safety
authorVolker Birk <vb@pep-project.org>
Wed, 15 Apr 2015 12:53:50 +0200
changeset 1913bb51ee8f90d
parent 190 b5cdb862fb16
child 192 3a2b4935b07e
safety
src/keymanagement.c
src/message_api.c
src/mime.c
src/pEpEngine.c
     1.1 --- a/src/keymanagement.c	Wed Apr 15 12:31:08 2015 +0200
     1.2 +++ b/src/keymanagement.c	Wed Apr 15 12:53:50 2015 +0200
     1.3 @@ -28,6 +28,9 @@
     1.4      assert(identity);
     1.5      assert(!EMPTY(identity->address));
     1.6  
     1.7 +    if (!(session && identity && !EMPTY(identity->address)))
     1.8 +        return PEP_ILLEGAL_VALUE;
     1.9 +
    1.10      status = get_identity(session, identity->address, &stored_identity);
    1.11      assert(status != PEP_OUT_OF_MEMORY);
    1.12      if (status == PEP_OUT_OF_MEMORY)
    1.13 @@ -190,6 +193,10 @@
    1.14      assert(identity->username);
    1.15      assert(identity->user_id);
    1.16  
    1.17 +    if (!(session && identity && identity->address && identity->username &&
    1.18 +                identity->user_id))
    1.19 +        return PEP_ILLEGAL_VALUE;
    1.20 +
    1.21      identity->comm_type = PEP_ct_pEp;
    1.22      identity->me = true;
    1.23  
     2.1 --- a/src/message_api.c	Wed Apr 15 12:31:08 2015 +0200
     2.2 +++ b/src/message_api.c	Wed Apr 15 12:53:50 2015 +0200
     2.3 @@ -245,6 +245,9 @@
     2.4      assert(dst);
     2.5      assert(enc_format >= PEP_enc_pieces);
     2.6  
     2.7 +    if (!(session && src && dst && (enc_format >= PEP_enc_pieces)))
     2.8 +        return PEP_ILLEGAL_VALUE;
     2.9 +
    2.10      *dst = NULL;
    2.11  
    2.12      if (src->enc_format >= PEP_enc_pieces) {
    2.13 @@ -563,6 +566,9 @@
    2.14      assert(src);
    2.15      assert(dst);
    2.16  
    2.17 +    if (!(session && src && dst))
    2.18 +        return PEP_ILLEGAL_VALUE;
    2.19 +
    2.20      *dst = NULL;
    2.21   
    2.22      if (src->mime == PEP_MIME_fields_omitted || src->mime == PEP_MIME) {
    2.23 @@ -781,6 +787,9 @@
    2.24      assert(msg);
    2.25      assert(color);
    2.26  
    2.27 +    if (!(session && msg && color))
    2.28 +        return PEP_ILLEGAL_VALUE;
    2.29 +
    2.30      *color = pEp_undefined;
    2.31  
    2.32      assert(msg->from);
    2.33 @@ -804,7 +813,8 @@
    2.34              if (msg->to) {
    2.35                  for (il = msg->to; il != NULL; il = il->next) {
    2.36                      if (il->ident) {
    2.37 -                        max_comm_type = _get_comm_type(session, max_comm_type, il->ident);
    2.38 +                        max_comm_type = _get_comm_type(session, max_comm_type,
    2.39 +                                il->ident);
    2.40                          comm_type_determined = true;
    2.41                      }
    2.42                  }
    2.43 @@ -813,7 +823,8 @@
    2.44              if (msg->cc) {
    2.45                  for (il = msg->cc; il != NULL; il = il->next) {
    2.46                      if (il->ident) {
    2.47 -                        max_comm_type = _get_comm_type(session, max_comm_type, il->ident);
    2.48 +                        max_comm_type = _get_comm_type(session, max_comm_type,
    2.49 +                                il->ident);
