From 4ed91a1bb65769401c0fd6c1c5b2a3c64c0c1266 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Oct 2012 16:35:43 -0400
Subject: [PATCH 23/41] Add sanity checking to make sure we don't emit
 uninitialized hashes.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/cms_common.c   | 15 ++++++++++++++-
 src/content_info.c | 11 +++++++++++
 src/signer_info.c  |  5 +++++
 src/util.h         | 13 +++++++++++++
 4 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/src/cms_common.c b/src/cms_common.c
index a1ed460..ab5a066 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -532,6 +532,10 @@ generate_empty_sequence(cms_context *cms, SECItem *encoded)
 int
 generate_octet_string(cms_context *cms, SECItem *encoded, SECItem *original)
 {
+	if (content_is_empty(original->data, original->len)) {
+		cms->log(cms, LOG_ERR, "content is empty, not encoding");
+		return -1;
+	}
 	if (SEC_ASN1EncodeItem(cms->arena, encoded, original,
 			SEC_OctetStringTemplate) == NULL)
 		return -1;
@@ -942,7 +946,16 @@ generate_signature(cms_context *cms)
 {
 	int rc = 0;
 
-	assert(cms->digests[cms->selected_digest].pe_digest != NULL);
+	if (cms->digests[cms->selected_digest].pe_digest == NULL) {
+		cms->log(cms, LOG_ERR, "pe digest has not been allocated");
+		return -1;
+	}
+
+	if (content_is_empty(cms->digests[cms->selected_digest].pe_digest->data,
+			cms->digests[cms->selected_digest].pe_digest->len)) {
+		cms->log(cms, LOG_ERR, "pe binary has not been digested");
+		return -1;
+	}
 
 	SECItem sd_der;
 	memset(&sd_der, '\0', sizeof(sd_der));
diff --git a/src/content_info.c b/src/content_info.c
index 044e85e..7246d20 100644
--- a/src/content_info.c
+++ b/src/content_info.c
@@ -197,6 +197,11 @@ generate_spc_digest_info(cms_context *cms, SECItem *dip)
 	int i = cms->selected_digest;
 	memcpy(&di.digest, cms->digests[i].pe_digest, sizeof (di.digest));
 
+	if (content_is_empty(di.digest.data, di.digest.len)) {
+		cms->log(cms, LOG_ERR, "got empty digest");
+		return -1;
+	}
+
 	if (SEC_ASN1EncodeItem(cms->arena, dip, &di,
 						DigestInfoTemplate) == NULL) {
 		cms->log(cms, LOG_ERR, "could not encode DigestInfo: %s",
@@ -327,6 +332,12 @@ generate_cinfo_digest(cms_context *cms, SpcContentInfo *cip)
 				&cms->ci_digest->len,
 				digest_get_digest_size(cms)) != SECSuccess)
 		goto err;
+
+	if (content_is_empty(cms->ci_digest->data, cms->ci_digest->len)) {
+		cms->log(cms, LOG_ERR, "generated empty digest");
+		goto err;
+	}
+
 	if (cms->ci_digest->len > digest_get_digest_size(cms))
 		goto err;
 
diff --git a/src/signer_info.c b/src/signer_info.c
index 7a73c26..932b896 100644
--- a/src/signer_info.c
+++ b/src/signer_info.c
@@ -207,6 +207,11 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content)
 	if (!sign_content)
 		return -1;
 
+	if (content_is_empty(sign_content->data, sign_content->len)) {
+		cms->log(cms, LOG_ERR, "not signing empty digest");
+		return -1;
+	}
+
 	SECOidData *oid = SECOID_FindOIDByTag(digest_get_signature_oid(cms));
 	if (!oid)
 		goto err;
diff --git a/src/util.h b/src/util.h
index f495a0b..5e0ea34 100644
--- a/src/util.h
+++ b/src/util.h
@@ -110,6 +110,19 @@ free_poison(void  *addrv, ssize_t len)
 		addr[x] = poison_pills[x % 2];
 }
 
+static int
+__attribute__ ((unused))
+content_is_empty(uint8_t *data, ssize_t len)
+{
+	if (len < 1)
+		return 1;
+
+	for (int i = 0; i < len; i++)
+		if (data[i] != 0)
+			return 0;
+	return 1;
+}
+
 #if defined(DAEMON_H)
 static inline uint32_t
 __attribute__ ((unused))
-- 
1.7.12.1