Merge pull request #2 from srajiv/key-bugs2

Please review these 2 commits (v2)

Author: srajiv

.gitignore

@@ -0,0 +1,23 @@
+*~
+*.o
+*.lo
+Makefile
+Makefile.in
+*.3
+*.8
+ABOUT-NLS
+aclocal.m4
+autom4te.cache
+config.guess
+config.h.in
+config.rpath
+config.sub
+configure
+cscope.out
+depcomp
+install-sh
+ltmain.sh
+m4
+missing
+po
+

lib/tpm_unseal.c

@@ -185,6 +185,11 @@ int tpmUnsealFile( char* fname, unsigned char** tss_data, int* tss_size,
 	BIO_free(b64);
 	b64 = NULL;
 	bioRc = BIO_reset(bmem);
+	if (bioRc != 1) {
+		tpm_errno = EIO;
+		rc = TPMSEAL_STD_ERROR;
+		goto out;
+	}
 
 	/* Check for EVP Key Type Header */
 	BIO_gets(bdata, data, sizeof(data));
@@ -252,6 +257,11 @@ int tpmUnsealFile( char* fname, unsigned char** tss_data, int* tss_size,
 	BIO_free(b64);
 	b64 = NULL;
 	bioRc = BIO_reset(bmem);
+	if (bioRc != 1) {
+		tpm_errno = EIO;
+		rc = TPMSEAL_STD_ERROR;
+		goto out;
+	}
 
 	/* Read the base64 encrypted data into the memory BIO */
 	while ((rcLen = BIO_gets(bdata, data, sizeof(data))) > 0) {
@@ -419,7 +429,8 @@ int tpmUnsealFile( char* fname, unsigned char** tss_data, int* tss_size,
 	bmem = BIO_pop(b64);
 	BIO_free(b64);
 	b64 = NULL;
-	bioRc = BIO_reset(bmem);
+	/* a BIO_reset failure shouldn't have an affect at this point */
+	BIO_reset(bmem);
 
 tss_out:
 	Tspi_Context_Close(hContext);
@@ -433,7 +444,7 @@ int tpmUnsealFile( char* fname, unsigned char** tss_data, int* tss_size,
 	if ( b64 )
 		BIO_free(b64);
 	if ( bmem ) {
-		bioRc = BIO_set_close(bmem, BIO_CLOSE);
+		BIO_set_close(bmem, BIO_CLOSE);
 		BIO_free(bmem);
 	}
 

src/cmds/tpm_unsealdata.c

@@ -92,12 +92,12 @@ int main(int argc, char **argv)
 			printf("%c", tss_data[i]);
 		goto out;
 	} else if ((fp = fopen(out_filename, "w")) == NULL) {
-			logError(_("Unable to open output file"));
+			logError(_("Unable to open output file\n"));
 			goto out;
 	}
 
 	if (fwrite(tss_data, tss_size, 1, fp) != 1) {
-		logError(_("Unable to write output file"));
+		logError(_("Unable to write output file\n"));
 		goto out;
 	}
 	fclose(fp);

src/data_mgmt/data_common.h

@@ -47,6 +47,7 @@
 #define TOKEN_MEMORY_ERROR		_("Error, unable to allocate needed memory\n")
 #define TOKEN_OPENSSL_ERROR		_("Error, OpenSSL error: %s\n")
 #define TOKEN_FILE_OPEN_ERROR		_("Error, unable to open file %s: %s\n")
+#define TOKEN_FILE_WRITE_ERROR		_("Error writing to file %s: %s\n")
 
 #define TOKEN_CMD_SUCCESS		_("%s succeeded\n")
 #define TOKEN_CMD_FAILED		_("%s failed\n")

src/data_mgmt/data_protect.c

@@ -380,9 +380,15 @@ writeData( CK_BYTE  *a_pbData,
 	}
 
 	// Write the previous buffer if there is one
-	if ( g_pbOutData && ( g_ulOutDataLen > 0 ) )
+	if ( g_pbOutData && ( g_ulOutDataLen > 0 ) ) {
 		tWriteCount = fwrite( g_pbOutData, 1, g_ulOutDataLen, g_pOutFile );
 
+		if ( tWriteCount != g_ulOutDataLen ) {
+			logError(TOKEN_FILE_WRITE_ERROR, g_pOutFile, "short write");
+			return -1;
+		}
+	}
+
 	if ( a_bMoreData ) {
 		// Allocate a (new) buffer if necessary
 		if ( a_ulDataLen > g_ulOutBuffLen ) {
@@ -403,9 +409,15 @@ writeData( CK_BYTE  *a_pbData,
 	}
 	else {
 		// No more data so write the last piece of data
-		if ( a_ulDataLen > 0 )
+		if ( a_ulDataLen > 0 ) {
 			tWriteCount = fwrite( a_pbData, 1, a_ulDataLen, g_pOutFile );
 
+			if ( tWriteCount != a_ulDataLen ) {
+				logError(TOKEN_FILE_WRITE_ERROR, g_pOutFile, "short write");
+				return -1;
+			}
+		}
+
 		fclose( g_pOutFile );
 	}
 

src/tpm_mgmt/tpm_present.c

@@ -228,7 +228,7 @@ static BOOL confirmLifeLock(TSS_HCONTEXT hContext, TSS_HTPM hTpm)
 	scanCount = scanf("%5s", rsp);
 
 	 /* TRANSLATORS: this should be the affirmative letter that was  prompted for in the message corresponding to: "Are you sure you want to continue?[y/N]" */ 
-	if (strcmp(rsp, _("y")) == 0) { 
+	if (scanCount >= 1 && strcmp(rsp, _("y")) == 0) {
 		logMsg
 		    (_("Setting the lifetime lock was confirmed.\nContinuing.\n"));
 		bRc = TRUE;