aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/bank-lib/taler-exchange-wire-gateway-client.c8
-rw-r--r--src/benchmark/taler-aggregator-benchmark.c8
-rw-r--r--src/exchange/taler-exchange-httpd.c4
-rw-r--r--src/json/json.c11
-rw-r--r--src/lib/exchange_api_wire.c8
-rw-r--r--src/testing/testing_api_cmd_deposit.c16
-rw-r--r--src/testing/testing_api_loop.c7
-rw-r--r--src/util/crypto_helper_esign.c6
-rw-r--r--src/util/crypto_helper_rsa.c18
-rw-r--r--src/util/secmod_common.c6
-rw-r--r--src/util/taler-exchange-secmod-rsa.c4
11 files changed, 59 insertions, 37 deletions
diff --git a/src/bank-lib/taler-exchange-wire-gateway-client.c b/src/bank-lib/taler-exchange-wire-gateway-client.c
index 47df82a8f..f17b76561 100644
--- a/src/bank-lib/taler-exchange-wire-gateway-client.c
+++ b/src/bank-lib/taler-exchange-wire-gateway-client.c
@@ -179,9 +179,7 @@ credit_history_cb (void *cls,
if (MHD_HTTP_OK != http_status)
{
if ( (MHD_HTTP_NO_CONTENT != http_status) ||
- (TALER_EC_NONE != ec) ||
- ( (MHD_HTTP_NO_CONTENT != http_status) &&
- (NULL == details) ) )
+ (TALER_EC_NONE != ec) )
{
if (0 == http_status)
{
@@ -294,9 +292,7 @@ debit_history_cb (void *cls,
if (MHD_HTTP_OK != http_status)
{
if ( (MHD_HTTP_NO_CONTENT != http_status) ||
- (TALER_EC_NONE != ec) ||
- ( (MHD_HTTP_NO_CONTENT != http_status) &&
- (NULL == details) ) )
+ (TALER_EC_NONE != ec) )
{
if (0 == http_status)
{
diff --git a/src/benchmark/taler-aggregator-benchmark.c b/src/benchmark/taler-aggregator-benchmark.c
index 16a0ad5b4..0e08553d3 100644
--- a/src/benchmark/taler-aggregator-benchmark.c
+++ b/src/benchmark/taler-aggregator-benchmark.c
@@ -135,13 +135,11 @@ make_amount (unsigned int val,
unsigned int frac,
struct TALER_Amount *out)
{
- memset (out,
- 0,
- sizeof (struct TALER_Amount));
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (currency,
+ out));
out->value = val;
out->fraction = frac;
- strcpy (out->currency,
- currency);
}
diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c
index 386d6089e..ca8eb9a63 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -647,12 +647,12 @@ handle_post_management (struct TEH_RequestContext *rc,
* Handle a get "/management" request.
*
* @param rc request context
- * @param args array of additional options (must be empty for this function)
+ * @param args array of additional options (must be [0] == "keys")
* @return MHD result code
*/
static MHD_RESULT
handle_get_management (struct TEH_RequestContext *rc,
- const char *const args[1])
+ const char *const args[2])
{
if ( (NULL != args[0]) &&
(0 == strcmp (args[0],
diff --git a/src/json/json.c b/src/json/json.c
index 62dec7189..479a0ae96 100644
--- a/src/json/json.c
+++ b/src/json/json.c
@@ -558,9 +558,14 @@ seed_forgettable (json_t *f)
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
&sh,
sizeof (sh));
- json_object_set_new (f,
- key,
- GNUNET_JSON_from_data_auto (&sh));
+ if (0 !=
+ json_object_set_new (f,
+ key,
+ GNUNET_JSON_from_data_auto (&sh)))
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
continue;
}
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
diff --git a/src/lib/exchange_api_wire.c b/src/lib/exchange_api_wire.c
index 5d5a0f4ae..65d38b12a 100644
--- a/src/lib/exchange_api_wire.c
+++ b/src/lib/exchange_api_wire.c
@@ -441,10 +441,6 @@ TALER_EXCHANGE_wire (struct TALER_EXCHANGE_Handle *exchange,
return NULL;
}
eh = TALER_EXCHANGE_curl_easy_get_ (wh->url);
- GNUNET_break (CURLE_OK ==
- curl_easy_setopt (eh,
- CURLOPT_TIMEOUT,
- get_wire_timeout_seconds (wh->exchange)));
if (NULL == eh)
{
GNUNET_break (0);
@@ -452,6 +448,10 @@ TALER_EXCHANGE_wire (struct TALER_EXCHANGE_Handle *exchange,
GNUNET_free (wh);
return NULL;
}
+ GNUNET_break (CURLE_OK ==
+ curl_easy_setopt (eh,
+ CURLOPT_TIMEOUT,
+ get_wire_timeout_seconds (wh->exchange)));
ctx = TEAH_handle_to_context (exchange);
wh->job = GNUNET_CURL_job_add_with_ct_json (ctx,
eh,
diff --git a/src/testing/testing_api_cmd_deposit.c b/src/testing/testing_api_cmd_deposit.c
index 29b2ce64a..cb6dfc0b2 100644
--- a/src/testing/testing_api_cmd_deposit.c
+++ b/src/testing/testing_api_cmd_deposit.c
@@ -613,16 +613,20 @@ TALER_TESTING_cmd_deposit (const char *label,
ds->wallet_timestamp = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&ds->wallet_timestamp);
- json_object_set_new (ds->contract_terms,
- "timestamp",
- GNUNET_JSON_from_time_abs (ds->wallet_timestamp));
+ GNUNET_assert (0 ==
+ json_object_set_new (ds->contract_terms,
+ "timestamp",
+ GNUNET_JSON_from_time_abs (
+ ds->wallet_timestamp)));
if (0 != refund_deadline.rel_value_us)
{
ds->refund_deadline = GNUNET_TIME_relative_to_absolute (refund_deadline);
