keydbcfg: Add missing error checks (invalid hexstring)

5ceca4fd · npzacs · hpi1 · 58fb6beb · 5ceca4fd
Commit 5ceca4fd authored Jul 14, 2020 by npzacs Committed by hpi1 Jul 22, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 7 deletions

src/file/keydbcfg.c src/file/keydbcfg.c +9 -7

No files found.
--- a/src/file/keydbcfg.c
+++ b/src/file/keydbcfg.c
@@ -168,9 +168,10 @@ static int _parse_pk_file(config_file *cf, AACS_FILE_H *fp)

                pk_list *e = calloc(1, sizeof(pk_list));
                if (e) {
-                    hexstring_to_hex_array(e->key, 16, str);
-
-                    if (_is_duplicate_pk(cf->pkl, e->key)) {
+                    if (!hexstring_to_hex_array(e->key, 16, str)) {
+                        BD_DEBUG(DBG_FILE, "Skipping invalid processing key %s\n", str);
+                        X_FREE(e);
+                    } else if (_is_duplicate_pk(cf->pkl, e->key)) {
                        BD_DEBUG(DBG_FILE, "Skipping duplicate processing key %s\n", str);
                        X_FREE(e);
                    } else {
@@ -229,10 +230,11 @@ static int _parse_cert_file(config_file *cf, AACS_FILE_H *fp)

            cert_list  *e = calloc(1, sizeof(cert_list));
            if (e) {
-                hexstring_to_hex_array(e->host_priv_key, 20, host_priv_key);
-                hexstring_to_hex_array(e->host_cert, 92, host_cert);
-
-                if (_is_duplicate_cert(cf->host_cert_list, e)) {
+                if (!hexstring_to_hex_array(e->host_priv_key, 20, host_priv_key) ||
+                    !hexstring_to_hex_array(e->host_cert, 92, host_cert)) {
+                    BD_DEBUG(DBG_FILE, "Skipping invalid certificate entry %s %s\n", host_priv_key, host_cert);
+                    X_FREE(e);
+                } else if (_is_duplicate_cert(cf->host_cert_list, e)) {
                    BD_DEBUG(DBG_FILE, "Skipping duplicate certificate entry %s %s\n", host_priv_key, host_cert);
                    X_FREE(e);
                } else {