Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

ID 3. C style pointer casting from security audit fixed

Browse Source
This commit is contained in:
Simon Rozman
2016-10-03 11:40:30 +02:00
parent 28408fcea7
commit 559ffc5ead
20 changed files with 178 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/EAPBase/include/EAP.h
View File

@@ -772,7 +772,7 @@ inline void operator<<(_Inout_ eap::cursor_out &cursor, _In_ const unsigned int
{
eap::cursor_out::ptr_type ptr_end = cursor.ptr + sizeof(unsigned int);
assert(ptr_end <= cursor.ptr_end);
*(unsigned int*)cursor.ptr = val;
*reinterpret_cast<unsigned int*>(cursor.ptr) = val;
cursor.ptr = ptr_end;
}
@@ -788,7 +788,7 @@ inline void operator>>(_Inout_ eap::cursor_in &cursor, _Out_ unsigned int &val)
{
eap::cursor_in::ptr_type ptr_end = cursor.ptr + sizeof(unsigned int);
assert(ptr_end <= cursor.ptr_end);
val = *(unsigned int*)cursor.ptr;
val = *reinterpret_cast<const unsigned int*>(cursor.ptr);
cursor.ptr = ptr_end;
}

6
lib/EAPBase/include/Module.h
View File

@@ -330,12 +330,12 @@ namespace eap
// Import the 256-bit AES session key.
winstd::crypt_key key_aes;
if (!CryptImportKey(hProv, (LPCBYTE)data, 268, key_rsa, 0, &key_aes))
if (!CryptImportKey(hProv, reinterpret_cast<LPCBYTE>(data), 268, key_rsa, 0, &key_aes))
throw win_runtime_error(__FUNCTION__ " CryptImportKey failed.");
// Decrypt the data using AES session key.
std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > buf;
buf.assign((const unsigned char*)data + 268, (const unsigned char*)data + size);
buf.assign(reinterpret_cast<const unsigned char*>(data) + 268, reinterpret_cast<const unsigned char*>(data) + size);
if (!CryptDecrypt(key_aes, hHash, TRUE, 0, buf))
throw win_runtime_error(__FUNCTION__ " CryptDecrypt failed.");
@@ -412,7 +412,7 @@ namespace eap
std::vector<unsigned char> hash_bin;
if (!CryptGetHashParam(hash, HP_HASHVAL, hash_bin, 0))
throw win_runtime_error(__FUNCTION__ " Calculating MD5 hash failed.");
if (memcmp((unsigned char*)data + enc_size, hash_bin.data(), dwHashSize) != 0)
if (memcmp(reinterpret_cast<const unsigned char*>(data) + enc_size, hash_bin.data(), dwHashSize) != 0)
throw invalid_argument(__FUNCTION__ " Invalid encrypted data.");
return dec;

12
lib/EAPBase/src/Config.cpp
View File

@@ -242,9 +242,9 @@ eap::config_method_with_cred::config_method_with_cred(_In_ module &mod, _In_ uns
eap::config_method_with_cred::config_method_with_cred(_In_ const config_method_with_cred &other) :
m_use_cred (other.m_use_cred ),
m_cred (other.m_cred ? (credentials*)other.m_cred->clone() : nullptr),
config_method(other )
m_use_cred (other.m_use_cred ),
m_cred (other.m_cred ? dynamic_cast<credentials*>(other.m_cred->clone()) : nullptr),
config_method(other )
{
}
@@ -262,7 +262,7 @@ eap::config_method_with_cred& eap::config_method_with_cred::operator=(_In_ const
if (this != &other) {
(config_method&)*this = other;
m_use_cred = other.m_use_cred;
m_cred.reset(other.m_cred ? (credentials*)other.m_cred->clone() : nullptr);
m_cred.reset(other.m_cred ? dynamic_cast<credentials*>(other.m_cred->clone()) : nullptr);
}
return *this;
@@ -376,7 +376,7 @@ eap::config_provider::config_provider(_In_ const config_provider &other) :
{
m_methods.reserve(other.m_methods.size());
for (vector<unique_ptr<config_method> >::const_iterator method = other.m_methods.cbegin(), method_end = other.m_methods.cend(); method != method_end; ++method)
m_methods.push_back(std::move(unique_ptr<config_method>(*method ? (config_method*)method->get()->clone() : nullptr)));
m_methods.push_back(std::move(unique_ptr<config_method>(*method ? dynamic_cast<config_method*>(method->get()->clone()) : nullptr)));
}
@@ -415,7 +415,7 @@ eap::config_provider& eap::config_provider::operator=(_In_ const config_provider
m_methods.clear();
m_methods.reserve(other.m_methods.size());
for (vector<unique_ptr<config_method> >::const_iterator method = other.m_methods.cbegin(), method_end = other.m_methods.cend(); method != method_end; ++method)
m_methods.push_back(std::move(unique_ptr<config_method>(*method ? (config_method*)method->get()->clone() : nullptr)));
m_methods.push_back(std::move(unique_ptr<config_method>(*method ? dynamic_cast<config_method*>(method->get()->clone()) : nullptr)));
}
return *this;

