handle negative return values

do not pass negative values to malloc do not pass negative values to strerror do not pass negative values to ftruncate do not pass negative values to fclose Change-Id: I79ebef4e22edd14343ebeebb2ef8308785064fe8
2022-01-16 00:48:09 -05:00
parent 558300cfd2
commit 363bc7d983
3 changed files with 8 additions and 2 deletions
--- a/lib/hx509/crypto.c
+++ b/lib/hx509/crypto.c
@@ -436,6 +436,8 @@ rsa_private_key2SPKI(hx509_context context,
    memset(spki, 0, sizeof(*spki));

    len = i2d_RSAPublicKey(private_key->private_key.rsa, NULL);
+    if (len < 0)
+	return -1;

    spki->subjectPublicKey.data = malloc(len);
    if (spki->subjectPublicKey.data == NULL) {
--- a/lib/hx509/file.c
+++ b/lib/hx509/file.c
@@ -343,12 +343,14 @@ _hx509_erase_file(hx509_context context, const char *fn)
    if (ret == -1 && errno == ENOENT)
        return 0;
    if (ret == -1) {
-        hx509_set_error_string(context, 0, ret, "hx509_certs_destroy: "
-                               "stat of \"%s\": %s", fn, strerror(ret));
+        hx509_set_error_string(context, 0, errno, "hx509_certs_destroy: "
+                               "stat of \"%s\": %s", fn, strerror(errno));
        return errno;
    }

    fd = open(fn, O_RDWR | O_BINARY | O_CLOEXEC | O_NOFOLLOW);
+    if (fd < 0)
+	return errno;
    rk_cloexec(fd);
    if (ret == -1 && errno == ENOENT)
        return 0;
--- a/lib/krb5/store_stdio.c
+++ b/lib/krb5/store_stdio.c
@@ -137,6 +137,8 @@ stdio_trunc(krb5_storage * sp, off_t offset)
    if (fflush(F(sp)) == EOF)
        return errno;
    tmpoff = ftello(F(sp));
+    if (tmpoff < 0)
+	return errno;
    if (tmpoff > offset)
 	tmpoff = offset;
    if (ftruncate(fileno(F(sp)), offset) == -1)