From b252694ce6aafcdec2dd268196029f17ab0c6335 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Wed, 19 Oct 2016 02:00:43 -0400
Subject: Shake first round of bugs out of hal_rpc_pkey_match().

The filtering code for this function has not been tested yet.
---
 rpc_server.c | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

(limited to 'rpc_server.c')

diff --git a/rpc_server.c b/rpc_server.c
index d9e640a..18f6823 100644
--- a/rpc_server.c
+++ b/rpc_server.c
@@ -672,6 +672,7 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit
     hal_session_handle_t session;
     uint32_t type, curve, attributes_len, result_max, previous_uuid_len;
     const uint8_t *previous_uuid_ptr;
+    hal_uuid_t previous_uuid;
     hal_key_flags_t flags;
     hal_error_t ret;
 
@@ -695,27 +696,30 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit
     check(hal_xdr_decode_int(iptr, ilimit, &result_max));
     check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &previous_uuid_ptr, &previous_uuid_len));
 
-    if (previous_uuid_len != sizeof(hal_uuid_t))
+    if (previous_uuid_len != sizeof(previous_uuid.uuid))
         return HAL_ERROR_KEY_NAME_TOO_LONG;
 
+    memcpy(previous_uuid.uuid, previous_uuid_ptr, sizeof(previous_uuid.uuid));
+
     hal_uuid_t result[result_max];
     unsigned result_len;
 
     ret = hal_rpc_local_pkey_dispatch.match(client, session, type, curve, flags,
                                             attributes, attributes_len,
                                             result, &result_len, result_max,
-                                            (hal_uuid_t *) previous_uuid_ptr);
+                                            &previous_uuid);
 
     if (ret == HAL_OK) {
         uint8_t *optr_orig = *optr;
-        check(hal_xdr_encode_int(optr, olimit, result_len));
-        for (int i = 0; i < result_len; ++i) {
-            if ((ret = hal_xdr_encode_buffer(optr, olimit, result[i].uuid,
-                                             sizeof(result[i].uuid))) != HAL_OK) {
-                *optr = optr_orig;
-                break;
-            }
-        }
+        ret = hal_xdr_encode_int(optr, olimit, result_len);
+        for (int i = 0; ret == HAL_OK && i < result_len; ++i)
+            ret = hal_xdr_encode_buffer(optr, olimit, result[i].uuid,
+                                        sizeof(result[i].uuid));
+        if (ret == HAL_OK)
+            ret = hal_xdr_encode_buffer(optr, olimit, previous_uuid.uuid,
+                                        sizeof(previous_uuid.uuid));
+        if (ret != HAL_OK)
+            *optr = optr_orig;
     }
 
     return ret;
-- 
cgit v1.2.3