50
lib/EAPBase/src/Credentials.cpp
View File

@@ -363,8 +363,8 @@ void eap::credentials_pass::store(_In_z_ LPCTSTR pszTargetName, _In_ unsigned in
WideCharToMultiByte(CP_UTF8, 0, m_password.c_str(), (int)m_password.length(), cred_utf8, NULL, NULL);
// Encrypt the password using user's key.
DATA_BLOB cred_blob = { (DWORD)cred_utf8.size() , (LPBYTE)cred_utf8.data() };
DATA_BLOB entropy_blob = { sizeof(s_entropy), (LPBYTE)s_entropy };
DATA_BLOB cred_blob = { (DWORD)cred_utf8.size() , const_cast<LPBYTE>(reinterpret_cast<LPCBYTE>(cred_utf8.data())) };
DATA_BLOB entropy_blob = { sizeof(s_entropy), const_cast<LPBYTE>( s_entropy ) };
data_blob cred_enc;
if (!CryptProtectData(&cred_blob, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &cred_enc))
throw win_runtime_error(__FUNCTION__ " CryptProtectData failed.");
@@ -375,18 +375,18 @@ void eap::credentials_pass::store(_In_z_ LPCTSTR pszTargetName, _In_ unsigned in
assert(cred_enc.cbData < CRED_MAX_CREDENTIAL_BLOB_SIZE);
assert(m_identity.length() < CRED_MAX_USERNAME_LENGTH );
CREDENTIAL cred = {
0, // Flags
CRED_TYPE_GENERIC, // Type
(LPTSTR)target.c_str(), // TargetName
_T(""), // Comment
{ 0, 0 }, // LastWritten
cred_enc.cbData, // CredentialBlobSize
cred_enc.pbData, // CredentialBlob
CRED_PERSIST_ENTERPRISE, // Persist
0, // AttributeCount
NULL, // Attributes
NULL, // TargetAlias
(LPTSTR)m_identity.c_str() // UserName
0, // Flags
CRED_TYPE_GENERIC, // Type
const_cast<LPTSTR>(target.c_str()), // TargetName
_T(""), // Comment
{ 0, 0 }, // LastWritten
cred_enc.cbData, // CredentialBlobSize
cred_enc.pbData, // CredentialBlob
CRED_PERSIST_ENTERPRISE, // Persist
0, // AttributeCount
NULL, // Attributes
NULL, // TargetAlias
const_cast<LPTSTR>(m_identity.c_str()) // UserName
};
if (!CredWrite(&cred, 0))
throw win_runtime_error(__FUNCTION__ " CredWrite failed.");
@@ -403,14 +403,14 @@ void eap::credentials_pass::retrieve(_In_z_ LPCTSTR pszTargetName, _In_ unsigned
throw win_runtime_error(__FUNCTION__ " CredRead failed.");
// Decrypt the password using user's key.
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , (LPBYTE)s_entropy };
DATA_BLOB cred_enc = { cred->CredentialBlobSize, cred->CredentialBlob };
DATA_BLOB entropy_blob = { sizeof(s_entropy) , const_cast<LPBYTE>(s_entropy) };
data_blob cred_int;
if (!CryptUnprotectData(&cred_enc, NULL, &entropy_blob, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN | CRYPTPROTECT_VERIFY_PROTECTION, &cred_int))
throw win_runtime_error(__FUNCTION__ " CryptUnprotectData failed.");
// Convert password from UTF-8.
MultiByteToWideChar(CP_UTF8, 0, (LPCSTR)cred_int.pbData, (int)cred_int.cbData, m_password);
MultiByteToWideChar(CP_UTF8, 0, reinterpret_cast<LPCSTR>(cred_int.pbData), (int)cred_int.cbData, m_password);
SecureZeroMemory(cred_int.pbData, cred_int.cbData);
if (cred->UserName)
@@ -443,14 +443,14 @@ eap::credentials::source_t eap::credentials_pass::combine(
{
if (cred_cached) {
// Using EAP service cached credentials.
*this = *(credentials_pass*)cred_cached;
*this = *dynamic_cast<const credentials_pass*>(cred_cached);
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CACHED1, event_data((unsigned int)cfg.get_method_id()), event_data(credentials_pass::get_name()), event_data::blank);
return source_cache;
}
if (cfg.m_use_cred) {
// Using configured credentials.
*this = *(credentials_pass*)cfg.m_cred.get();
*this = *dynamic_cast<const credentials_pass*>(cfg.m_cred.get());
m_module.log_event(&EAPMETHOD_TRACE_EVT_CRED_CONFIG1, event_data((unsigned int)cfg.get_method_id()), event_data(credentials_pass::get_name()), event_data::blank);
return source_config;
}
@@ -553,11 +553,11 @@ eap::credentials_connection::credentials_connection(_In_ module &mod, _In_ const
eap::credentials_connection::credentials_connection(_In_ const credentials_connection &other) :
m_cfg (other.m_cfg ),
m_namespace(other.m_namespace),
m_id (other.m_id ),
m_cred (other.m_cred ? (credentials*)other.m_cred->clone() : nullptr),
config (other )
m_cfg (other.m_cfg ),
m_namespace(other.m_namespace ),
m_id (other.m_id ),
m_cred (other.m_cred ? dynamic_cast<credentials*>(other.m_cred->clone()) : nullptr),
config (other )
{
}
@@ -578,7 +578,7 @@ eap::credentials_connection& eap::credentials_connection::operator=(_In_ const c
(config&)*this = other;
m_namespace = other.m_namespace;
m_id = other.m_id;
m_cred.reset(other.m_cred ? (credentials*)other.m_cred->clone() : nullptr);
m_cred.reset(other.m_cred ? dynamic_cast<credentials*>(other.m_cred->clone()) : nullptr);
}
return *this;