(void) GNUNET_TIME_round_abs (&ds->refund_deadline);
- json_object_set_new (ds->contract_terms,
- "refund_deadline",
- GNUNET_JSON_from_time_abs (ds->refund_deadline));
+ GNUNET_assert (0 ==
+ json_object_set_new (ds->contract_terms,
+ "refund_deadline",
+ GNUNET_JSON_from_time_abs (
+ ds->refund_deadline)));
}
GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount (amount,
diff --git a/src/testing/testing_api_loop.c b/src/testing/testing_api_loop.c
index d8d32f6df..7a25bed64 100644
--- a/src/testing/testing_api_loop.c
+++ b/src/testing/testing_api_loop.c
@@ -389,9 +389,10 @@ maint_child_death (void *cls)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Got the dead child process handle, waiting for termination ...\n");
- GNUNET_OS_process_wait_status (*processp,
- &type,
- &code);
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_OS_process_wait_status (*processp,
+ &type,
+ &code));
GNUNET_OS_process_destroy (*processp);
*processp = NULL;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
diff --git a/src/util/crypto_helper_esign.c b/src/util/crypto_helper_esign.c
index 794a916a8..5c0d9449d 100644
--- a/src/util/crypto_helper_esign.c
+++ b/src/util/crypto_helper_esign.c
@@ -337,6 +337,8 @@ TALER_CRYPTO_helper_esign_sign_ (
struct TALER_ExchangePublicKeyP *exchange_pub,
struct TALER_ExchangeSignatureP *exchange_sig)
{
+ uint32_t purpose_size = ntohl (purpose->size);
+
if (GNUNET_OK !=
try_connect (esh))
{
@@ -344,8 +346,9 @@ TALER_CRYPTO_helper_esign_sign_ (
"Failed to connect to helper\n");
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
}
+ GNUNET_assert (purpose_size <
+ UINT16_MAX - sizeof (struct TALER_CRYPTO_EddsaSignRequest));
{
- uint32_t purpose_size = ntohl (purpose->size);
char buf[sizeof (struct TALER_CRYPTO_EddsaSignRequest) + purpose_size
- sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)];
struct TALER_CRYPTO_EddsaSignRequest *sr
@@ -414,6 +417,7 @@ more:
if (off < sizeof (struct GNUNET_MessageHeader))
continue;
msize = ntohs (hdr->size);
+ GNUNET_assert (msize <= sizeof (buf));
if (off < msize)
continue;
switch (ntohs (hdr->type))
diff --git a/src/util/crypto_helper_rsa.c b/src/util/crypto_helper_rsa.c
index a5a001a9c..088aae9f0 100644
--- a/src/util/crypto_helper_rsa.c
+++ b/src/util/crypto_helper_rsa.c
@@ -173,22 +173,28 @@ handle_mt_avail (struct TALER_CRYPTO_RsaDenominationHelper *dh,
= (const struct TALER_CRYPTO_RsaKeyAvailableNotification *) hdr;
const char *buf = (const char *) &kan[1];
const char *section_name;
+ uint16_t ps;
+ uint16_t snl;
if (sizeof (*kan) > ntohs (hdr->size))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
- if (ntohs (hdr->size) !=
- sizeof (*kan)
- + ntohs (kan->pub_size)
- + ntohs (kan->section_name_len))
+ ps = ntohs (kan->pub_size);
+ snl = ntohs (kan->section_name_len);
+ if (ntohs (hdr->size) != sizeof (*kan) + ps + snl)
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
- section_name = &buf[ntohs (kan->pub_size)];
- if ('\0' != section_name[ntohs (kan->section_name_len) - 1])
+ if (0 == snl)
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
+ section_name = &buf[ps];
+ if ('\0' != section_name[snl - 1])
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
diff --git a/src/util/secmod_common.c b/src/util/secmod_common.c
index 4a45dd58d..0bcf9ae5f 100644
--- a/src/util/secmod_common.c
+++ b/src/util/secmod_common.c
@@ -266,6 +266,12 @@ TES_read_work (void *cls,
continue;
hdr = (const struct GNUNET_MessageHeader *) buf;
msize = ntohs (hdr->size);
+ if (msize < sizeof (struct GNUNET_MessageHeader))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
+ GNUNET_assert (msize <= sizeof (client->iobuf));
} while (off < msize);
if (off > msize)
diff --git a/src/util/taler-exchange-secmod-rsa.c b/src/util/taler-exchange-secmod-rsa.c
index 1a87c4cc1..a2bbaf055 100644
--- a/src/util/taler-exchange-secmod-rsa.c
+++ b/src/util/taler-exchange-secmod-rsa.c
@@ -1116,6 +1116,7 @@ import_key (void *cls,
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"open",
filename);
+ GNUNET_break (0 == close (fd));
return GNUNET_OK;
}
if (0 != fstat (fd,
@@ -1131,6 +1132,7 @@ import_key (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"File `%s' is not a regular file, which is not allowed for private keys!\n",
filename);
+ GNUNET_break (0 == close (fd));
return GNUNET_OK;
}
if (0 != (sbuf.st_mode & (S_IWUSR | S_IRWXG | S_IRWXO)))
@@ -1286,7 +1288,7 @@ load_denominations (void *cls,
{
struct LoadContext *ctx = cls;
struct Denomination *denom;
- bool wake;
+ bool wake = true;
if ( (0 != strncasecmp (denomination_alias,
"coin_",