geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Addressed issues found during the SuSE security review.

Browse Source
This commit is contained in:
Juan Carlos Luciani 2007-02-02 23:02:43 +00:00
parent 77a151fa13
commit 791b0be583
14 changed files with 456 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CASA-auth-token/client/library/authmsg.c
View File

@ -93,7 +93,7 @@ BuildAuthenticateMsg(
//=======================================================================--
{
char *pMsg = NULL;
int bufferSize;
size_t bufferSize;
DbgTrace(1, "-BuildAuthenticateMsg- Start\n", 0);
@ -670,7 +670,7 @@ AuthRespEndElementHandler(
CasaStatus
CreateAuthenticateResp(
IN char *pRespMsg,
IN int respLen,
IN size_t respLen,
INOUT AuthenticateResp **ppAuthenticateResp)
//
// Arguments:

104
CASA-auth-token/client/library/cache.c
View File

@ -76,7 +76,8 @@ CreateAuthTokenCacheEntry(
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"};
int32_t tokenSize, wrapperEntrySize, entrySize, keySize;
uint32_t entrySize, keySize;
size_t tokenSize, wrapperEntrySize, cacheKeyStrLen, groupOrHostNameStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL;
char *pKey;
@ -93,6 +94,10 @@ CreateAuthTokenCacheEntry(
}
wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry);
// Verify that entrySize will not overflow
if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX)
{
entrySize = tokenSize + sizeof(AuthCacheEntry);
// Allocate space for the entry wrapper
@ -133,7 +138,13 @@ CreateAuthTokenCacheEntry(
pEntry->doesNotExpire = true;
}
keySize = (uint32_t)strlen(pCacheKey) + (uint32_t)strlen(pGroupOrHostName) + 2;
cacheKeyStrLen = strlen(pCacheKey);
groupOrHostNameStrLen = strlen(pGroupOrHostName);
// Verify that keySize will not overflow
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX)
{
keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2);
pKey = malloc(keySize);
if (pKey)
@ -149,7 +160,7 @@ CreateAuthTokenCacheEntry(
(SS_UTF8_T*) pKey,
keySize,
(uint8_t *) pEntry,
(uint32_t*) &entrySize,
&entrySize,
NULL,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS)
@ -165,9 +176,19 @@ CreateAuthTokenCacheEntry(
}
}
else
{
DbgTrace(0, "-CreateAuthTokenCacheEntry- keySize overflow prevented\n", 0);
}
}
else
{
DbgTrace(0, "-CreateAuthTokenCacheEntry- Memory allocation failure\n", 0);
}
}
else
{
DbgTrace(0, "-CreateAuthTokenCacheEntry- entrySize overflow prevented\n", 0);
}
DbgTrace(1, "-CreateAuthTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry);
@ -199,7 +220,8 @@ CreateSessionTokenCacheEntry(
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"};
int32_t tokenSize, wrapperEntrySize, entrySize;
uint32_t entrySize;
size_t tokenSize, wrapperEntrySize, cacheKeyStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL;
@ -215,6 +237,10 @@ CreateSessionTokenCacheEntry(
}
wrapperEntrySize = tokenSize + sizeof(WrapperAuthCacheEntry);
// Verify that entrySize will not overflow
if ((tokenSize + sizeof(AuthCacheEntry)) <= U32_MAX)
{
entrySize = tokenSize + sizeof(AuthCacheEntry);
// Allocate space for the entry wrapper
@ -255,14 +281,19 @@ CreateSessionTokenCacheEntry(
pEntry->doesNotExpire = true;
}
cacheKeyStrLen = strlen(pCacheKey) + 1;
// Verify that the cacheKeyStrLen can be casted to a uint32_t
if (cacheKeyStrLen <= U32_MAX)
{
miCasaStatus = miCASAWriteBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
(uint32_t) cacheKeyStrLen,
(uint8_t *) pEntry,
(uint32_t*) &entrySize,
&entrySize,
NULL,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS)
@ -271,9 +302,19 @@ CreateSessionTokenCacheEntry(
}
}
else
{
