Lots of changes to CertificateInfo memory handling
diff --git a/poppler/CertificateInfo.cc b/poppler/CertificateInfo.cc
index dc78631..e10bfdd 100644
--- a/poppler/CertificateInfo.cc
+++ b/poppler/CertificateInfo.cc
@@ -5,6 +5,8 @@
// This file is licensed under the GPLv2 or later
//
// Copyright 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@gmail.com>
+// Copyright 2018 Albert Astals Cid <aacid@kde.org>
+// Copyright 2018 Oliver Sander <oliver.sander@tu-dresden.de>
//
//========================================================================
@@ -13,27 +15,94 @@
#include <string.h>
#include <stdlib.h>
-X509CertificateInfo::X509CertificateInfo()
+X509CertificateInfo::PublicKeyInfo::PublicKeyInfo() :
+ publicKey(nullptr),
+ publicKeyType(OTHERKEY),
+ publicKeyStrength(0)
{
- memset(&issuer_info, 0, sizeof issuer_info);
- memset(&subject_info, 0, sizeof subject_info);
- cert_serial = nullptr;
- cert_der = nullptr;
- ku_extensions = KU_NONE;
- cert_version = -1;
- is_self_signed = false;
+}
+
+X509CertificateInfo::PublicKeyInfo::~PublicKeyInfo()
+{
+ delete publicKey;
+}
+
+X509CertificateInfo::PublicKeyInfo::PublicKeyInfo(X509CertificateInfo::PublicKeyInfo &&other)
+{
+ publicKey = other.publicKey;
+ publicKeyType = other.publicKeyType;
+ publicKeyStrength = other.publicKeyStrength;
+ other.publicKey = nullptr;
+}
+
+X509CertificateInfo::PublicKeyInfo &X509CertificateInfo::PublicKeyInfo::operator=(X509CertificateInfo::PublicKeyInfo &&other)
+{
+ delete publicKey;
+ publicKey = other.publicKey;
+ publicKeyType = other.publicKeyType;
+ publicKeyStrength = other.publicKeyStrength;
+ other.publicKey = nullptr;
+ return *this;
+}
+
+X509CertificateInfo::EntityInfo::EntityInfo() :
+ commonName(nullptr),
+ distinguishedName(nullptr),
+ email(nullptr),
+ organization(nullptr)
+{
+}
+
+X509CertificateInfo::EntityInfo::~EntityInfo()
+{
+ free(commonName);
+ free(distinguishedName);
+ free(email);
+ free(organization);
+}
+
+X509CertificateInfo::EntityInfo::EntityInfo(X509CertificateInfo::EntityInfo &&other)
+{
+ commonName = other.commonName;
+ distinguishedName = other.distinguishedName;
+ email = other.email;
+ organization = other.organization;
+ other.commonName = nullptr;
+ other.distinguishedName = nullptr;
+ other.email = nullptr;
+ other.organization = nullptr;
+}
+
+X509CertificateInfo::EntityInfo &X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo &&other)
+{
+ free(commonName);
+ free(distinguishedName);
+ free(email);
+ free(organization);
+ commonName = other.commonName;
+ distinguishedName = other.distinguishedName;
+ email = other.email;
+ organization = other.organization;
+ other.commonName = nullptr;
+ other.distinguishedName = nullptr;
+ other.email = nullptr;
+ other.organization = nullptr;
+ return *this;
+}
+
+X509CertificateInfo::X509CertificateInfo() :
+ cert_serial(nullptr),
+ cert_der(nullptr),
+ ku_extensions(KU_NONE),
+ cert_version(-1),
+ is_self_signed(false)
+{
}
X509CertificateInfo::~X509CertificateInfo()
{
- free(issuer_info.commonName);
- free(issuer_info.distinguishedName);
- free(issuer_info.email);
- free(issuer_info.organization);
- free(subject_info.commonName);
- free(subject_info.distinguishedName);
- free(subject_info.email);
- free(subject_info.organization);
