In the function below I am facing a Dereference error before null check. In the line
SEC_KM_KEKColumn_t *pAdmin1KEKs = pTCGKS->keySet[SEC_KM_Admin1].kc;
There is an error which states directly dereferencing pointer pTCGKS. And also in the line
SEC_ASSERT_MODEL(pDefaultKS != NULL && pTCGKS != NULL);
there is an error which states Dereference before null check (REVERSE_INULL)
check_after_deref: Null-checking pTCGKS suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
Stat_t SEC_COD_SLOW SEC_KM_TCG_Activ(SEC_KM_TCGKeySet_t *pTCGKS, uint32_t rangesSUM, SEC_KM_DefaultKeySet_t *pDefaultKS)
{
Status_t status = STATUS_OK;
uint32_t rangeIndex = 0;
const SEC_KM_KDF_t *pDigestNID = SEC_KM_GetAnybodyDigest();
SEC_KM_KEKColumn_t *pAdmin1KEKs = pTCGKS->keySet[SEC_KM_Admin1].kc;
const SEC_KM_KDF_t *pDigestAID = SEC_KM_TCG_GetSessionCredentials();
SEC_ASSERT_DEBUG(SEC_KM_TCG_GetSessionUserID() == SEC_KM_Admin1);
SEC_ASSERT_MODEL(pDefaultKS != NULL && pTCGKS != NULL);
// Generate Key Chains for all TCG authorities for Original Opal scheme
status = SEC_KM_TCG_Generate(pTCGKS, pDigestNID, pDigestAID);
if (status != STATUS_OK)
{
return status;
}
// Rewrap SDEK from default key storage into Global Range of TCG
status = SEC_KM_RewrapSDEK(&pDefaultKS->SDEKw, &pDefaultKS->keySet.RKEKw, &pDefaultKS->keySet.PKEKw, pDigestNID,
&pTCGKS->DEK[GDEK].SDEK.w, &pAdmin1KEKs[RKEKG].w, &pAdmin1KEKs[PKEK].w, pDigestAID);
if (status != STATUS_OK)
{
return status;
}
status = SEC_KM_TCG_ConvertToSUM(pTCGKS, pDigestNID, rangesSUM);
if (status != STATUS_OK)
{
return status;
}
// After Activation all ranges are unlocked. So unwrap all SDEKs.
for (rangeIndex = 0; rangeIndex < TCG_MAX_RANGE_KEYS; rangeIndex++)
{
status = SEC_KM_TCG_UnwrapUnlockedSDEK(pTCGKS, rangeIndex);
if (status != STATUS_OK)
{
return status;
}
}
return status;
}
It's exactly what it says.
First you dereference pTCGKS, then you check that it isn't null.
Compilers can (and will) optimise out a "late" null check as being effectively redundant for any well-defined program, making your assertion potentially useless.
Move it to before your dereference.
The SEC_ASSERT_MODEL checks for NULL after the line that references it. If pTCGKS is null a runtime error will occur before that check, so it serves no useful purpose.
I assume SEC_ASSERT_MODEL is a precondition check macro - if that is the case you need to perform those checks before using the checked parameters:
SEC_ASSERT_DEBUG(SEC_KM_TCG_GetSessionUserID() == SEC_KM_Admin1);
SEC_ASSERT_MODEL(pDefaultKS != NULL && pTCGKS != NULL);
Status_t status = STATUS_OK;
uint32_t rangeIndex = 0;
const SEC_KM_KDF_t *pDigestNID = SEC_KM_GetAnybodyDigest();
SEC_KM_KEKColumn_t *pAdmin1KEKs = pTCGKS->keySet[SEC_KM_Admin1].kc;
const SEC_KM_KDF_t *pDigestAID = SEC_KM_TCG_GetSessionCredentials();
Related
I am using the Cassandra C++ driver in my application. I am observing many crashes. After debugging I identified that even when the query output is zero rows , the if (result == NULL) is false and when I iterate through the result, one place or other it is crashing. Below is the code sample. Please suggest me any solution for this.
const char* query = "SELECT variable_id, variable_name FROM aqm_wfvariables WHERE template_id = ?;";
CassError rc = CASS_OK;
CassSession* session = NULL;
if((session=CassandraDbConnect::getInstance()->getSessionForCassandra())==NULL){
return false;
}
CassStatement* statement = cass_statement_new(query, 1);
cass_statement_bind_int32(statement, 0, wf_template_id );
CassFuture* query_future = cass_session_execute(session, statement);
cass_future_wait(query_future);
rc = cass_future_error_code(query_future);
if (rc != CASS_OK) {
logMsg(DEBUG, 7, "cass_session_execute failed for query #%d:%s:%s", 1, __FILE__, query);
cass_statement_free(statement);
return false;
}
cass_statement_free(statement);
const CassResult* result = cass_future_get_result(query_future);
if (result == NULL) {
cass_future_free(query_future);
logMsg(DEBUG, 7, "No values are returned for query #%d:%s:%s", 1, __FILE__, query);
return false;
}
cass_future_free(query_future);
CassIterator* row_iterator = cass_iterator_from_result(result);
while (cass_iterator_next(row_iterator)) {
const CassRow* row = cass_iterator_get_row(row_iterator);
/* Copy data from the row */
You should use
(result.cass_result_row_count>0)
instead of
(result == NULL)
to verify if query returns zero rows. In your code, result is always an instance of CassResult and not a null reference when zero rows are returned.
