Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Off-by-one error in pool consistency check #420

Merged
merged 1 commit into from
Jul 22, 2024
Merged

Conversation

glguy
Copy link
Contributor

@glguy glguy commented Jul 10, 2024

I'm getting a segmentation fault on this line because pool->objects can be NULL. I suspect this > should be >=, though I'm not quite sure.

Description

Checklist

  • Code modified for feature
  • Test suite updated with functionality tests
  • Test suite updated with negative tests
  • Documentation updated

Reviewer's checklist:

  • Any issues marked for closing are addressed
  • There is a test suite reasonably covering new functionality or modifications
  • This feature/change has adequate documentation added
  • Code conform to coding style that today cannot yet be enforced via the check style test
  • Commits have short titles and sensible commit messages
  • Coverity Scan has run if needed (code PR) and no new defects were found

I'm getting a segmentation fault on this line because pool->objects can be NULL. I suspect this > should be >=, though I'm not quite sure.

Signed-off-by: Eric Mertens <emertens@gmail.com>
@simo5 simo5 added the covscan Triggers Coverity Scanner label Jul 22, 2024
@simo5
Copy link
Member

simo5 commented Jul 22, 2024

Good catch, but odd that you hit that condition

@github-actions github-actions bot removed the covscan Triggers Coverity Scanner label Jul 22, 2024
@simo5 simo5 added the covscan-ok Coverity scan passed label Jul 22, 2024
@simo5 simo5 merged commit fe03d43 into latchset:main Jul 22, 2024
41 checks passed
@glguy glguy deleted the patch-1 branch July 22, 2024 16:37
@glguy
Copy link
Contributor Author

glguy commented Jul 22, 2024

Thanks for the merge. I'm able to generate that condition in some cases using the PIV application on my YubiKey when I use a sufficiently general URI to query the private key. I haven't narrowed down the actual failure and I understand that ideally this consistency condition should never fail. I know that I can cause it to stop happening when I include ;type=private in my URI. So my hunch is that one of the other object types that pkcs11:id=%01 or pkcs11:id=%02 on my device matches isn't completely supported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
covscan-ok Coverity scan passed
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants