Fix gnutls_pkcs11_token_get_info for short output buffers and fix a memleak (!827) · Merge requests · gnutls / GnuTLS

Peter Wu requested to merge Lekensteyn/gnutls:fix-token-info-modname into master Nov 29, 2018

Fixes a memleak and some inconsistent behavior when the output buffer is too short. Not sure if it is worth documenting presence of such bugs in the function documentation, I noticed a crash when using this pattern:

size = 0;
ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_MODNAME, NULL, &size);
/* error handling for ret */
buffer = g_malloc(size);
ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_MODNAME, buffer, &size);

Note that with the "consistency fix", the above has to be changed to this:

size = 0;
ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_MODNAME, NULL, &size);
/* error handling for ret */
++size;  /* include memory for NULL terminator */
buffer = g_malloc(size);
ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_MODNAME, buffer, &size);

Checklist

Code modified for feature
Test suite updated with functionality tests
Test suite updated with negative tests
Documentation updated / NEWS entry present (for non-trivial changes)

Reviewer's checklist:

Any issues marked for closing are addressed
There is a test suite reasonably covering new functionality or modifications
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
This feature/change has adequate documentation added
No obvious mistakes in the code

Admin message

Fix gnutls_pkcs11_token_get_info for short output buffers and fix a memleak

Checklist

Reviewer's checklist:

Merge request reports