Update authenticode-parser, use-after-free, signedness issues

Chenyangming9 · Jun 12, 2022 · 42d1694 · 42d1694
1 parent f9ac9ec
commit 42d1694
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 8 deletions.
diff --git a/deps/authenticode-parser/include/authenticode-parser/authenticode.h b/deps/authenticode-parser/include/authenticode-parser/authenticode.h
@@ -174,7 +174,7 @@ void initialize_authenticode_parser();
  * @param pe_len
  * @return AuthenticodeArray*
  */
-AuthenticodeArray* parse_authenticode(const uint8_t* pe_data, long pe_len);
+AuthenticodeArray* parse_authenticode(const uint8_t* pe_data, uint64_t pe_len);
 
 /**
  * @brief Constructs AuthenticodeArray from binary data containing Authenticode

diff --git a/deps/authenticode-parser/src/authenticode.c b/deps/authenticode-parser/src/authenticode.c
@@ -302,8 +302,8 @@ AuthenticodeArray* authenticode_new(const uint8_t* data, long len)
 
     Authenticode* auth = (Authenticode*)calloc(1, sizeof(*auth));
     if (!auth) {
-        free(result);
         free(result->signatures);
+        free(result);
         return NULL;
     }
 
@@ -523,9 +523,9 @@ static int authenticode_digest(
     return 1;
 }
 
-AuthenticodeArray* parse_authenticode(const uint8_t* pe_data, long pe_len)
+AuthenticodeArray* parse_authenticode(const uint8_t* pe_data, uint64_t pe_len)
 {
-    const int dos_hdr_size = 0x40;
+    const uint64_t dos_hdr_size = 0x40;
     if (pe_len < dos_hdr_size)
         return NULL;
 

diff --git a/deps/authenticode-parser/src/certificate.c b/deps/authenticode-parser/src/certificate.c
@@ -129,15 +129,14 @@ CertificateArray* parse_signer_chain(X509* signCert, STACK_OF(X509) * certs)
 
     int certCount = sk_X509_num(chain);
 
-    CertificateArray* result = (CertificateArray*)malloc(sizeof(*result));
+    CertificateArray* result = (CertificateArray*)calloc(1, sizeof(*result));
     if (!result)
         goto error;
 
-    result->certs = (Certificate**)malloc(sizeof(Certificate*) * certCount);
+    result->certs = (Certificate**)calloc(certCount, sizeof(Certificate*));
     if (!result->certs)
         goto error;
 
-    result->count = 0;
     /* Convert each certificate to internal representation */
     for (int i = 0; i < certCount; ++i) {
         Certificate* cert = certificate_new(sk_X509_value(chain, i));
@@ -153,12 +152,12 @@ CertificateArray* parse_signer_chain(X509* signCert, STACK_OF(X509) * certs)
     return result;
 
 error: /* In case of error, return nothing */
-    free(result);
     if (result) {
         for (size_t i = 0; i < result->count; ++i) {
             certificate_free(result->certs[i]);
         }
         free(result->certs);
+        free(result);
     }
     X509_STORE_free(store);
     X509_STORE_CTX_free(storeCtx);