    2.50                          comm_type_determined = true;
    2.51                      }
    2.52                  }
    2.53 @@ -822,7 +833,8 @@
    2.54              if (msg->bcc) {
    2.55                  for (il = msg->bcc; il != NULL; il = il->next) {
    2.56                      if (il->ident) {
    2.57 -                        max_comm_type = _get_comm_type(session, max_comm_type, il->ident);
    2.58 +                        max_comm_type = _get_comm_type(session, max_comm_type,
    2.59 +                                il->ident);
    2.60                          comm_type_determined = true;
    2.61                      }
    2.62                  }
     3.1 --- a/src/mime.c	Wed Apr 15 12:31:08 2015 +0200
     3.2 +++ b/src/mime.c	Wed Apr 15 12:53:50 2015 +0200
     3.3 @@ -771,6 +771,9 @@
     3.4      assert(msg->mime == PEP_MIME_none);
     3.5      assert(mimetext);
     3.6  
     3.7 +    if (!(msg && msg->mime == PEP_MIME_none && mimetext))
     3.8 +        return PEP_ILLEGAL_VALUE;
     3.9 +
    3.10      *mimetext = NULL;
    3.11  
    3.12      switch (msg->enc_format) {
    3.13 @@ -1423,6 +1426,9 @@
    3.14      assert(mimetext);
    3.15      assert(msg);
    3.16  
    3.17 +    if (!(mimetext && msg))
    3.18 +        return PEP_ILLEGAL_VALUE;
    3.19 +
    3.20      *msg = NULL;
    3.21  
    3.22      index = 0;
     4.1 --- a/src/pEpEngine.c	Wed Apr 15 12:31:08 2015 +0200
     4.2 +++ b/src/pEpEngine.c	Wed Apr 15 12:53:50 2015 +0200
     4.3 @@ -31,6 +31,9 @@
     4.4          in_first = true;
     4.5  
     4.6  	assert(session);
     4.7 +    if (session == NULL)
     4.8 +        return PEP_ILLEGAL_VALUE;
     4.9 +
    4.10  	*session = NULL;
    4.11  
    4.12      pEpSession *_session = calloc(1, sizeof(pEpSession));
    4.13 @@ -254,6 +257,9 @@
    4.14      assert(init_count >= 0);
    4.15  	assert(session);
    4.16  
    4.17 +    if (!(init_count && session))
    4.18 +        return;
    4.19 +
    4.20      // a small race condition but still a race condition
    4.21      // mitigated by calling caveat (see documentation)
    4.22  
    4.23 @@ -305,6 +311,9 @@
    4.24  	assert(title);
    4.25  	assert(entity);
    4.26  
    4.27 +    if (!(session && title && entity))
    4.28 +        return PEP_ILLEGAL_VALUE;
    4.29 +
    4.30  	sqlite3_reset(session->log);
    4.31  	sqlite3_bind_text(session->log, 1, title, -1, SQLITE_STATIC);
    4.32  	sqlite3_bind_text(session->log, 2, entity, -1, SQLITE_STATIC);
    4.33 @@ -339,6 +348,9 @@
    4.34  	assert(word);
    4.35  	assert(wsize);
    4.36  
    4.37 +    if (!(session && word && wsize))
    4.38 +        return PEP_ILLEGAL_VALUE;
    4.39 +
    4.40  	*word = NULL;
    4.41  	*wsize = 0;
    4.42  
    4.43 @@ -387,6 +399,9 @@
    4.44  	assert(wsize);
    4.45  	assert(max_words >= 0);
    4.46  
    4.47 +    if (!(session && fingerprint && words && wsize && max_words >= 0))
    4.48 +        return PEP_ILLEGAL_VALUE;
    4.49 +
    4.50  	*words = NULL;
    4.51  	*wsize = 0;
    4.52  
    4.53 @@ -551,6 +566,9 @@
    4.54  	assert(address);
    4.55      assert(address[0]);
    4.56  
    4.57 +    if (!(session && address && address[0]))