I have an application that tries to verify the mmc.exe (services) signature. (the context of the application I think is irrelevant) I am trying with winapi function which both fails with
WinVerifyTrust. I get TRUST_E_BAD_DIGEST when I am trying with verification from catalog, and
TRUST_E_NOSIGNATURE when trying from file info. it is very important to mention that my function succeeds on win7, XP but fails on win8.
this is the code snippet for the function
CATALOG_INFO InfoStruct = {0};
InfoStruct.cbStruct = sizeof(CATALOG_INFO);
WINTRUST_CATALOG_INFO WintrustCatalogStructure = {0};
WintrustCatalogStructure.cbStruct = sizeof(WINTRUST_CATALOG_INFO);
WINTRUST_FILE_INFO WintrustFileStructure = {0};
WintrustFileStructure.cbStruct = sizeof(WINTRUST_FILE_INFO);
GUID ActionGuid = WINTRUST_ACTION_GENERIC_VERIFY_V2;
//Get a context for signature verification.
HCATADMIN Context = NULL;
if(!::CryptCATAdminAcquireContext(&Context, NULL, 0) ){
return false;
}
//Open file.
cx_handle hFile(::CreateFileW(filename_.c_str(), GENERIC_READ, 7, NULL, OPEN_EXISTING, 0, NULL));
if( INVALID_HANDLE_VALUE == (HANDLE)hFile )
{
CryptCATAdminReleaseContext(Context, 0);
return false;
}
//Get the size we need for our hash.
DWORD HashSize = 0;
::CryptCATAdminCalcHashFromFileHandle(hFile, &HashSize, NULL, 0);
if( HashSize == 0 )
{
//0-sized has means error!
::CryptCATAdminReleaseContext(Context, 0);
return false;
}
//Allocate memory.
buffer hashbuf(HashSize);
//Actually calculate the hash
if( !CryptCATAdminCalcHashFromFileHandle(hFile, &HashSize, hashbuf.data, 0) )
{
CryptCATAdminReleaseContext(Context, 0);
return false;
}
//Convert the hash to a string.
buffer MemberTag(((HashSize * 2) + 1) * sizeof(wchar_t));
for( unsigned int i = 0; i < HashSize; i++ ){
swprintf(&((PWCHAR)MemberTag.data)[i * 2], L"%02X", hashbuf.data[i ]);
}
//Get catalog for our context.
HCATINFO CatalogContext = CryptCATAdminEnumCatalogFromHash(Context, hashbuf, HashSize, 0, NULL);
if ( CatalogContext )
{
//If we couldn't get information
if ( !CryptCATCatalogInfoFromContext(CatalogContext, &InfoStruct, 0) )
{
//Release the context and set the context to null so it gets picked up below.
CryptCATAdminReleaseCatalogContext(Context, CatalogContext, 0);
CatalogContext = NULL;
}
}
//If we have a valid context, we got our info.
//Otherwise, we attempt to verify the internal signature.
WINTRUST_DATA WintrustStructure = {0};
WintrustStructure.cbStruct = sizeof(WINTRUST_DATA);
if( !CatalogContext )
{
load_signature_verification_from_file_info(WintrustFileStructure, WintrustStructure);
}
else
{
load_signature_verification_from_catalog(WintrustStructure, WintrustCatalogStructure, InfoStruct, MemberTag);
}
//Call our verification function.
long verification_res = ::WinVerifyTrust(0, &ActionGuid, &WintrustStructure);
//Check return.
bool is_success = SUCCEEDED(verification_res) ? true : false;
// if failed with CatalogContext, try with FILE_INFO
if(!is_success && CatalogContext && verification_res != TRUST_E_NOSIGNATURE)
{
//warning2(L"Failed verification with Catalog Context: 0x%x %s ; Retrying with FILE_INFO.", verification_res, (const wchar_t*)format_last_error(verification_res));
load_signature_verification_from_file_info(WintrustFileStructure, WintrustStructure);
verification_res = ::WinVerifyTrust(0, &ActionGuid, &WintrustStructure);
is_success = SUCCEEDED(verification_res) ? true : false;
}
if(perr && !is_success && verification_res != TRUST_E_NOSIGNATURE)
{
perr->code = verification_res;
perr->description = format_last_error(verification_res);
}
//Free context.
if( CatalogContext ){
::CryptCATAdminReleaseCatalogContext(Context, CatalogContext, 0);
}
//If we successfully verified, we need to free.
if( is_success )
{
WintrustStructure.dwStateAction = WTD_STATEACTION_CLOSE;
::WinVerifyTrust(0, &ActionGuid, &WintrustStructure);
}
::CryptCATAdminReleaseContext(Context, 0);
return is_success;
I don't think any thing had changed in this function from win7 to win 8 so what could possibly go wrong?
