Skip to content
Snippets Groups Projects
Commit 3983286e authored by Jan Včelák's avatar Jan Včelák :rocket:
Browse files

scan-build: fix zero size memory allocation 

MEM04-C, CWE-131: result of malloc(0) is implementation specific
parent a8a26709
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/common/hex.c
+ 7
4
View file @ 3983286e
......@@ -15,6 +15,7 @@
*/
#include <config.h>
#include <assert.h>
#include <ctype.h>
#include <stdint.h>
#include <stdlib.h>
......@@ -27,10 +28,11 @@
*/
static uint8_t hex_to_num(int c)
{
if (c >= '0' && c <= '9')
if (c >= '0' && c <= '9') {
return c - '0';
else
} else {
return c - 'a' + 10;
}
}
/*!
......@@ -38,7 +40,7 @@ static uint8_t hex_to_num(int c)
*/
int hex_decode(const char *input, uint8_t **output, size_t *output_size)
{
if (!input || !output || !output_size) {
if (!input || input[0] == '\0' || !output || !output_size) {
return KNOT_EINVAL;
}
......@@ -58,7 +60,8 @@ int hex_decode(const char *input, uint8_t **output, size_t *output_size)
// output allocation
size_t result_size = input_size / 2;
uint8_t *result = malloc(result_size * sizeof(uint8_t));
assert(result_size > 0);
uint8_t *result = malloc(result_size);
if (!result) {
return KNOT_ENOMEM;
}
......
src/libknot/dnssec/nsec3.c
+ 1
1
View file @ 3983286e
......@@ -51,7 +51,7 @@ static int nsec3_sha1(const uint8_t *salt, uint8_t salt_length,
assert(digest);
assert(digest_size);
if (!salt) {
if (salt_length > 0 && !salt) {
return KNOT_EINVAL;
}
......
src/utils/nsec3hash/nsec3hash_main.c
+ 12
9
View file @ 3983286e
......@@ -64,22 +64,26 @@ static bool parse_nsec3_params(knot_nsec3_params_t *params, const char *salt,
return false;
}
size_t salt_length;
result = hex_decode(salt, &params->salt, &salt_length);
if (result != KNOT_EOK) {
fprintf(stderr, "Invalid salt: %s\n",
knot_strerror(result));
return false;
size_t salt_length = 0;
uint8_t *salt_data = NULL;
if (salt[0] != '\0') {
result = hex_decode(salt, &salt_data, &salt_length);
if (result != KNOT_EOK) {
fprintf(stderr, "Invalid salt: %s\n",
knot_strerror(result));
return false;
}
}
if (salt_length > UINT8_MAX) {
fprintf(stderr, "Invalid salt: Maximal length is %d bytes.\n",
UINT8_MAX);
free(params->salt);
memset(params, '\0', sizeof(*params));
free(salt_data);
return false;
}
params->salt = salt_data;
params->salt_length = (uint8_t)salt_length;
return true;
......@@ -180,7 +184,6 @@ int main(int argc, char *argv[])
nsec3_params.iterations);
fail:
knot_nsec3_params_free(&nsec3_params);
knot_dname_free(&dname);
free(digest);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment