Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Address code analysis warnings

Browse Source 
Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman
2019-08-22 20:44:38 +02:00
parent a459823beb
commit 6fb5cb88d2
60 changed files with 935 additions and 960 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/TTLS/src/Config.cpp
View File

@@ -45,7 +45,7 @@ eap::config_method_ttls::config_method_ttls(const _In_ config_method_ttls &other
}
eap::config_method_ttls::config_method_ttls(_Inout_ config_method_ttls &&other) :
eap::config_method_ttls::config_method_ttls(_Inout_ config_method_ttls &&other) noexcept :
m_inner(std::move(other.m_inner)),
m_anonymous_identity(std::move(other.m_anonymous_identity)),
config_method_tls(std::move(other))
@@ -65,7 +65,7 @@ eap::config_method_ttls& eap::config_method_ttls::operator=(const _In_ config_me
}
eap::config_method_ttls& eap::config_method_ttls::operator=(_Inout_ config_method_ttls &&other)
eap::config_method_ttls& eap::config_method_ttls::operator=(_Inout_ config_method_ttls &&other) noexcept
{
if (this != &other) {
(config_method_tls&&)*this = std::move(other);

6
lib/TTLS/src/Credentials.cpp
View File

@@ -41,7 +41,7 @@ eap::credentials_ttls::credentials_ttls(_In_ const credentials_ttls &other) :
}
eap::credentials_ttls::credentials_ttls(_Inout_ credentials_ttls &&other) :
eap::credentials_ttls::credentials_ttls(_Inout_ credentials_ttls &&other) noexcept :
m_inner(std::move(other.m_inner)),
credentials_tls(std::move(other))
{
@@ -59,7 +59,7 @@ eap::credentials_ttls& eap::credentials_ttls::operator=(_In_ const credentials_t
}
eap::credentials_ttls& eap::credentials_ttls::operator=(_Inout_ credentials_ttls &&other)
eap::credentials_ttls& eap::credentials_ttls::operator=(_Inout_ credentials_ttls &&other) noexcept
{
if (this != &other) {
(credentials_tls&)*this = std::move(other);
@@ -180,7 +180,7 @@ wstring eap::credentials_ttls::get_identity() const
eap::credentials::source_t eap::credentials_ttls::combine(
_In_ DWORD dwFlags,
_In_ HANDLE hTokenImpersonateUser,
_In_opt_ HANDLE hTokenImpersonateUser,
_In_opt_ const credentials *cred_cached,
_In_ const config_method &cfg,
_In_opt_z_ LPCTSTR pszTargetName)

28
lib/TTLS/src/Method.cpp
View File

@@ -37,7 +37,7 @@ eap::method_defrag::method_defrag(_In_ module &mod, _In_ method *inner) :
}
eap::method_defrag::method_defrag(_Inout_ method_defrag &&other) :
eap::method_defrag::method_defrag(_Inout_ method_defrag &&other) noexcept :
m_data_req (std::move(other.m_data_req)),
m_data_res (std::move(other.m_data_res)),
m_send_res (std::move(other.m_send_res)),
@@ -46,7 +46,7 @@ eap::method_defrag::method_defrag(_Inout_ method_defrag &&other) :
}
eap::method_defrag& eap::method_defrag::operator=(_Inout_ method_defrag &&other)
eap::method_defrag& eap::method_defrag::operator=(_Inout_ method_defrag &&other) noexcept
{
if (this != std::addressof(other)) {
(method_tunnel&)*this = std::move(other );
@@ -181,7 +181,7 @@ eap::method_eapmsg::method_eapmsg(_In_ module &mod, _In_ const wchar_t *identity
}
eap::method_eapmsg::method_eapmsg(_Inout_ method_eapmsg &&other) :
eap::method_eapmsg::method_eapmsg(_Inout_ method_eapmsg &&other) noexcept :
m_identity (std::move(other.m_identity )),
m_phase (std::move(other.m_phase )),
m_packet_res (std::move(other.m_packet_res)),
@@ -190,7 +190,7 @@ eap::method_eapmsg::method_eapmsg(_Inout_ method_eapmsg &&other) :
}
eap::method_eapmsg& eap::method_eapmsg::operator=(_Inout_ method_eapmsg &&other)
eap::method_eapmsg& eap::method_eapmsg::operator=(_Inout_ method_eapmsg &&other) noexcept
{
if (this != std::addressof(other)) {
(method_tunnel&)*this = std::move(other );
@@ -215,7 +215,7 @@ void eap::method_eapmsg::begin_session(
// Inner method can generate packets of up to 16MB (less the Diameter AVP header).
// Initialize inner method with appropriately less packet size maximum.
if (dwMaxSendPacketSize < sizeof(diameter_avp_header))
throw invalid_argument(string_printf(__FUNCTION__ " Maximum packet size too small (minimum: %u, available: %u).", sizeof(diameter_avp_header) + 1, dwMaxSendPacketSize));
throw invalid_argument(string_printf(__FUNCTION__ " Maximum packet size too small (minimum: %zu, available: %u).", sizeof(diameter_avp_header) + 1, dwMaxSendPacketSize));
assert(m_inner);
m_inner->begin_session(dwFlags, pAttributeArray, hTokenImpersonateUser, std::min<DWORD>(dwMaxSendPacketSize, 0xffffff) - sizeof(diameter_avp_header));
@@ -325,7 +325,7 @@ void eap::method_eapmsg::get_response_packet(
packet.insert(packet.end(), (unsigned int)((4 - size_packet) % 4), 0);
} else {
if (m_packet_res.size() > size_max)
throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %u, maximum: %u).", m_packet_res.size(), size_max));
throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %zu, maximum: %u).", m_packet_res.size(), size_max));
packet.assign(m_packet_res.begin(), m_packet_res.end());
}
@@ -344,10 +344,12 @@ eap::method_ttls::method_ttls(_In_ module &mod, _In_ config_method_ttls &cfg, _I
m_packet_res_inner(false),
method_tunnel(mod, inner)
{
m_eap_attr_desc.dwNumberOfAttributes = 0;
m_eap_attr_desc.pAttribs = NULL;
}
eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) :
eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) noexcept :
m_cfg ( other.m_cfg ),
m_cred ( other.m_cred ),
m_user_ctx (std::move(other.m_user_ctx )),
@@ -362,10 +364,12 @@ eap::method_ttls::method_ttls(_Inout_ method_ttls &&other) :
m_eap_attr (std::move(other.m_eap_attr )),
method_tunnel (std::move(other ))
{
m_eap_attr_desc.dwNumberOfAttributes = (DWORD)m_eap_attr.size();
m_eap_attr_desc.pAttribs = m_eap_attr.data();
}
eap::method_ttls& eap::method_ttls::operator=(_Inout_ method_ttls &&other)
eap::method_ttls& eap::method_ttls::operator=(_Inout_ method_ttls &&other) noexcept
{
if (this != std::addressof(other)) {
assert(std::addressof(m_cfg ) == std::addressof(other.m_cfg )); // Move method within same configuration only!
@@ -770,11 +774,11 @@ void eap::method_ttls::get_response_packet(
if (FAILED(status))
throw sec_runtime_error(status, __FUNCTION__ " Error getting Schannel required encryption sizes.");
if (m_packet_res.size() + sizes.cbHeader + sizes.cbTrailer > size_max)
throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %u, maximum: %u).", m_packet_res.size(), size_max));
throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %zu, maximum: %u).", m_packet_res.size(), size_max));
sizes.cbMaximumMessage = std::min<unsigned long>(sizes.cbMaximumMessage, size_max - (unsigned long)(m_packet_res.size() + sizes.cbHeader + sizes.cbTrailer));
// Get inner response packet.
packet.reserve(sizes.cbHeader + sizes.cbMaximumMessage + sizes.cbTrailer);
packet.reserve((size_t)sizes.cbHeader + sizes.cbMaximumMessage + sizes.cbTrailer);
method_tunnel::get_response_packet(packet, sizes.cbMaximumMessage);
if (!packet.empty()) {
DWORD size_data = (DWORD)packet.size();
@@ -799,7 +803,7 @@ void eap::method_ttls::get_response_packet(
m_packet_res.insert(m_packet_res.end(), reinterpret_cast<const unsigned char*>(buf[0].pvBuffer), reinterpret_cast<const unsigned char*>(buf[0].pvBuffer) + buf[0].cbBuffer + buf[1].cbBuffer + buf[2].cbBuffer);
}
} else if (m_packet_res.size() > size_max)
throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %u, maximum: %u).", m_packet_res.size(), size_max));
throw invalid_argument(string_printf(__FUNCTION__ " This method does not support packet fragmentation, but the data size is too big to fit in one packet (packet: %zu, maximum: %u).", m_packet_res.size(), size_max));
packet.assign(m_packet_res.begin(), m_packet_res.end());
}
@@ -819,7 +823,7 @@ void eap::method_ttls::get_result(
// Prepare EAP result attributes.
if (pResult->pAttribArray) {
m_eap_attr.reserve(pResult->pAttribArray->dwNumberOfAttributes + 3);
m_eap_attr.reserve((size_t)pResult->pAttribArray->dwNumberOfAttributes + 3);
m_eap_attr.clear();
// Copy all EAP attributes from inner method up to blank terminator. Exclude any MPPE-Recv-Key or MPPE-Send-Key if found.
for (auto attr = pResult->pAttribArray->pAttribs, attr_end = pResult->pAttribArray->pAttribs + pResult->pAttribArray->dwNumberOfAttributes; attr != attr_end && attr->eaType; ++attr) {

