseData);
pResponseData = pTmpBuf; pResponseData = pTmpBuf;
pCurrLocation = pResponseData + responseDataBufSize; pCurrLocation = pResponseData + responseDataBufSize;
responseDataBufSize += INCREMENT_RESPONSE_DATA_BUF_SIZE; responseDataBufSize += incrementSz;
} }
else else
{ {
@ -512,6 +525,14 @@ InternalRpc(
CASA_STATUS_INSUFFICIENT_RESOURCES); CASA_STATUS_INSUFFICIENT_RESOURCES);
} }
} }
else
{
DbgTrace(0, "-InternalRpc- Reply maximum exceeded\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
}
} }
else else
{ {
@ -743,7 +764,7 @@ Rpc(
IN long flags, IN long flags,
IN char *pRequestData, IN char *pRequestData,
INOUT char **ppResponseData, INOUT char **ppResponseData,
INOUT int *pResponseDataLen) INOUT size_t *pResponseDataLen)
// //
// Arguments: // Arguments:
// //