Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Coverity warnings #610

Merged
merged 1 commit into from
Aug 21, 2024
Merged

Fix Coverity warnings #610

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/Conf.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -319,7 +319,7 @@ ConfV4* ConfV4::instance() { return dynamic_cast<ConfV4*>(Conf::instance()); }
vector<X509Cert> ConfV4::verifyServiceCerts() const
{
if(X509Cert cert = verifyServiceCert())
return { cert };
return { std::move(cert) };
return {};
}

Expand Down
47 changes: 27 additions & 20 deletions src/crypto/X509Crypto.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
#include <algorithm>
#include <array>
#include <charconv>
#include <unordered_map>

using namespace digidoc;
using namespace std;
Expand Down Expand Up @@ -103,40 +104,47 @@ int X509Crypto::compareIssuerToString(string_view name) const
"UID", "userId"
};

for(size_t old = 0, pos = name.find(','); ; pos = name.find(',', old))
bool escape = false;
string_view key;
std::unordered_map<string_view,string_view> data;
for(size_t i = 0, pos = 0; i < name.size(); ++i)
{
if(pos == string::npos)
pos = name.size();
if(pos < old)
break;
if(name[pos-1] == '\\')
if(escape)
escape = false;
else if(char chr = name[i]; chr == '\\')
escape = true;
else if(chr == '=' && key.empty())
{
old = pos + 1;
continue;
key = name.substr(pos, i - pos);
pos += key.size() + 1;
}
else if(auto last = (i + 1) == name.size(); last || chr == ',')
{
auto value = name.substr(pos, last ? string_view::npos : i - pos);
data[key] = value;
key = {};
pos += value.size() + 1;
}
}

auto nameitem = name.substr(old, pos - old);
old = pos + 1;

if(pos = nameitem.find('=');
pos == string::npos || pos == 0 || nameitem[pos-1] == '\\')
continue;

auto obj = find(list.cbegin(), list.cend(), nameitem.substr(0, pos));
X509_NAME *issuer = X509_get_issuer_name(cert.handle());
for(const auto &[key, val]: data)
{
auto obj = find(list.cbegin(), list.cend(), key);
if(obj == list.cend())
continue;

if(*obj == "STREET"sv)
obj++;
ASN1_OBJECT *obja = OBJ_txt2obj(*obj, 0);
if(!obja)
continue;
return -1;

static const string_view escape = " #+,;<=>\\";
string value(nameitem.substr(pos+1, pos-old));
string value(val);
static const errc ok{};
uint8_t result{};
for(string::size_type pos = value.find('\\'); pos < value.size(); pos = value.find('\\', ++pos))
for(size_t pos = value.find('\\'); pos < value.size(); pos = value.find('\\', ++pos))
{
if(auto data = next(value.data(), pos + 1); from_chars(data, next(data, 2), result, 16).ec == ok)
{
Expand All @@ -148,7 +156,6 @@ int X509Crypto::compareIssuerToString(string_view name) const
}

bool found = false;
X509_NAME *issuer = X509_get_issuer_name(cert.handle());
for(int i = 0; i < X509_NAME_entry_count(issuer); ++i)
{
X509_NAME_ENTRY *entb = X509_NAME_get_entry(issuer, i);
Expand Down
37 changes: 18 additions & 19 deletions src/digidoc-tool.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,8 +122,7 @@ static ostream &operator<<(ostream &os, Signature::Validator::Status status)

static ostream &endl(ostream &os)
{
os.put('\n');
return os;
return os.put('\n');
}
}

