Bug Summary

File:jdk/src/jdk.crypto.cryptoki/unix/native/libj2pkcs11/p11_md.c
Warning:line 232, column 43
Access to field 'pFunctionList' results in a dereference of a null pointer (loaded from variable 'interface')

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name p11_md.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -mthread-model posix -fno-delete-null-pointer-checks -mframe-pointer=all -relaxed-aliasing -fmath-errno -fno-rounding-math -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib/llvm-10/lib/clang/10.0.0 -I /home/daniel/Projects/java/jdk/build/linux-x86_64-server-fastdebug/support/modules_include/java.base -I /home/daniel/Projects/java/jdk/build/linux-x86_64-server-fastdebug/support/modules_include/java.base/linux -I /home/daniel/Projects/java/jdk/src/java.base/share/native/libjava -I /home/daniel/Projects/java/jdk/src/java.base/unix/native/libjava -I /home/daniel/Projects/java/jdk/src/hotspot/share/include -I /home/daniel/Projects/java/jdk/src/hotspot/os/posix/include -D LIBC=gnu -D _GNU_SOURCE -D _REENTRANT -D _LARGEFILE64_SOURCE -D LINUX -D DEBUG -D _LITTLE_ENDIAN -D ARCH="amd64" -D amd64 -D _LP64=1 -I /home/daniel/Projects/java/jdk/src/jdk.crypto.cryptoki/unix/native/libj2pkcs11 -I /home/daniel/Projects/java/jdk/src/jdk.crypto.cryptoki/share/native/libj2pkcs11 -I /home/daniel/Projects/java/jdk/build/linux-x86_64-server-fastdebug/support/headers/jdk.crypto.cryptoki -D _FORTIFY_SOURCE=2 -internal-isystem /usr/local/include -internal-isystem /usr/lib/llvm-10/lib/clang/10.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wno-unused-parameter -Wno-unused -std=c99 -fdebug-compilation-dir /home/daniel/Projects/java/jdk/make -ferror-limit 19 -fmessage-length 0 -fvisibility hidden -stack-protector 1 -fgnuc-version=4.2.1 -fobjc-runtime=gcc -fdiagnostics-show-option -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -o /home/daniel/Projects/java/scan/2021-12-21-193737-8510-1 -x c /home/daniel/Projects/java/jdk/src/jdk.crypto.cryptoki/unix/native/libj2pkcs11/p11_md.c
1/*
2 * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
3 */
4
5/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright notice,
14 * this list of conditions and the following disclaimer in the documentation
15 * and/or other materials provided with the distribution.
16 *
17 * 3. The end-user documentation included with the redistribution, if any, must
18 * include the following acknowledgment:
19 *
20 * "This product includes software developed by IAIK of Graz University of
21 * Technology."
22 *
23 * Alternately, this acknowledgment may appear in the software itself, if
24 * and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of
27 * Technology" must not be used to endorse or promote products derived from
28 * this software without prior written permission.
29 *
30 * 5. Products derived from this software may not be called
31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
32 * written permission of Graz University of Technology.
33 *
34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48/*
49 * pkcs11wrapper.c
50 * 18.05.2001
51 *
52 * This module contains the native functions of the Java to PKCS#11 interface
53 * which are platform dependent. This includes loading a dynamic link libary,
54 * retrieving the function list and unloading the dynamic link library.