14
lib/EAPBase/src/Method.cpp
View File

@@ -169,13 +169,13 @@ void eap::method_noneap::append_avp(_In_ unsigned int code, _In_ unsigned char f
// Diameter AVP header
diameter_avp_header hdr;
*(unsigned int*)hdr.code = htonl(code);
*reinterpret_cast<unsigned int*>(hdr.code) = htonl(code);
hdr.flags = flags;
hton24(size_outer, hdr.length);
m_packet_res.insert(m_packet_res.end(), (unsigned char*)&hdr, (unsigned char*)(&hdr + 1));
m_packet_res.insert(m_packet_res.end(), reinterpret_cast<const unsigned char*>(&hdr), reinterpret_cast<const unsigned char*>(&hdr + 1));
// Data
m_packet_res.insert(m_packet_res.end(), (unsigned char*)data, (unsigned char*)data + size);
m_packet_res.insert(m_packet_res.end(), reinterpret_cast<const unsigned char*>(data), reinterpret_cast<const unsigned char*>(data) + size);
m_packet_res.insert(m_packet_res.end(), padding, 0);
}
@@ -195,13 +195,13 @@ void eap::method_noneap::append_avp(_In_ unsigned int code, _In_ unsigned int ve
// Diameter AVP header
diameter_avp_header_ven hdr;
*(unsigned int*)hdr.code = htonl(code);
*reinterpret_cast<unsigned int*>(hdr.code) = htonl(code);
hdr.flags = flags | diameter_avp_flag_vendor;
hton24(size_outer, hdr.length);
*(unsigned int*)hdr.vendor = htonl(vendor_id);
m_packet_res.insert(m_packet_res.end(), (unsigned char*)&hdr, (unsigned char*)(&hdr + 1));
*reinterpret_cast<unsigned int*>(hdr.vendor) = htonl(vendor_id);
m_packet_res.insert(m_packet_res.end(), reinterpret_cast<const unsigned char*>(&hdr), reinterpret_cast<const unsigned char*>(&hdr + 1));
// Data
m_packet_res.insert(m_packet_res.end(), (unsigned char*)data, (unsigned char*)data + size);
m_packet_res.insert(m_packet_res.end(), reinterpret_cast<const unsigned char*>(data), reinterpret_cast<const unsigned char*>(data) + size);
m_packet_res.insert(m_packet_res.end(), padding, 0);
}

6
lib/EAPBase/src/Module.cpp
View File

@@ -69,13 +69,13 @@ EAP_ERROR* eap::module::make_error(_In_ DWORD dwErrorCode, _In_opt_z_ LPCWSTR ps
pError->repairGuid = pRepairGuid != NULL ? *pRepairGuid : GUID_NULL;
pError->helpLinkGuid = pHelpLinkGuid != NULL ? *pHelpLinkGuid : GUID_NULL;
if (nRootCauseSize) {
pError->pRootCauseString = (LPWSTR)p;
pError->pRootCauseString = const_cast<LPWSTR>(reinterpret_cast<LPCWSTR>(p));
memcpy(pError->pRootCauseString, pszRootCauseString, nRootCauseSize);
p += nRootCauseSize;
} else
pError->pRootCauseString = NULL;
if (nRepairStringSize) {
pError->pRepairString = (LPWSTR)p;
pError->pRepairString = const_cast<LPWSTR>(reinterpret_cast<LPCWSTR>(p));
memcpy(pError->pRepairString, pszRepairString, nRepairStringSize);
p += nRepairStringSize;
} else
@@ -201,7 +201,7 @@ std::vector<unsigned char> eap::module::encrypt(_In_ HCRYPTPROV hProv, _In_bytec
std::vector<unsigned char> enc(buf.begin(), buf.end());
// Pre-allocate memory to allow space, as encryption will grow the data.
buf.assign((const unsigned char*)data, (const unsigned char*)data + size);
buf.assign(reinterpret_cast<const unsigned char*>(data), reinterpret_cast<const unsigned char*>(data) + size);
DWORD dwBlockLen;
if (!CryptGetKeyParam(key_aes, KP_BLOCKLEN, dwBlockLen, 0)) dwBlockLen = 0;
buf.reserve((size + dwBlockLen) / dwBlockLen * dwBlockLen);