Expand Down Expand Up @@ -384,14 +383,14 @@ ToolConfig::ToolConfig(int argc, char *argv[])
{
for(int i = 2; i < argc; i++)
{
string arg(toUTF8(argv[i]));
string_view arg(argv[i]);
if(arg.find("--profile=") == 0)
profile = arg.substr(10);
else if(arg.find("--file=") == 0)
{
string arg2(i+1 < argc ? toUTF8(argv[i+1]) : string());
string_view arg2(i+1 < argc ? argv[i+1] : string_view());
files.emplace(arg.substr(7),
arg2.find("--mime=") == 0 ? arg2.substr(7) : "application/octet-stream");
arg2.find("--mime=") == 0 ? toUTF8(arg2.substr(7)) : "application/octet-stream");
}
#ifdef _WIN32
else if(arg == "--cng") cng = true;
Expand All @@ -402,23 +401,23 @@ ToolConfig::ToolConfig(int argc, char *argv[])
{
cng = false;
if(arg.find('=') != string::npos)
pkcs11 = arg.substr(arg.find('=') + 1);
pkcs11 = toUTF8(arg.substr(arg.find('=') + 1));
}
else if(arg.find("--pkcs12=") == 0)
{
cng = false;
pkcs12 = arg.substr(9);
pkcs12 = toUTF8(arg.substr(9));
}
else if(arg == "--dontValidate") dontValidate = true;
else if(arg == "--XAdESEN") XAdESEN = true;
else if(arg.find("--pin=") == 0) pin = arg.substr(6);
else if(arg.find("--cert=") == 0) cert = arg.substr(7);
else if(arg.find("--city=") == 0) city = arg.substr(7);
else if(arg.find("--street=") == 0) street = arg.substr(9);
else if(arg.find("--state=") == 0) state = arg.substr(8);
else if(arg.find("--postalCode=") == 0) postalCode = arg.substr(13);
else if(arg.find("--country=") == 0) country = arg.substr(10);
else if(arg.find("--role=") == 0) roles.push_back(arg.substr(7));
else if(arg.find("--cert=") == 0) cert = toUTF8(arg.substr(7));
else if(arg.find("--city=") == 0) city = toUTF8(arg.substr(7));
else if(arg.find("--street=") == 0) street = toUTF8(arg.substr(9));
else if(arg.find("--state=") == 0) state = toUTF8(arg.substr(8));
else if(arg.find("--postalCode=") == 0) postalCode = toUTF8(arg.substr(13));
else if(arg.find("--country=") == 0) country = toUTF8(arg.substr(10));
else if(arg.find("--role=") == 0) roles.push_back(toUTF8(arg.substr(7)));
else if(arg == "--sha224") uri = URI_SHA224;
else if(arg == "--sha256") uri = URI_SHA256;
else if(arg == "--sha384") uri = URI_SHA384;
Expand All @@ -435,13 +434,13 @@ ToolConfig::ToolConfig(int argc, char *argv[])
else if(arg == "--rsapss") rsaPss = true;
else if(arg.find("--tsurl") == 0) tsurl = arg.substr(8);
else if(arg.find("--tslurl=") == 0) tslurl = arg.substr(9);
else if(arg.find("--tslcert=") == 0) tslcerts = vector<X509Cert>{ X509Cert(arg.substr(10)) };
else if(arg.find("--tslcert=") == 0) tslcerts = vector<X509Cert>{ X509Cert(toUTF8(arg.substr(10))) };
else if(arg == "--TSLAllowExpired") expired = true;
else if(arg == "--dontsign") doSign = false;
else if(arg == "--nocolor") RED = GREEN = YELLOW = RESET = {};
else if(arg.find("--loglevel=") == 0) _logLevel = stoi(arg.substr(11));
else if(arg.find("--logfile=") == 0) _logFile = arg.substr(10);
else path = arg;
else if(arg.find("--loglevel=") == 0) _logLevel = atoi(arg.substr(11).data());
else if(arg.find("--logfile=") == 0) _logFile = toUTF8(arg.substr(10));
else path = toUTF8(arg);
}
}

Expand Down Expand Up @@ -917,7 +916,7 @@ static int tslcmd(int /*argc*/, char* /*argv*/[])
{
int returnCode = EXIT_SUCCESS;
string cache = CONF(TSLCache);
TSL t(cache + "/" + File::fileName(CONF(TSLUrl)));
TSL t(File::path(cache, File::fileName(CONF(TSLUrl))));
cout << "TSL: " << t.url() << endl
<< " Type: " << t.type() << endl
<< " Territory: " << t.territory() << endl
Expand Down
17 changes: 8 additions & 9 deletions src/util/File.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
#include "log.h"

#include <algorithm>
#include <charconv>
#include <ctime>
#include <locale>
#include <sstream>
Expand Down Expand Up @@ -204,9 +205,6 @@ string File::directory(const string& path)
*
* @param directory directory path.
* @param relativePath relative path.
* @param unixStyle when set to <code>true</code> returns path with unix path separators,
* otherwise returns with operating system specific path separators.
* Default value is <code>false</code>.
* @return returns full path.
*/
string File::path(string dir, string_view relativePath)
Expand Down Expand Up @@ -345,6 +343,7 @@ string File::toUriPath(const string &path)
string File::fromUriPath(string_view path)
{
string ret;
ret.reserve(path.size());
char data[] = "00";
for(auto i = path.begin(); i != path.end(); ++i)
{
Expand All @@ -361,15 +360,15 @@ string File::fromUriPath(string_view path)
return ret;
}

vector<unsigned char> File::hexToBin(const string &in)
vector<unsigned char> File::hexToBin(string_view in)
{
vector<unsigned char> out;
char data[] = "00";
for(string::const_iterator i = in.cbegin(); distance(i, in.cend()) >= 2;)
out.reserve(in.size() / 2);
uint8_t result{};
for(size_t pos{}; pos + 1 < in.size(); pos += 2)
{
data[0] = *(i++);
data[1] = *(i++);
out.push_back(static_cast<unsigned char>(strtoul(data, nullptr, 16)));
if(auto i = next(in.data(), pos); from_chars(i, i + 2, result, 16).ec == std::errc{})
out.push_back(result);
}
return out;
}
2 changes: 1 addition & 1 deletion src/util/File.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ namespace digidoc
static void deleteTempFiles();
static std::string toUriPath(const std::string &path);
static std::string fromUriPath(std::string_view path);
static std::vector<unsigned char> hexToBin(const std::string &in);
static std::vector<unsigned char> hexToBin(std::string_view in);
#ifdef _WIN32
static std::string dllPath(std::string_view dll);
#endif
Expand Down