55 *
56 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
57 */
58
59#include "pkcs11wrapper.h"
60
61#include <stdio.h>
62#include <stdlib.h>
63#include <string.h>
64#include <assert.h>
65
66#include <dlfcn.h>
67
68#include <jni.h>
69
70#include "sun_security_pkcs11_wrapper_PKCS11.h"
71
72/*
73 * Class: sun_security_pkcs11_wrapper_PKCS11
74 * Method: connect
75 * Signature: (Ljava/lang/String;)Lsun/security/pkcs11/wrapper/CK_VERSION;
76 */
77JNIEXPORT__attribute__((visibility("default"))) jobject JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_connect
78 (JNIEnv *env, jobject obj, jstring jPkcs11ModulePath,
79 jstring jGetFunctionList) {
80
81 void *hModule;
82 char *error;
83 int i;
84 CK_ULONG ulCount = 0;
85 CK_C_GetInterfaceList C_GetInterfaceList = NULL((void*)0);
86 CK_INTERFACE_PTR iList = NULL((void*)0);
87 CK_C_GetInterface C_GetInterface = NULL((void*)0);
88 CK_INTERFACE_PTR interface = NULL((void*)0);
1
'interface' initialized to a null pointer value
89 CK_C_GetFunctionList C_GetFunctionList = NULL((void*)0);
90 CK_RV rv;
91 ModuleData *moduleData = NULL((void*)0);
92 jobject globalPKCS11ImplementationReference;
93 char *systemErrorMessage;
94 char *exceptionMessage;
95 const char *getFunctionListStr = NULL((void*)0);
96
97 const char *libraryNameStr = (*env)->GetStringUTFChars(env,
98 jPkcs11ModulePath, 0);
99 if (libraryNameStr == NULL((void*)0)) {
2
Assuming 'libraryNameStr' is not equal to NULL
3
Taking false branch
100 return NULL((void*)0);
101 }
102 TRACE1("Connect: connect to PKCS#11 module: %s ... ", libraryNameStr);
103
104 /*
105 * Load the PKCS #11 DLL
106 */
107 dlerror(); /* clear any old error message not fetched */
108#ifdef DEBUG1
109 hModule = dlopen(libraryNameStr, RTLD_NOW0x00002);
110#else
111 hModule = dlopen(libraryNameStr, RTLD_LAZY0x00001);
112#endif /* DEBUG */
113
114 if (hModule == NULL((void*)0)) {
4
Assuming 'hModule' is not equal to NULL
5
Taking false branch
115 systemErrorMessage = dlerror();
116 exceptionMessage = (char *) malloc(sizeof(char) * (strlen(systemErrorMessage) + strlen(libraryNameStr) + 1));
117 if (exceptionMessage == NULL((void*)0)) {
118 throwOutOfMemoryError(env, 0);
119 goto cleanup;
120 }
121 strcpy(exceptionMessage, systemErrorMessage);
122 strcat(exceptionMessage, libraryNameStr);
123 throwIOException(env, exceptionMessage);
124 free(exceptionMessage);
125 goto cleanup;
126 }
127
128 // clear any old error message not fetched
129 dlerror();
130
131#ifdef DEBUG1
132 C_GetInterfaceList = (CK_C_GetInterfaceList) dlsym(hModule,
133 "C_GetInterfaceList");
134 if (C_GetInterfaceList != NULL((void*)0)) {
6
Assuming 'C_GetInterfaceList' is equal to NULL
7
Taking false branch
135 TRACE0("Connect: Found C_GetInterfaceList func\n");
136 rv = (C_GetInterfaceList)(NULL((void*)0), &ulCount);
137 if (rv == CKR_OK0x00000000UL) {
138 TRACE1("Connect: interface list size %ld \n", ulCount);
139 // retrieve available interfaces and report their info
140 iList = (CK_INTERFACE_PTR)
141 malloc(ulCount*sizeof(CK_INTERFACE));
142 rv = C_GetInterfaceList(iList, &ulCount);
143 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK0L) {
144 TRACE0("Connect: error polling interface list\n");
145 goto cleanup;
146 }
147 for (i=0; i < (int)ulCount; i++) {
148 TRACE4("Connect: name %s, version %d.%d, flags 0x%lX\n",
149 iList[i].pInterfaceName,
150 ((CK_VERSION *)iList[i].pFunctionList)->major,
151 ((CK_VERSION *)iList[i].pFunctionList)->minor,
152 iList[i].flags);
153 }
154 } else {
155 TRACE0("Connect: error polling interface list size\n");
156 }
157 } else {
158 TRACE0("Connect: No C_GetInterfaceList func\n");
159 }
160#endif
161
162 if (jGetFunctionList != NULL((void*)0)) {
8
Assuming 'jGetFunctionList' is equal to NULL
9
Taking false branch
163 getFunctionListStr = (*env)->GetStringUTFChars(env,
164 jGetFunctionList, 0);
165 if (getFunctionListStr == NULL((void*)0)) {
166 goto cleanup;
167 }
168 C_GetFunctionList = (CK_C_GetFunctionList) dlsym(hModule,
169 getFunctionListStr);
170 if ((systemErrorMessage = dlerror()) != NULL((void*)0)){
171 throwIOException(env, systemErrorMessage);
172 goto cleanup;
173 }
174 if (C_GetFunctionList == NULL((void*)0)) {
175 TRACE1("Connect: No %s func\n", getFunctionListStr);