    4.58 +        return PEP_ILLEGAL_VALUE;
    4.59 +
    4.60      sqlite3_reset(session->get_identity);
    4.61      sqlite3_bind_text(session->get_identity, 1, address, -1, SQLITE_STATIC);
    4.62  
    4.63 @@ -601,6 +619,10 @@
    4.64  	assert(identity->user_id);
    4.65  	assert(identity->username);
    4.66  
    4.67 +    if (!(session && identity && identity->address && identity->fpr &&
    4.68 +                identity->user_id && identity->username))
    4.69 +        return PEP_ILLEGAL_VALUE;
    4.70 +
    4.71  	sqlite3_exec(session->db, "BEGIN ;", NULL, NULL, NULL);
    4.72  
    4.73  	sqlite3_reset(session->set_person);
    4.74 @@ -681,6 +703,10 @@
    4.75      assert(identity->fpr);
    4.76      assert(identity->fpr[0]);
    4.77  
    4.78 +    if (!(session && identity && identity->user_id && identity->user_id[0] &&
    4.79 +                identity->fpr && identity->fpr[0]))
    4.80 +        return PEP_ILLEGAL_VALUE;
    4.81 +
    4.82      identity->comm_type = PEP_ct_unknown;
    4.83  
    4.84      sqlite3_reset(session->get_trust);
    4.85 @@ -717,6 +743,16 @@
    4.86      char **ptext, size_t *psize, stringlist_t **keylist
    4.87      )
    4.88  {
    4.89 +    assert(session);
    4.90 +    assert(ctext);
    4.91 +    assert(csize);
    4.92 +    assert(ptext);
    4.93 +    assert(psize);
    4.94 +    assert(keylist);
    4.95 +
    4.96 +    if (!(session && ctext && csize && ptext && psize && keylist && keylist))
    4.97 +        return PEP_ILLEGAL_VALUE;
    4.98 +
    4.99      return session->cryptotech[PEP_crypt_OpenPGP].decrypt_and_verify(session, ctext, csize, ptext, psize, keylist);
   4.100  }
   4.101  
   4.102 @@ -725,6 +761,16 @@
   4.103      size_t psize, char **ctext, size_t *csize
   4.104      )
   4.105  {
   4.106 +    assert(session);
   4.107 +    assert(keylist);
   4.108 +    assert(ptext);
   4.109 +    assert(psize);
   4.110 +    assert(ctext);
   4.111 +    assert(csize);
   4.112 +
   4.113 +    if (!(session && keylist && ptext && psize && ctext && csize))
   4.114 +        return PEP_ILLEGAL_VALUE;
   4.115 +
   4.116      return session->cryptotech[PEP_crypt_OpenPGP].encrypt_and_sign(session, keylist, ptext, psize, ctext, csize);
   4.117  }
   4.118  
   4.119 @@ -733,11 +779,27 @@
   4.120      const char *signature, size_t sig_size, stringlist_t **keylist
   4.121      )
   4.122  {
   4.123 +    assert(session);
   4.124 +    assert(text);
   4.125 +    assert(size);
   4.126 +    assert(signature);
   4.127 +    assert(sig_size);
   4.128 +    assert(keylist);
   4.129 +
   4.130 +    if (!(session && text && size && signature && sig_size && keylist))
   4.131 +        return PEP_ILLEGAL_VALUE;
   4.132 +
   4.133      return session->cryptotech[PEP_crypt_OpenPGP].verify_text(session, text, size, signature, sig_size, keylist);
   4.134  }
   4.135  
   4.136  DYNAMIC_API PEP_STATUS delete_keypair(PEP_SESSION session, const char *fpr)
   4.137  {
   4.138 +    assert(session);
   4.139 +    assert(fpr);
   4.140 +
   4.141 +    if (!(session && fpr))
   4.142 +        return PEP_ILLEGAL_VALUE;
   4.143 +
   4.144      return session->cryptotech[PEP_crypt_OpenPGP].delete_keypair(session, fpr);
