[libfko] ensure NULL is handled properly for all fko_get_* functions

2013-12-31 23:27:05 -05:00 · 2013-12-31 23:27:05 -05:00 · 227d0ab947
commit 227d0ab947
parent 7aa6d37fff
13 changed files with 85 additions and 16 deletions
--- a/lib/fko_client_timeout.c
+++ b/lib/fko_client_timeout.c
@ -108,6 +108,9 @@ fko_get_spa_client_timeout(fko_ctx_t ctx, int *timeout)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(timeout == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *timeout = ctx->client_timeout;

    return(FKO_SUCCESS);
--- a/lib/fko_digest.c
+++ b/lib/fko_digest.c
@ -77,6 +77,9 @@ fko_get_spa_digest_type(fko_ctx_t ctx, short *digest_type)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(digest_type == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *digest_type = ctx->digest_type;

    return(FKO_SUCCESS);
@ -217,6 +220,9 @@ fko_get_spa_digest(fko_ctx_t ctx, char **md)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(md == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *md = ctx->digest;

    return(FKO_SUCCESS);
--- a/lib/fko_encode.c
+++ b/lib/fko_encode.c
@ -230,6 +230,9 @@ fko_get_encoded_data(fko_ctx_t ctx, char **enc_msg)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(enc_msg == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *enc_msg = ctx->encoded_msg;

    return(FKO_SUCCESS);
--- a/lib/fko_encryption.c
+++ b/lib/fko_encryption.c
@ -540,6 +540,9 @@ fko_get_spa_encryption_mode(fko_ctx_t ctx, int *enc_mode)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(enc_mode == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *enc_mode = ctx->encryption_mode;

    return(FKO_SUCCESS);
--- a/lib/fko_funcs.c
+++ b/lib/fko_funcs.c
@ -457,6 +457,9 @@ fko_get_version(fko_ctx_t ctx, char **version)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(version == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *version = ctx->version;

    return(FKO_SUCCESS);
@ -529,6 +532,9 @@ fko_get_spa_data(fko_ctx_t ctx, char **spa_data)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(spa_data == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    /* We expect to have encrypted data to process.  If not, we bail.
    */
    if(ctx->encrypted_msg == NULL || ! is_valid_encoded_msg_len(
--- a/lib/fko_hmac.c
+++ b/lib/fko_hmac.c
@ -171,6 +171,9 @@ fko_get_spa_hmac(fko_ctx_t ctx, char **hmac_data)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(hmac_data == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *hmac_data = ctx->msg_hmac;

    return(FKO_SUCCESS);
@ -206,6 +209,9 @@ fko_get_spa_hmac_type(fko_ctx_t ctx, short *hmac_type)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(hmac_type == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *hmac_type = ctx->hmac_type;

    return(FKO_SUCCESS);
--- a/lib/fko_message.c
+++ b/lib/fko_message.c
@ -127,6 +127,9 @@ fko_get_spa_message_type(fko_ctx_t ctx, short *msg_type)
    if(!CTX_INITIALIZED(ctx))
        return FKO_ERROR_CTX_NOT_INITIALIZED;

+    if(msg_type == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *msg_type = ctx->message_type;

    return(FKO_SUCCESS);
@ -191,6 +194,9 @@ fko_get_spa_message(fko_ctx_t ctx, char **msg)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(msg == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *msg = ctx->message;

    return(FKO_SUCCESS);
--- a/lib/fko_nat_access.c
+++ b/lib/fko_nat_access.c
@ -97,6 +97,9 @@ fko_get_spa_nat_access(fko_ctx_t ctx, char **nat_access)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(nat_access == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *nat_access = ctx->nat_access;

    return(FKO_SUCCESS);
--- a/lib/fko_rand_value.c
+++ b/lib/fko_rand_value.c
@ -152,6 +152,9 @@ fko_get_rand_value(fko_ctx_t ctx, char **rand_value)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(rand_value == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *rand_value = ctx->rand_val;

    return(FKO_SUCCESS);
--- a/lib/fko_server_auth.c
+++ b/lib/fko_server_auth.c
@ -92,6 +92,9 @@ fko_get_spa_server_auth(fko_ctx_t ctx, char **server_auth)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(server_auth == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *server_auth = ctx->server_auth;

    return(FKO_SUCCESS);
--- a/lib/fko_timestamp.c
+++ b/lib/fko_timestamp.c
@ -66,6 +66,9 @@ fko_get_timestamp(fko_ctx_t ctx, time_t *timestamp)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(timestamp == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *timestamp = ctx->timestamp;

    return(FKO_SUCCESS);
--- a/lib/fko_user.c
+++ b/lib/fko_user.c
@ -128,6 +128,9 @@ fko_get_username(fko_ctx_t ctx, char **username)
    if(!CTX_INITIALIZED(ctx))
        return(FKO_ERROR_CTX_NOT_INITIALIZED);

+    if(username == NULL)
+        return(FKO_ERROR_INVALID_DATA);
+
    *username = ctx->username;

    return(FKO_SUCCESS);
--- a/test/fko-wrapper/fko_wrapper.c
+++ b/test/fko-wrapper/fko_wrapper.c
@ -1,7 +1,9 @@
 /*
 * This code is designed to repeatedly call libfko functions multiple times
 * with and without calling fko_destroy().  This allows valgrind to verify
- * whether memory is properly handled between calls.
+ * whether memory is properly handled between calls.  In addition, libfko
+ * functions are called with bogus inputs in order to validate how well libfko
+ * validates input arguments.
 */

