[Swan-dev] Coverity Scan finds issue with programs/pluto/keys.c

D. Hugh Redelmeier hugh at mimosa.com
Tue May 4 05:15:09 UTC 2021 

| From: scan-admin at coverity.com

| ________________________________________________________________________________________________________
| *** CID 1504578:    (FORWARD_NULL)
| /programs/pluto/keys.c: 529 in authsig_and_log_using_pubkey()
| 523     		stop = try_all_keys("preloaded", pluto_pubkeys, &s);
| 524     	}
| 525     
| 526     	if (s.fatal_diag != NULL) {
| 527     		LLOG_JAMBUF(RC_LOG_SERIOUS, ike->sa.st_logger, buf) {
| 528     			jam(buf, "authentication aborted: problem with '");
| >>>     CID 1504578:    (FORWARD_NULL)
| >>>     Passing null pointer "&s.key->id" to "jam_id", which dereferences it.
| 529     			jam_id(buf, &s.key->id, jam_sanitized_bytes);
| 530     			jam(buf, "': ");
| 531     			jam_diag(buf, s.fatal_diag);
| 532     			pfree_diag(&s.fatal_diag);
| 533     		}
| 534     		return STF_FATAL;
| /programs/pluto/keys.c: 529 in authsig_and_log_using_pubkey()
| 523     		stop = try_all_keys("preloaded", pluto_pubkeys, &s);
| 524     	}
| 525     
| 526     	if (s.fatal_diag != NULL) {
| 527     		LLOG_JAMBUF(RC_LOG_SERIOUS, ike->sa.st_logger, buf) {
| 528     			jam(buf, "authentication aborted: problem with '");
| >>>     CID 1504578:    (FORWARD_NULL)
| >>>     Passing null pointer "&s.key->id" to "jam_id", which dereferences it.
| 529     			jam_id(buf, &s.key->id, jam_sanitized_bytes);
| 530     			jam(buf, "': ");
| 531     			jam_diag(buf, s.fatal_diag);
| 532     			pfree_diag(&s.fatal_diag);
| 533     		}
| 534     		return STF_FATAL;

I'm suspicious about the case where both calls to try_all_keys return
true.  I'll call this "double stop".

According to the comment on try_all_keys, not much is specified about
the results when false is returned.

Perhaps something like this would fix the (possibly non-existent)
problem.  Clearly the message and the message generation should be
improved.

It isn't clear to me that this actually fixes the problem that
Coverity Scan saw.

diff --git a/programs/pluto/keys.c b/programs/pluto/keys.c
index 78aa0ec8bd..013fb47885 100644
--- a/programs/pluto/keys.c
+++ b/programs/pluto/keys.c
@@ -521,6 +521,12 @@ stf_status authsig_and_log_using_pubkey(struct ike_sa *ike,
 	bool stop = try_all_keys("peer", ike->sa.st_remote_certs.pubkey_db, &s);
 	if (!stop) {
 		stop = try_all_keys("preloaded", pluto_pubkeys, &s);
+		if (!stop) {
+			LLOG_JAMBUF(RC_LOG_SERIOUS, ike->sa.st_logger, buf) {
+				jam(buf, "authentication aborted: could not find public keyskeys");
+			}
+			return STF_FATAL;
+		}
 	}
 
 	if (s.fatal_diag != NULL) {

More information about the Swan-dev mailing list