DbgTrace(0, "-CreateSessionTokenCacheEntry- cacheKeyStrLen overflow prevented\n", 0);
}
}
else
{
DbgTrace(0, "-CreateSessionTokenCacheEntry- Memory allocation failure\n", 0);
}
}
else
{
DbgTrace(0, "-CreateSessionTokenCacheEntry- entrySize overflow prevented\n", 0);
}
DbgTrace(1, "-CreateSessionTokenCacheEntry- End, pEntry = %0lX\n", (long) pEntry);
@ -401,7 +442,8 @@ FindSessionTokenEntryInCache(
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {20, "CASA_SESSION_TOKENS"};
int32_t valueLength, wrapperEntrySize, bytesRequired;
uint32_t valueLength, bytesRequired;
size_t wrapperEntrySize, cacheKeyStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL;
@ -410,16 +452,21 @@ FindSessionTokenEntryInCache(
valueLength = 0;
bytesRequired = 0;
cacheKeyStrLen = strlen(pCacheKey) + 1;
// Verify that the cacheKeyStrLen can be casted to a uint32_t
if (cacheKeyStrLen <= U32_MAX)
{
miCasaStatus = miCASAReadBinaryKey(g_hCASAContext,
0,
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
cacheKeyStrLen,
NULL,
(uint32_t*) &valueLength,
&valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
&bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
@ -439,11 +486,11 @@ FindSessionTokenEntryInCache(
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
cacheKeyStrLen,
(uint8_t *) pEntry,
(uint32_t*) &valueLength,
&valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
&bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_SUCCESS)
{
@ -456,7 +503,7 @@ FindSessionTokenEntryInCache(
&sessionKeyChain,
&sharedId,
(SS_UTF8_T*) pCacheKey,
(uint32_t) strlen(pCacheKey) + 1,
cacheKeyStrLen,
(SSCS_PASSWORD_T*) NULL,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus != NSSCS_SUCCESS)
@ -476,6 +523,11 @@ FindSessionTokenEntryInCache(
}
}
}
}
else
{
DbgTrace(0, "-FindSessionTokenEntryInCache- cacheKeyStrLen overflow prevented\n", 0);
}
DbgTrace(1, "-FindSessionTokenEntryInCache- End, pEntry = %0lX\n", (long) pEntry);
@ -504,7 +556,8 @@ FindAuthTokenEntryInCache(
int32_t miCasaStatus;
SSCS_KEYCHAIN_ID_T sessionKeyChain = {26, "SSCS_SESSION_KEY_CHAIN_ID"};
SSCS_SECRET_ID_T sharedId = {27, "CASA_AUTHENTICATION_TOKENS"};
int32_t valueLength, wrapperEntrySize, bytesRequired, keySize;
uint32_t valueLength, bytesRequired, keySize;
size_t wrapperEntrySize, cacheKeyStrLen, groupOrHostNameStrLen;
WrapperAuthCacheEntry *pWrapperEntry = NULL;
AuthCacheEntry *pEntry = NULL;
char *pKey;
@ -512,7 +565,13 @@ FindAuthTokenEntryInCache(
DbgTrace(1, "-FindAuthTokenEntryInCache- Start\n", 0);
keySize = (uint32_t)strlen(pCacheKey) + (uint32_t)strlen(pGroupOrHostName) + 2;
cacheKeyStrLen = strlen(pCacheKey);
groupOrHostNameStrLen = strlen(pGroupOrHostName);
// Verify that keySize will not overflow
if ((cacheKeyStrLen + groupOrHostNameStrLen + 2) <= U32_MAX)
{
keySize = (uint32_t) (cacheKeyStrLen + groupOrHostNameStrLen + 2);
pKey = malloc(keySize);
if (pKey)
@ -531,9 +590,9 @@ FindAuthTokenEntryInCache(
(SS_UTF8_T*) pKey,
keySize,
NULL,
(uint32_t*) &valueLength,
&valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
&bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_E_ENUM_BUFF_TOO_SHORT
&& bytesRequired != 0)
@ -554,9 +613,9 @@ FindAuthTokenEntryInCache(
(SS_UTF8_T*) pKey,
keySize,
(uint8_t *) pEntry,
(uint32_t*) &valueLength,
&valueLength,
(SSCS_PASSWORD_T*) NULL,
(uint32_t*) &bytesRequired,
&bytesRequired,
(SSCS_EXT_T*) pCredStoreScope);
if (miCasaStatus == NSSCS_SUCCESS)
{
@ -592,6 +651,11 @@ FindAuthTokenEntryInCache(
free(pKey);
}
}
else
{
DbgTrace(0, "-FindAuthTokenEntryInCache- keySize overflow prevented\n", 0);
}
DbgTrace(1, "-FindAuthTokenEntryInCache- End, pEntry = %0lX\n", (long) pEntry);