+ delete cert_serial;
+ delete cert_der;
}
int X509CertificateInfo::getVersion() const
@@ -41,27 +110,27 @@
return cert_version;
}
-GooString *X509CertificateInfo::getSerialNumber() const
+const GooString &X509CertificateInfo::getSerialNumber() const
{
- return cert_serial;
+ return *cert_serial;
}
-X509CertificateInfo::EntityInfo X509CertificateInfo::getIssuerInfo() const
+const X509CertificateInfo::EntityInfo &X509CertificateInfo::getIssuerInfo() const
{
return issuer_info;
}
-X509CertificateInfo::Validity X509CertificateInfo::getValidity() const
+const X509CertificateInfo::Validity &X509CertificateInfo::getValidity() const
{
return cert_validity;
}
-X509CertificateInfo::EntityInfo X509CertificateInfo::getSubjectInfo() const
+const X509CertificateInfo::EntityInfo &X509CertificateInfo::getSubjectInfo() const
{
return subject_info;
}
-X509CertificateInfo::PublicKeyInfo X509CertificateInfo::getPublicKeyInfo() const
+const X509CertificateInfo::PublicKeyInfo &X509CertificateInfo::getPublicKeyInfo() const
{
return public_key_info;
}
@@ -71,9 +140,9 @@
return ku_extensions;
}
-GooString *X509CertificateInfo::getCertificateDER() const
+const GooString &X509CertificateInfo::getCertificateDER() const
{
- return cert_der;
+ return *cert_der;
}
bool X509CertificateInfo::getIsSelfSigned() const
@@ -88,12 +157,13 @@
void X509CertificateInfo::setSerialNumber(GooString *serialNumber)
{
+ delete cert_serial;
cert_serial = serialNumber;
}
-void X509CertificateInfo::setIssuerInfo(EntityInfo issuerInfo)
+void X509CertificateInfo::setIssuerInfo(EntityInfo &&issuerInfo)
{
- issuer_info = issuerInfo;
+ issuer_info = std::move(issuerInfo);
}
void X509CertificateInfo::setValidity(Validity validity)
@@ -101,14 +171,14 @@
cert_validity = validity;
}
-void X509CertificateInfo::setSubjectInfo(EntityInfo subjectInfo)
+void X509CertificateInfo::setSubjectInfo(EntityInfo &&subjectInfo)
{
- subject_info = subjectInfo;
+ subject_info = std::move(subjectInfo);
}
-void X509CertificateInfo::setPublicKeyInfo(PublicKeyInfo pkInfo)
+void X509CertificateInfo::setPublicKeyInfo(PublicKeyInfo &&pkInfo)
{
- public_key_info = pkInfo;
+ public_key_info = std::move(pkInfo);
}
void X509CertificateInfo::setKeyUsageExtensions(unsigned int keyUsages)
@@ -118,6 +188,7 @@
void X509CertificateInfo::setCertificateDER(GooString *certDer)
{
+ delete cert_der;
cert_der = certDer;
}
diff --git a/poppler/CertificateInfo.h b/poppler/CertificateInfo.h
index b01fcf5..2fed918 100644
--- a/poppler/CertificateInfo.h
+++ b/poppler/CertificateInfo.h
@@ -6,6 +6,7 @@
//
// Copyright 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@gmail.com>
// Copyright 2018 Albert Astals Cid <aacid@kde.org>
+// Copyright 2018 Oliver Sander <oliver.sander@tu-dresden.de>
//
//========================================================================
@@ -42,12 +43,30 @@
~X509CertificateInfo();
struct PublicKeyInfo {
+ PublicKeyInfo();
+ ~PublicKeyInfo();
+
+ PublicKeyInfo(PublicKeyInfo &&);
+ PublicKeyInfo &operator=(PublicKeyInfo &&);
+
+ PublicKeyInfo(const PublicKeyInfo &) = delete;
+ PublicKeyInfo &operator=(const PublicKeyInfo &) = delete;
+
GooString *publicKey;
PublicKeyType publicKeyType;
unsigned int publicKeyStrength; // in bits
};
struct EntityInfo {
+ EntityInfo();