UPDATE
I did notice that my function does work for task manager at win 8.
but again for the mmc it does not work.
It appears that your general approach is correct and the functions themselves haven't changed. However there are subtle changes; namely the data on which they operate has changed. The hashes stored for files on Windows 8, according to comments on CryptCATAdminCalcHashFromFileHandle, are calculated using SHA-256 hashes.
The SHA-256 hashing algorithm is not supported by CryptCATAdminCalcHashFromFileHandle, so you must update the code to use CryptCATAdminAcquireContext2 and CryptCATAdminCalcHashFromFileHandle2 on Windows 8; the former allows you to acquire a HCATADMIN with a specified hash algorithm, and the latter allows using that HCATADMIN.
(Interestingly, WINTRUST_CATALOG_INFO also points this direction with its HCATADMIN hCatAdmin member, documented as "Windows 8 and Windows Server 2012: Support for this member begins.")
I get this warning when analyzing the code with XCode 4.6 and I don't get it.
VanishingPointInfo* vpClosestToCenterLine = NULL;
for (vector<VanishingPointInfo>::iterator vpInfo = lineCrossings.begin(); vpInfo != lineCrossings.end(); vpInfo++)
{
if (vpClosestToCenterLine == NULL || vpInfo->diffToMiddle < vpClosestToCenterLine->diffToMiddle)
{
vpClosestToCenterLine = &(*vpInfo);
}
}
XCode complains that the access to vpInfo->diffToMiddle results in a dereference of a NULL pointer. But that is the iterator...
Xcode is flagging the message to warn that the is an error if vpInfo has a null value, if it does then the substructures inside vpInfo are all invalid. To fix the warning you can put an existence check before going through the logic requiring access to the substructures. ....
if (vpInfo) {
VanishingPointInfo* vpClosestToCenterLine = NULL;
for (vector<VanishingPointInfo>::iterator vpInfo = lineCrossings.begin(); vpInfo != lineCrossings.end(); vpInfo++)
{
if (vpClosestToCenterLine == NULL || vpInfo->diffToMiddle < vpClosestToCenterLine->diffToMiddle)
{
vpClosestToCenterLine = &(*vpInfo);
}
}}
I have a method where I create objects on the heap and return a boolean which indicates if it went well or not.
I am not 100% sure about my bool assignments though in (1); is this legal to do?
bool ret = true;
if (ret = !mRenderBackend) // make sure mRenderBackend is NULL
{
if (mEngineSettings.GetRenderBackend() == OPENGL)
ret = mRenderBackend = mMemoryAllocator.AllocateObject<RenderOpenGL>(); // (1). AllocateObject returns either NULL or object address
}
return ret;
Thanks
You don't really need the bool at all, it sort of makes it harder to follow. I would personally do something like,
if (mRenderBackend == NULL) // make sure mRenderBackend is NULL
{
if (mEngineSettings.GetRenderBackend() == OPENGL)
mRenderBackend = mMemoryAllocator.AllocateObject<RenderOpenGL>(); // (1). AllocateObject returns either NULL or object address
}
return (mRenderBackend != NULL);
Yes, legal.
if (ret = !mRenderBackend)
is equivalent to
ret = !mRenderBackend;
if(ret)
is equivalent to
ret = (mRenderBackend == 0);
if(ret)
Just note that ret will only be defined up to zero/nonzeroness which looks safe in your code.
I tried to uset IDataObject to put a some text to clipboard. But the GlobalUnlock fails. What I'm doing wrong?
IDataObject *obj;
HRESULT ret;
assert(S_OK == OleGetClipboard(&obj));
FORMATETC fmtetc = {0};
fmtetc.cfFormat = CF_TEXT;
fmtetc.dwAspect = DVASPECT_CONTENT;
fmtetc.lindex = -1;
fmtetc.tymed = TYMED_HGLOBAL;
STGMEDIUM medium = {0};
medium.tymed = TYMED_HGLOBAL;
char* str = "string";
medium.hGlobal = GlobalAlloc(GMEM_MOVEABLE+GMEM_DDESHARE, strlen(str)+1);
char* pMem = (char*)GlobalLock(medium.hGlobal);
strcpy(pMem,str);
assert(GlobalUnlock(medium.hGlobal) != 0); // !!! ERROR
assert(S_OK == obj->SetData(&fmtetc,&medium,TRUE));
assert(S_OK == OleSetClipboard(obj));
Well, after looking at the documentation this is to be expected:
Return Value
If the memory object is still locked after decrementing the lock count, the return value is a nonzero value. If the memory object is unlocked after decrementing the lock count, the function returns zero and GetLastError returns NO_ERROR.
If the function fails, the return value is zero and GetLastError returns a value other than NO_ERROR.
So your assertion is wrong; it should be:
assert(GlobalUnlock(medium.hGlobal) == 0 && GetLastError() == NO_ERROR);