6
CASA-auth-token/client/library/engine.c
View File

@ -83,7 +83,7 @@ ObtainSessionToken(
CASA_STATUS_UNSUCCESSFUL);
LIST_ENTRY *pListEntry;
AuthCacheEntry *pCacheEntry = NULL;
AuthContext *pAuthContext;
AuthContext *pAuthContext = NULL;
DbgTrace(1, "-ObtainSessionToken- Start\n", 0);
@ -139,7 +139,7 @@ ObtainSessionToken(
{
char *pReqMsg = NULL;
char *pRespMsg = NULL;
int respLen;
size_t respLen;
// Get authentication mechanism token
retStatus = GetAuthMechToken(pAuthContext,
@ -328,7 +328,7 @@ ObtainAuthTokenFromServer(
{
char *pReqMsg = NULL;
char *pRespMsg = NULL;
int respLen;
size_t respLen;
AuthPolicy *pAuthPolicy = NULL;
GetAuthPolicyResp *pGetAuthPolicyResp = NULL;
GetAuthTokenResp *pGetAuthTokenResp = NULL;

2
CASA-auth-token/client/library/getpolicymsg.c
View File

@ -87,7 +87,7 @@ BuildGetAuthPolicyMsg(
//=======================================================================--
{
char *pMsg = NULL;
int bufferSize;
size_t bufferSize;
DbgTrace(1, "-BuildGetAuthPolicyMsg- Start\n", 0);

2
CASA-auth-token/client/library/gettokenmsg.c
View File

@ -89,7 +89,7 @@ BuildGetAuthTokenMsg(
//=======================================================================--
{
char *pMsg = NULL;
int bufferSize;
size_t bufferSize;
DbgTrace(1, "-BuildGetAuthTokenMsg- Start\n", 0);

19
CASA-auth-token/client/library/internal.h
View File

@ -39,6 +39,12 @@
//===[ Type definitions ]==================================================
#define MAX_RPC_REPLY_SZ (256 * 1024)
#ifndef U32_MAX
#define U32_MAX (~(uint32_t)0)
#endif
//
// Authentication Context structure
//
@ -179,6 +185,15 @@ void
RelGetAuthPolicyResp(
IN GetAuthPolicyResp *pGetAuthPolicyResp);
extern
int
InitializeLibrary(void);
extern
void
UnInitializeLibrary(void);
//
// Functions exported by authpolicy.c
//
@ -209,7 +224,7 @@ extern
CasaStatus
CreateAuthenticateResp(
IN char *pRespMsg,
IN int respLen,
IN size_t respLen,
INOUT AuthenticateResp **ppAuthenticateResp);
extern
@ -391,7 +406,7 @@ Rpc(
IN long flags,
IN char *pRequestData,
INOUT char **ppResponseData,
INOUT int *pResponseDataLen);
INOUT size_t *pResponseDataLen);
extern
CasaStatus

2
CASA-auth-token/client/library/invalidcert.c
View File

@ -77,8 +77,6 @@ AllowInvalidCertsFromHost(
// L0
//=======================================================================--
{
bool retStatus = true;
DbgTrace(2, "-AllowInvalidCertsFromHost- Start\n", 0);
// tbd

6
CASA-auth-token/client/library/linux/platform.c
View File

@ -36,7 +36,7 @@ typedef struct _NormalizedHostNameCacheEntry
LIST_ENTRY listEntry;
char *pHostName;
char *pNormalizedHostName;
int buffLengthRequired;
size_t buffLengthRequired;
} NormalizedHostNameCacheEntry, *PNormalizedHostNameCacheEntry;
@ -720,7 +720,7 @@ NormalizeHostName(
NI_NAMEREQD) == 0)
{
// We resolved the address to a DNS name, use it as the normalized name.
pEntry->buffLengthRequired = (int) strlen(pDnsHostName) + 1;
pEntry->buffLengthRequired = strlen(pDnsHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
{
@ -738,7 +738,7 @@ NormalizeHostName(
// Not able to resolve the name in DNS, just use the host name as
// the normalized name.
pEntry->buffLengthRequired = (int) strlen(pHostName) + 1;
pEntry->buffLengthRequired = strlen(pHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
{

6
CASA-auth-token/client/library/linux/platform.h
View File

@ -83,12 +83,12 @@ typedef struct _RpcSession
{
CURL *hCurl;
char *pPartialHttpUrl;
int partialHttpUrlLen;
size_t partialHttpUrlLen;
char *pPartialHttpsUrl;
int partialHttpsUrlLen;
size_t partialHttpsUrlLen;
struct curl_slist *headers;
char *pRecvData;
int recvDataLen;
size_t recvDataLen;
} RpcSession, *PRpcSession;

28
CASA-auth-token/client/library/linux/rpc.c
View File

@ -79,6 +79,9 @@ CurlWriteCallback(
if (pSession->pRecvData == NULL)
{
// We have not yet consumed receive data for the current Rpc
// if the data does not exceed our maximum Rpc reply size.
if ((numDataItems * dataItemSz) <= MAX_RPC_REPLY_SZ)
{
pSession->pRecvData = (char*) malloc(numDataItems * dataItemSz);
if (pSession->pRecvData)
{
@ -94,7 +97,16 @@ CurlWriteCallback(
}
else
{
// We have already consumed receive data for the current Rpc, append the new data to it.
DbgTrace(0, "-CurlWriteCallback- Max Rpc reply size exceeded\n", 0);
dataConsumed = CURLE_WRITE_ERROR; // To abort RPC
}
}
else
{
// We have already consumed receive data for the current Rpc, append the new data to it
// if the data does not exceed our maximum Rpc reply size.
if ((pSession->recvDataLen + (numDataItems * dataItemSz)) <= MAX_RPC_REPLY_SZ)
{
char *pNewRecvDataBuf = (char*) malloc(pSession->recvDataLen + (numDataItems * dataItemSz));
if (pNewRecvDataBuf)
{
@ -114,6 +126,16 @@ CurlWriteCallback(
pSession->pRecvData = NULL;
}
}
else
{
DbgTrace(0, "-CurlWriteCallback- Max Rpc reply size exceeded\n", 0);
dataConsumed = CURLE_WRITE_ERROR; // To abort RPC
// Forget about already consumed data
free(pSession->pRecvData);
pSession->pRecvData = NULL;
}
}
DbgTrace(1, "-CurlWriteCallback- End\n", 0);
@ -308,7 +330,7 @@ InternalRpc(
IN long flags,
IN char *pRequestData,
INOUT char **ppResponseData,
INOUT int *pResponseDataLen)
INOUT size_t *pResponseDataLen)
//
// Arguments:
//
@ -494,7 +516,7 @@ Rpc(
IN long flags,
IN char *pRequestData,
INOUT char **ppResponseData,
INOUT int *pResponseDataLen)
INOUT size_t *pResponseDataLen)
//
// Arguments:
//

14
CASA-auth-token/client/library/mechanisms/pwd/get.c
View File

@ -76,6 +76,7 @@ GetUserCredentials(
uint32_t credtype = SSCS_CRED_TYPE_BASIC_F;
SSCS_BASIC_CREDENTIAL credential = {0};
SSCS_SECRET_ID_T secretId = {0};
size_t secretIdLen;
DbgTrace(1, "-GetUserCredentials- Start\n", 0);
@ -85,7 +86,10 @@ GetUserCredentials(
// Get the length of the realm string into the secret id structure
// and verify thatr it is not too long.
secretId.len = sscs_Utf8Strlen(pRealm) + 1;
secretIdLen = sscs_Utf8Strlen(pRealm) + 1;
if (secretIdLen <= U32_MAX)
{
secretId.len = secretIdLen;
if (secretId.len <= NSSCS_MAX_SECRET_ID_LEN)
{
// Set the secret id in the structure
@ -132,6 +136,14 @@ GetUserCredentials(
CASA_FACILITY_PWTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
}
else
{
DbgTrace(0, "-GetUserCredentials- Realm name too long\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Proceed based on the result of the operatiosn above
if (rcode == NSSCS_SUCCESS