29
lib/TTLS/src/Module.cpp
View File

@@ -92,6 +92,8 @@ void eap::peer_ttls::get_identity(
_Out_ BOOL *pfInvokeUI,
_Out_ WCHAR **ppwszIdentity)
{
assert(ppUserDataOut);
assert(pdwUserDataOutSize);
assert(pfInvokeUI);
assert(ppwszIdentity);
@@ -111,7 +113,10 @@ void eap::peer_ttls::get_identity(
if ((dwFlags & EAP_FLAG_MACHINE_AUTH) == 0) {
// Per-user authentication, request UI.
log_event(&EAPMETHOD_TRACE_EVT_CRED_INVOKE_UI2, event_data::blank);
*ppUserDataOut = NULL;
*pdwUserDataOutSize = 0;
*pfInvokeUI = TRUE;
*ppwszIdentity = NULL;
return;
} else {
// Per-machine authentication, cannot use UI.
@@ -308,9 +313,9 @@ void eap::peer_ttls::process_request_packet(
void eap::peer_ttls::get_response_packet(
_In_ EAP_SESSION_HANDLE hSession,
_Inout_bytecap_(*dwSendPacketSize) EapPacket *pSendPacket,
_Inout_ DWORD *pdwSendPacketSize)
_In_ EAP_SESSION_HANDLE hSession,
_Out_bytecapcount_(*pdwSendPacketSize) EapPacket *pSendPacket,
_Inout_ DWORD *pdwSendPacketSize)
{
assert(pdwSendPacketSize);
assert(pSendPacket || !*pdwSendPacketSize);
@@ -393,8 +398,8 @@ void eap::peer_ttls::set_ui_context(
void eap::peer_ttls::get_response_attributes(
_In_ EAP_SESSION_HANDLE hSession,
_Inout_ EapAttributes *pAttribs)
_In_ EAP_SESSION_HANDLE hSession,
_Out_ EapAttributes *pAttribs)
{
static_cast<session*>(hSession)->m_method->get_response_attributes(pAttribs);
}
@@ -422,12 +427,12 @@ void eap::peer_ttls::spawn_crl_check(_Inout_ winstd::cert_context &&cert)
}
const eap::config_method_ttls* eap::peer_ttls::combine_credentials(
_Success_(return != 0) const eap::config_method_ttls* eap::peer_ttls::combine_credentials(
_In_ DWORD dwFlags,
_In_ const config_connection &cfg,
_In_count_(dwUserDataSize) const BYTE *pUserData,
_In_ DWORD dwUserDataSize,
_Out_ credentials_connection& cred_out,
_Inout_ credentials_connection& cred_out,
_In_ HANDLE hTokenImpersonateUser)
{
#if EAP_USE_NATIVE_CREDENTIAL_CACHE
@@ -560,7 +565,7 @@ eap::peer_ttls::crl_checker::crl_checker(_In_ module &mod, _Inout_ winstd::cert_
}
eap::peer_ttls::crl_checker::crl_checker(_Inout_ crl_checker &&other) :
eap::peer_ttls::crl_checker::crl_checker(_Inout_ crl_checker &&other) noexcept :
m_module( other.m_module ),
m_thread(std::move(other.m_thread)),
m_abort (std::move(other.m_abort )),
@@ -569,7 +574,7 @@ eap::peer_ttls::crl_checker::crl_checker(_Inout_ crl_checker &&other) :
}
eap::peer_ttls::crl_checker& eap::peer_ttls::crl_checker::operator=(_Inout_ crl_checker &&other)
eap::peer_ttls::crl_checker& eap::peer_ttls::crl_checker::operator=(_Inout_ crl_checker &&other) noexcept
{
if (this != std::addressof(other)) {
assert(std::addressof(m_module) == std::addressof(other.m_module)); // Move threads within same module only!
@@ -627,7 +632,7 @@ DWORD WINAPI eap::peer_ttls::crl_checker::verify(_In_ crl_checker *obj)
switch (status_rev.dwError) {
case CRYPT_E_NO_REVOCATION_CHECK:
// Revocation check could not be performed.
c += status_rev.dwIndex + 1;
c += (size_t)status_rev.dwIndex + 1;
if (c == c_end) {
// This "error" is expected for the root CA certificate.
} else {
@@ -663,7 +668,7 @@ DWORD WINAPI eap::peer_ttls::crl_checker::verify(_In_ crl_checker *obj)
}}
// Resume checking the rest of the chain.
c += status_rev.dwIndex + 1;
c += (size_t)status_rev.dwIndex + 1;
break;
case ERROR_SUCCESS:
@@ -674,7 +679,7 @@ DWORD WINAPI eap::peer_ttls::crl_checker::verify(_In_ crl_checker *obj)
default:
// Checking one of the certificates in the chain for revocation failed. Resume checking the rest.
obj->m_module.log_event(&EAPMETHOD_TLS_SERVER_CERT_REVOKE_FAILED, event_data((unsigned int)eap_type_ttls), event_data(subj), event_data(status_rev.dwError), event_data::blank);
c += status_rev.dwIndex + 1;
c += (size_t)status_rev.dwIndex + 1;
}
} else {
// Revocation check finished.

4
lib/TTLS/src/UIContext.cpp
View File

@@ -41,7 +41,7 @@ eap::ui_context_ttls::ui_context_ttls(_In_ const ui_context_ttls &other) :
}
eap::ui_context_ttls::ui_context_ttls(_Inout_ ui_context_ttls &&other) :
eap::ui_context_ttls::ui_context_ttls(_Inout_ ui_context_ttls &&other) noexcept :
m_data (std::move(other.m_data)),
ui_context(std::move(other ))
{
@@ -59,7 +59,7 @@ eap::ui_context_ttls& eap::ui_context_ttls::operator=(_In_ const ui_context_ttls
}
eap::ui_context_ttls& eap::ui_context_ttls::operator=(_Inout_ ui_context_ttls &&other)
eap::ui_context_ttls& eap::ui_context_ttls::operator=(_Inout_ ui_context_ttls &&other) noexcept
{
if (this != &other) {
(ui_context&)*this = std::move(other );