+ ~EntityInfo();
+
+ EntityInfo(EntityInfo &&);
+ EntityInfo &operator=(EntityInfo &&);
+
+ EntityInfo(const EntityInfo &) = delete;
+ EntityInfo &operator=(const EntityInfo &) = delete;
+
char *commonName;
char *distinguishedName;
char *email;
@@ -55,28 +74,30 @@
};
struct Validity {
+ Validity() : notBefore(0), notAfter(0) {}
+
time_t notBefore;
time_t notAfter;
};
/* GETTERS */
int getVersion() const;
- GooString *getSerialNumber() const;
- EntityInfo getIssuerInfo() const;
- Validity getValidity() const;
- EntityInfo getSubjectInfo() const;
- PublicKeyInfo getPublicKeyInfo() const;
+ const GooString &getSerialNumber() const;
+ const EntityInfo &getIssuerInfo() const;
+ const Validity &getValidity() const;
+ const EntityInfo &getSubjectInfo() const;
+ const PublicKeyInfo &getPublicKeyInfo() const;
unsigned int getKeyUsageExtensions() const;
- GooString *getCertificateDER() const;
+ const GooString &getCertificateDER() const;
bool getIsSelfSigned() const;
/* SETTERS */
void setVersion(int);
void setSerialNumber(GooString *);
- void setIssuerInfo(EntityInfo);
+ void setIssuerInfo(EntityInfo &&);
void setValidity(Validity);
- void setSubjectInfo(EntityInfo);
- void setPublicKeyInfo(PublicKeyInfo);
+ void setSubjectInfo(EntityInfo &&);
+ void setPublicKeyInfo(PublicKeyInfo &&);
void setKeyUsageExtensions(unsigned int);
void setCertificateDER(GooString *);
void setIsSelfSigned(bool);
diff --git a/poppler/Form.cc b/poppler/Form.cc
index 51caa4d..77a5207 100644
--- a/poppler/Form.cc
+++ b/poppler/Form.cc
@@ -1271,7 +1271,7 @@
GooString* tok = new GooString(da, i, j - i);
if (searchTok && !tok->cmp(searchTok))
idx = daToks->getLength();
- daToks->push_back(tok);
+ daToks->push_back(tok);
i = j;
}
}
diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc
index 87ca859..9c739d0 100644
--- a/poppler/SignatureHandler.cc
+++ b/poppler/SignatureHandler.cc
@@ -11,6 +11,7 @@
// Copyright 2017 Sebastian Rasmussen <sebras@gmail.com>
// Copyright 2017 Hans-Ulrich Jüttner <huj@froreich-bioscientia.de>
// Copyright 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@protonmail.com>
+// Copyright 2018 Oliver Sander <oliver.sander@tu-dresden.de>
//
//========================================================================
@@ -81,39 +82,47 @@
return static_cast<time_t>(sTime/1000000);
}
-void SignatureHandler::getEntityInfo(X509CertificateInfo::EntityInfo *info, CERTName *entityName)
+X509CertificateInfo::EntityInfo SignatureHandler::getEntityInfo(CERTName *entityName) const
{
- if (!info || !entityName)
- return;
+ X509CertificateInfo::EntityInfo info;
- memset(info, 0, sizeof *info);
+ if (!entityName)
+ return info;
char *dn = CERT_NameToAscii(entityName);
if (dn) {
- info->distinguishedName = copyString(dn);
+ info.distinguishedName = copyString(dn);
PORT_Free(dn);
}
char *cn = CERT_GetCommonName(entityName);
if (cn) {
- info->commonName = copyString(cn);
+ info.commonName = copyString(cn);
PORT_Free(cn);
}
char *email = CERT_GetCertEmailAddress(entityName);
if (email) {
- info->email = copyString(email);
+ info.email = copyString(email);
PORT_Free(email);
}
char *org = CERT_GetOrgName(entityName);
if (org) {
- info->organization = copyString(org);
+ info.organization = copyString(org);
PORT_Free(org);
}