4
CASA-auth-token/client/library/mechanisms/pwd/internal.h
View File

@ -37,6 +37,10 @@
//===[ Type definitions ]==================================================
#ifndef U32_MAX
#define U32_MAX (~(uint32_t)0)
#endif
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================

6
CASA-auth-token/client/library/windows/platform.c
View File

@ -36,7 +36,7 @@ typedef struct _NormalizedHostNameCacheEntry
LIST_ENTRY listEntry;
char *pHostName;
char *pNormalizedHostName;
int buffLengthRequired;
size_t buffLengthRequired;
} NormalizedHostNameCacheEntry, *PNormalizedHostNameCacheEntry;
@ -458,7 +458,7 @@ NormalizeHostName(
NI_NAMEREQD) == 0)
{
// We resolved the address to a DNS name, use it as the normalized name.
pEntry->buffLengthRequired = (int) strlen(pDnsHostName) + 1;
pEntry->buffLengthRequired = strlen(pDnsHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
{
@ -476,7 +476,7 @@ NormalizeHostName(
// Not able to resolve the name in DNS, just use the host name as
// the normalized name.
pEntry->buffLengthRequired = (int) strlen(pHostName) + 1;
pEntry->buffLengthRequired = strlen(pHostName) + 1;
pEntry->pNormalizedHostName = (char*) malloc(pEntry->buffLengthRequired);
if (pEntry->pNormalizedHostName)
{

35
CASA-auth-token/client/library/windows/rpc.c
View File

@ -343,7 +343,7 @@ InternalRpc(
IN long flags,
IN char *pRequestData,
INOUT char **ppResponseData,
INOUT int *pResponseDataLen)
INOUT size_t *pResponseDataLen)
//
// Arguments:
//
@ -468,8 +468,8 @@ InternalRpc(
if (memcmp(httpCompStatus, L"200", sizeof(httpCompStatus)) == 0)
{
char *pResponseData;
int responseDataBufSize = INITIAL_RESPONSE_DATA_BUF_SIZE;
int responseDataRead = 0;
size_t responseDataBufSize = INITIAL_RESPONSE_DATA_BUF_SIZE;
size_t responseDataRead = 0;
// Now read the response data, to do so we need to allocate a buffer.
pResponseData = (char*) malloc(INITIAL_RESPONSE_DATA_BUF_SIZE);
@ -494,15 +494,28 @@ InternalRpc(
{
char *pTmpBuf;
// We need to upgrade the receive buffer
pTmpBuf = (char*) malloc(responseDataBufSize + INCREMENT_RESPONSE_DATA_BUF_SIZE);
// We need to upgrade the receive buffer.
//
// Do not allow the reply to exceed our maximum
if (responseDataBufSize < MAX_RPC_REPLY_SZ)
{
size_t incrementSz;
// Determine the buffer size imcrement so that the maximum rpc reply
// size is not exceeded.
if ((responseDataBufSize + INCREMENT_RESPONSE_DATA_BUF_SIZE) <= MAX_RPC_REPLY_SZ)
incrementSz = INCREMENT_RESPONSE_DATA_BUF_SIZE;
else
incrementSz = MAX_RPC_REPLY_SZ - responseDataBufSize;
pTmpBuf = (char*) malloc(responseDataBufSize + incrementSz);
if (pTmpBuf)
{
memcpy(pTmpBuf, pResponseData, responseDataBufSize);
free(pResponseData);
pResponseData = pTmpBuf;
pCurrLocation = pResponseData + responseDataBufSize;
responseDataBufSize += INCREMENT_RESPONSE_DATA_BUF_SIZE;
responseDataBufSize += incrementSz;
}
else
{
@ -512,6 +525,14 @@ InternalRpc(
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
}
else
{
DbgTrace(0, "-InternalRpc- Reply maximum exceeded\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_AUTHTOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
}
}
else
{
@ -743,7 +764,7 @@ Rpc(
IN long flags,
IN char *pRequestData,
INOUT char **ppResponseData,
INOUT int *pResponseDataLen)
INOUT size_t *pResponseDataLen)
//
// Arguments:
//