   4.145  }
   4.146  
   4.147 @@ -745,6 +807,14 @@
   4.148          PEP_SESSION session, const char *fpr, char **key_data, size_t *size
   4.149      )
   4.150  {
   4.151 +    assert(session);
   4.152 +    assert(fpr);
   4.153 +    assert(key_data);
   4.154 +    assert(size);
   4.155 +
   4.156 +    if (!(session && fpr && key_data && size))
   4.157 +        return PEP_ILLEGAL_VALUE;
   4.158 +
   4.159      return session->cryptotech[PEP_crypt_OpenPGP].export_key(session, fpr, key_data, size);
   4.160  }
   4.161  
   4.162 @@ -752,6 +822,13 @@
   4.163          PEP_SESSION session, const char *pattern, stringlist_t **keylist
   4.164      )
   4.165  {
   4.166 +    assert(session);
   4.167 +    assert(pattern);
   4.168 +    assert(keylist);
   4.169 +
   4.170 +    if (!(session && pattern && keylist))
   4.171 +        return PEP_ILLEGAL_VALUE;
   4.172 +
   4.173      return session->cryptotech[PEP_crypt_OpenPGP].find_keys(session, pattern, keylist);
   4.174  }
   4.175  
   4.176 @@ -759,6 +836,16 @@
   4.177          PEP_SESSION session, pEp_identity *identity
   4.178      )
   4.179  {
   4.180 +    assert(session);
   4.181 +    assert(identity);
   4.182 +    assert(identity->address);
   4.183 +    assert(identity->fpr == NULL);
   4.184 +    assert(identity->username);
   4.185 +
   4.186 +    if (!(session && identity && identity->address && identity->fpr == NULL &&
   4.187 +                identity->username))
   4.188 +        return PEP_ILLEGAL_VALUE;
   4.189 +
   4.190      return session->cryptotech[PEP_crypt_OpenPGP].generate_keypair(session, identity);
   4.191  }
   4.192  
   4.193 @@ -768,20 +855,45 @@
   4.194          PEP_comm_type *comm_type
   4.195      )
   4.196  {
   4.197 +    assert(session);
   4.198 +    assert(fpr);
   4.199 +    assert(comm_type);
   4.200 +
   4.201 +    if (!(session && fpr && comm_type))
   4.202 +        return PEP_ILLEGAL_VALUE;
   4.203 +
   4.204      return session->cryptotech[PEP_crypt_OpenPGP].get_key_rating(session, fpr, comm_type);
   4.205  }
   4.206  
   4.207  DYNAMIC_API PEP_STATUS import_key(PEP_SESSION session, const char *key_data, size_t size)
   4.208  {
   4.209 +    assert(session);
   4.210 +    assert(key_data);
   4.211 +
   4.212 +    if (!(session && key_data))
   4.213 +        return PEP_ILLEGAL_VALUE;
   4.214 +
   4.215      return session->cryptotech[PEP_crypt_OpenPGP].import_key(session, key_data, size);
   4.216  }
   4.217  
   4.218  DYNAMIC_API PEP_STATUS recv_key(PEP_SESSION session, const char *pattern)
   4.219  {
   4.220 +    assert(session);
   4.221 +    assert(pattern);
   4.222 +
   4.223 +    if (!(session && pattern))
   4.224 +        return PEP_ILLEGAL_VALUE;
   4.225 +
   4.226      return session->cryptotech[PEP_crypt_OpenPGP].recv_key(session, pattern);
   4.227  }
   4.228  
   4.229  DYNAMIC_API PEP_STATUS send_key(PEP_SESSION session, const char *pattern)
   4.230  {
   4.231 +    assert(session);
   4.232 +    assert(pattern);
   4.233 +
   4.234 +    if (!(session && pattern))
   4.235 +        return PEP_ILLEGAL_VALUE;
   4.236 +
   4.237      return session->cryptotech[PEP_crypt_OpenPGP].send_key(session, pattern);
   4.238  }