 #include <stdio.h>
@ -159,20 +161,6 @@ test_loop(int new_ctx_flag, int destroy_ctx_flag)
            FKO_LAST_HMAC_MODE+F_INT, FKO_HMAC_SHA256,
            NO_DIGEST, new_ctx_flag, destroy_ctx_flag);

-    /* NULL tests */
-    fko_set_rand_value(ctx, NULL);
-    fko_set_rand_value(ctx, NULL);
-    fko_set_username(ctx, NULL);
-    fko_set_username(ctx, NULL);
-    fko_set_spa_message(ctx, NULL);
-    fko_set_spa_message(ctx, NULL);
-    fko_set_spa_nat_access(ctx, NULL);
-    fko_set_spa_nat_access(ctx, NULL);
-    fko_set_spa_server_auth(ctx, NULL);
-    fko_set_spa_server_auth(ctx, NULL);
-    fko_set_spa_data(ctx, NULL);
-    fko_set_spa_data(ctx, NULL);
-
    printf("Trying encrypt / authenticate step with bogus key lengths...\n");
    for (i=-100; i < 200; i += 10) {
        for (j=-100; j < 200; j += 10) {
@ -234,6 +222,21 @@ test_loop(int new_ctx_flag, int destroy_ctx_flag)
        ctx_update(&ctx, new_ctx_flag, destroy_ctx_flag, DO_PRINT);
    }

+    /* NULL tests */
+    fko_set_rand_value(ctx, NULL);
+    fko_set_rand_value(ctx, NULL);
+    fko_set_username(ctx, NULL);
+    fko_set_username(ctx, NULL);
+    fko_set_spa_message(ctx, NULL);
+    fko_set_spa_message(ctx, NULL);
+    fko_set_spa_nat_access(ctx, NULL);
+    fko_set_spa_nat_access(ctx, NULL);
+    fko_set_spa_server_auth(ctx, NULL);
+    fko_set_spa_server_auth(ctx, NULL);
+    fko_set_spa_data(ctx, NULL);
+    fko_set_spa_data(ctx, NULL);
+    spa_calls += 12;
+
    for (i=0; i<FCN_CALLS; i++) {
        fko_destroy(ctx);
        ctx = NULL;
@ -278,6 +281,7 @@ static void ctx_update(fko_ctx_t *ctx, int new_ctx_flag,
 static void spa_default_ctx(fko_ctx_t *ctx)
 {
    fko_new(ctx);
+    fko_set_rand_value(*ctx, NULL);
    fko_spa_data_final(*ctx, ENC_KEY, 16, HMAC_KEY, 16);
    fko_set_spa_message(*ctx, "123.123.123.123,tcp/22");
    fko_spa_data_final(*ctx, ENC_KEY, 16, HMAC_KEY, 16);
@ -436,23 +440,40 @@ display_ctx(fko_ctx_t ctx)
    int         encryption_mode = -1;
    int         client_timeout  = -1;

-    /* Should be checking return values, but this is temp code. --DSS
+    /* pass in NULL to each fko_get_* function first to ensure
+     * that NULL is handled properly
    */
+    fko_get_rand_value(ctx, NULL);
    fko_get_rand_value(ctx, &rand_val);
+    fko_get_username(ctx, NULL);
    fko_get_username(ctx, &username);
+    fko_get_timestamp(ctx, NULL);
    fko_get_timestamp(ctx, &timestamp);
+    fko_get_version(ctx, NULL);
    fko_get_version(ctx, &version);
+    fko_get_spa_message_type(ctx, NULL);
    fko_get_spa_message_type(ctx, &msg_type);
+    fko_get_spa_message(ctx, NULL);
    fko_get_spa_message(ctx, &spa_message);
+    fko_get_spa_nat_access(ctx, NULL);
    fko_get_spa_nat_access(ctx, &nat_access);
+    fko_get_spa_server_auth(ctx, NULL);
    fko_get_spa_server_auth(ctx, &server_auth);
+    fko_get_spa_client_timeout(ctx, NULL);
    fko_get_spa_client_timeout(ctx, &client_timeout);
+    fko_get_spa_digest_type(ctx, NULL);
    fko_get_spa_digest_type(ctx, &digest_type);
+    fko_get_spa_hmac_type(ctx, NULL);
    fko_get_spa_hmac_type(ctx, &hmac_type);
+    fko_get_spa_encryption_mode(ctx, NULL);
    fko_get_spa_encryption_mode(ctx, &encryption_mode);
+    fko_get_encoded_data(ctx, NULL);
    fko_get_encoded_data(ctx, &enc_data);
+    fko_get_spa_hmac(ctx, NULL);
    fko_get_spa_hmac(ctx, &hmac_data);
+    fko_get_spa_digest(ctx, NULL);
    fko_get_spa_digest(ctx, &spa_digest);
+    fko_get_spa_data(ctx, NULL);
    fko_get_spa_data(ctx, &spa_data);

    printf("\nFKO Field Values:\n=================\n\n");