diff --git a/modules/libmar/sign/mar_sign.c b/modules/libmar/sign/mar_sign.c index 2a08abfa0671..d43adbf39f65 100644 --- a/modules/libmar/sign/mar_sign.c +++ b/modules/libmar/sign/mar_sign.c @@ -263,7 +263,7 @@ strip_signature_block(const char *src, const char * dest) FILE *fpSrc = NULL, *fpDest = NULL; int rv = -1, hasSignatureBlock; char buf[BLOCKSIZE]; - char *indexBuf = NULL, *indexBufLoc; + char *indexBuf = NULL; if (!src || !dest) { fprintf(stderr, "ERROR: Invalid parameter passed in.\n"); @@ -433,7 +433,6 @@ strip_signature_block(const char *src, const char * dest) /* Consume the index and adjust each index by the difference */ indexBuf = malloc(indexLength); - indexBufLoc = indexBuf; if (fread(indexBuf, indexLength, 1, fpSrc) != 1) { fprintf(stderr, "ERROR: Could not read index\n"); goto failure; @@ -837,7 +836,7 @@ mar_repackage_and_sign(const char *NSSConfigDir, char buf[BLOCKSIZE]; SECKEYPrivateKey *privKeys[MAX_SIGNATURES]; CERTCertificate *certs[MAX_SIGNATURES]; - char *indexBuf = NULL, *indexBufLoc; + char *indexBuf = NULL; uint32_t k; memset(signatureLengths, 0, sizeof(signatureLengths)); @@ -1059,7 +1058,6 @@ mar_repackage_and_sign(const char *NSSConfigDir, /* Consume the index and adjust each index by signatureSectionLength */ indexBuf = malloc(indexLength); - indexBufLoc = indexBuf; if (fread(indexBuf, indexLength, 1, fpSrc) != 1) { fprintf(stderr, "ERROR: Could not read index\n"); goto failure; diff --git a/modules/libmar/src/mar_read.c b/modules/libmar/src/mar_read.c index c2a2e19c3659..17744cdfce79 100644 --- a/modules/libmar/src/mar_read.c +++ b/modules/libmar/src/mar_read.c @@ -406,10 +406,12 @@ mar_read_product_info_block(MarFile *mar, /* The buffer size is 97 bytes because the MAR channel name < 64 bytes, and product version < 32 bytes + 3 NULL terminator bytes. */ char buf[97] = { '\0' }; - int ret = get_mar_file_info_fp(mar->fp, NULL, NULL, - &hasAdditionalBlocks, - &offsetAdditionalBlocks, - &numAdditionalBlocks); + if (get_mar_file_info_fp(mar->fp, NULL, NULL, + &hasAdditionalBlocks, + &offsetAdditionalBlocks, + &numAdditionalBlocks) != 0) { + return -1; + } for (i = 0; i < numAdditionalBlocks; ++i) { /* Read the additional block size */ if (fread(&additionalBlockSize, diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c index 19bdcc8e63cf..3cbc9fd3aaac 100644 --- a/modules/libmar/tool/mar.c +++ b/modules/libmar/tool/mar.c @@ -125,7 +125,10 @@ int main(int argc, char **argv) { #if !defined(NO_SIGN_VERIFY) uint32_t fileSizes[MAX_SIGNATURES]; const uint8_t* certBuffers[MAX_SIGNATURES]; +#if ((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)) || \ + ((defined(XP_WIN) || defined(XP_MACOSX)) && !defined(MAR_NSS)) char* DERFilePaths[MAX_SIGNATURES]; +#endif #if (!defined(XP_WIN) && !defined(XP_MACOSX)) || defined(MAR_NSS) CERTCertificate* certs[MAX_SIGNATURES]; #endif diff --git a/modules/libmar/verify/mar_verify.c b/modules/libmar/verify/mar_verify.c index 07e4354ce1ab..3e32ab2665d3 100644 --- a/modules/libmar/verify/mar_verify.c +++ b/modules/libmar/verify/mar_verify.c @@ -194,11 +194,8 @@ mar_extract_and_verify_signatures_fp(FILE *fp, CryptoX_ProviderHandle provider, CryptoX_PublicKey *keys, uint32_t keyCount) { - char buf[5] = {0}; uint32_t signatureCount, signatureLen, numVerified = 0; uint32_t signatureAlgorithmIDs[MAX_SIGNATURES]; - int rv = -1; - int64_t curPos; uint8_t *extractedSignatures[MAX_SIGNATURES]; uint32_t i; @@ -286,13 +283,17 @@ mar_extract_and_verify_signatures_fp(FILE *fp, } } - curPos = ftello(fp); - rv = mar_verify_signatures_for_fp(fp, - provider, - keys, - (const uint8_t * const *)extractedSignatures, - signatureCount, - &numVerified); + if (ftello(fp) == -1) { + return CryptoX_Error; + } + if (mar_verify_signatures_for_fp(fp, + provider, + keys, + (const uint8_t * const *)extractedSignatures, + signatureCount, + &numVerified) == CryptoX_Error) { + return CryptoX_Error; + } for (i = 0; i < signatureCount; ++i) { free(extractedSignatures[i]); }