176 throwIOException(env, "ERROR: C_GetFunctionList == NULL");
177 goto cleanup;
178 }
179 TRACE1("Connect: Found %s func\n", getFunctionListStr);
180 } else {
181 // if none specified, then we try 3.0 API first before trying 2.40
182 C_GetInterface = (CK_C_GetInterface) dlsym(hModule, "C_GetInterface");
183 if ((C_GetInterface != NULL((void*)0)) && (dlerror() == NULL((void*)0))) {
10
Assuming 'C_GetInterface' is equal to NULL
184 TRACE0("Connect: Found C_GetInterface func\n");
185 rv = (C_GetInterface)(NULL((void*)0), NULL((void*)0), &interface, 0L);
186 if (ckAssertReturnValueOK(env, rv) == CK_ASSERT_OK0L) {
187 goto setModuleData;
188 }
189 }
190 C_GetFunctionList = (CK_C_GetFunctionList) dlsym(hModule,
191 "C_GetFunctionList");
192 if ((systemErrorMessage = dlerror()) != NULL((void*)0)){
11
Assuming the condition is false
12
Taking false branch
193 throwIOException(env, systemErrorMessage);
194 goto cleanup;
195 }
196 if (C_GetFunctionList == NULL((void*)0)) {
13
Assuming 'C_GetFunctionList' is not equal to NULL
14
Taking false branch
197 TRACE0("Connect: No C_GetFunctionList func\n");
198 throwIOException(env, "ERROR: C_GetFunctionList == NULL");
199 goto cleanup;
200 }
201 TRACE0("Connect: Found C_GetFunctionList func\n");
202 }
203
204setModuleData:
205 /*
206 * Get function pointers to all PKCS #11 functions
207 */
208 moduleData = (ModuleData *) malloc(sizeof(ModuleData));
209 if (moduleData == NULL((void*)0)) {
15
Assuming 'moduleData' is not equal to NULL
16
Taking false branch
210 dlclose(hModule);
211 throwOutOfMemoryError(env, 0);
212 goto cleanup;
213 }
214 moduleData->hModule = hModule;
215 moduleData->applicationMutexHandler = NULL((void*)0);
216 if (C_GetFunctionList
16.1
'C_GetFunctionList' is not equal to NULL
 != NULL((void*)0)) {
17
Taking true branch
217 rv = (C_GetFunctionList)(&(moduleData->ckFunctionListPtr));
218 if (ckAssertReturnValueOK(env, rv) != CK_ASSERT_OK0L) {
18
Assuming the condition is false
19
Taking false branch
219 goto cleanup;
220 }
221 } else if (interface != NULL((void*)0)) {
222 moduleData->ckFunctionListPtr = interface->pFunctionList;
223 if (((CK_VERSION *)moduleData->ckFunctionListPtr)->major == 3) {
224 moduleData->ckFunctionList30Ptr = interface->pFunctionList;
225 }
226 } else {
227 // should never happen
228 throwIOException(env, "ERROR: No function list ptr found");
229 goto cleanup;
230 }
231 if (((CK_VERSION *)moduleData->ckFunctionListPtr)->major == 3) {
20
Assuming field 'major' is equal to 3
21
Taking true branch
232 moduleData->ckFunctionList30Ptr = interface->pFunctionList;
22
Access to field 'pFunctionList' results in a dereference of a null pointer (loaded from variable 'interface')
233 } else {
234 moduleData->ckFunctionList30Ptr = NULL((void*)0);
235 }
236
237 TRACE2("Connect: FunctionListPtr version = %d.%d\n",
238 ((CK_VERSION *)moduleData->ckFunctionListPtr)->major,
239 ((CK_VERSION *)moduleData->ckFunctionListPtr)->minor);
240
241 globalPKCS11ImplementationReference = (*env)->NewGlobalRef(env, obj);
242 putModuleEntry(env, globalPKCS11ImplementationReference, moduleData);
243
244cleanup:
245 if (jPkcs11ModulePath != NULL((void*)0) && libraryNameStr != NULL((void*)0)) {
246 (*env)->ReleaseStringUTFChars(env, jPkcs11ModulePath, libraryNameStr);
247 }
248 if (jGetFunctionList != NULL((void*)0) && getFunctionListStr != NULL((void*)0)) {
249 (*env)->ReleaseStringUTFChars(env, jGetFunctionList,
250 getFunctionListStr);
251 }
252 TRACE0("Connect: FINISHED\n");
253 if (moduleData != NULL((void*)0)) {
254 return ckVersionPtrToJVersion(env,
255 (CK_VERSION *)moduleData->ckFunctionListPtr);
256 } else {
257 return NULL((void*)0);
258 }
259}
260
261
262/*
263 * Class: sun_security_pkcs11_wrapper_PKCS11
264 * Method: disconnect
265 * Signature: ()V
266 */
267JNIEXPORT__attribute__((visibility("default"))) void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_disconnect
268 (JNIEnv *env, jobject obj)
269{
270 ModuleData *moduleData;
271 TRACE0("DEBUG: disconnecting module...");
272 moduleData = removeModuleEntry(env, obj);
273
274 if (moduleData != NULL((void*)0)) {
275 dlclose(moduleData->hModule);
276 }
277
278 free(moduleData);
279 TRACE0("FINISHED\n");
280
281}