Closed simo5 closed 2 months ago
@Jakuje although this is still a draft, would you mind taking a look at the general approach and let me know what you think?
coverity found an issue:
*** CID 496758: Memory - illegal accesses (OVERRUN)
/src/provider.c: 1203 in p11prov_query_operation()
1197 p11prov_query_operation(void *provctx, int operation_id, int *no_cache)
1198 {
1199 P11PROV_CTX *ctx = (P11PROV_CTX *)provctx;
1200
1201 if (operation_id > OSSL_OP__HIGHEST
1202 || ctx->blocked_ops[operation_id] == true) {
>>> CID 496758: Memory - illegal accesses (OVERRUN)
>>> Overrunning array "p11prov_block_ops_names" of 23 8-byte elements at element index 23 (byte offset 191) using index "operation_id" (which evaluates to 23).
1203 P11PROV_debug("Blocked operation: %s (%d)",
1204 p11prov_block_ops_names[operation_id], operation_id);
1205 *no_cache = 0;
1206 return NULL;
1207 }
1208
Will adjust the debug statement to not overflow the struct.
Adds attributes needed to deal with FIPS Indicators.
This will only be standardized in PKCS#11 3.2 so for now this is a Draft PR.
Resolves #46