+
+ return info;
}
-X509CertificateInfo *SignatureHandler::getCertificateInfo()
+static GooString *SECItemToGooString(const SECItem &secItem)
+{
+ // TODO do we need to handle secItem.type;
+ return new GooString((const char *)secItem.data, secItem.len);
+}
+
+X509CertificateInfo *SignatureHandler::getCertificateInfo() const
{
if (!CMSSignerInfo)
return nullptr;
@@ -123,16 +132,12 @@
return nullptr;
X509CertificateInfo *certInfo = new X509CertificateInfo;
- if (!certInfo)
- return nullptr;
certInfo->setVersion(DER_GetInteger(&cert->version) + 1);
certInfo->setSerialNumber(SECItemToGooString(cert->serialNumber));
//issuer info
- X509CertificateInfo::EntityInfo issuerInfo;
- getEntityInfo(&issuerInfo, &cert->issuer);
- certInfo->setIssuerInfo(issuerInfo);
+ certInfo->setIssuerInfo(getEntityInfo(&cert->issuer));
//validity
PRTime notBefore, notAfter;
@@ -143,9 +148,7 @@
certInfo->setValidity(certValidity);
//subject info
- X509CertificateInfo::EntityInfo subjectInfo;
- getEntityInfo(&subjectInfo, &cert->subject);
- certInfo->setSubjectInfo(subjectInfo);
+ certInfo->setSubjectInfo(getEntityInfo(&cert->subject));
//public key info
X509CertificateInfo::PublicKeyInfo pkInfo;
@@ -170,7 +173,7 @@
break;
}
pkInfo.publicKeyStrength = SECKEY_PublicKeyStrengthInBits(pk);
- certInfo->setPublicKeyInfo(pkInfo);
+ certInfo->setPublicKeyInfo(std::move(pkInfo));
certInfo->setKeyUsageExtensions(cert->keyUsage);
certInfo->setCertificateDER(SECItemToGooString(cert->derCert));
@@ -473,8 +476,3 @@
return CERTIFICATE_GENERIC_ERROR;
}
}
-
-GooString *SignatureHandler::SECItemToGooString(SECItem secItem)
-{
- return new GooString((const char *)secItem.data, secItem.len);
-}
diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h
index 5c47d24..8302a28 100644
--- a/poppler/SignatureHandler.h
+++ b/poppler/SignatureHandler.h
@@ -8,6 +8,8 @@
// Copyright 2015 André Esser <bepandre@hotmail.com>
// Copyright 2015, 2017 Albert Astals Cid <aacid@kde.org>
// Copyright 2017 Hans-Ulrich Jüttner <huj@froreich-bioscientia.de>
+// Copyright 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@protonmail.com>
+// Copyright 2018 Oliver Sander <oliver.sander@tu-dresden.de>
//
//========================================================================
@@ -45,14 +47,12 @@
NSSCMSVerificationStatus validateSignature();
// Use -1 as validation_time for now
SECErrorCodes validateCertificate(time_t validation_time);
- X509CertificateInfo *getCertificateInfo();
+ X509CertificateInfo *getCertificateInfo() const;
//Translate NSS error codes
static SignatureValidationStatus NSS_SigTranslate(NSSCMSVerificationStatus nss_code);
static CertificateValidationStatus NSS_CertTranslate(SECErrorCodes nss_code);
- static GooString *SECItemToGooString(SECItem secItem);
-
private:
SignatureHandler(const SignatureHandler &);
SignatureHandler& operator=(const SignatureHandler &);
@@ -65,7 +65,7 @@
NSSCMSSignedData *CMS_SignedDataCreate(NSSCMSMessage * cms_msg);
NSSCMSSignerInfo *CMS_SignerInfoCreate(NSSCMSSignedData * cms_sig_data);
HASHContext * initHashContext();
- void getEntityInfo(X509CertificateInfo::EntityInfo *info, CERTName *entityName);
+ X509CertificateInfo::EntityInfo getEntityInfo(CERTName *entityName) const;
unsigned int hash_length;
SECItem CMSitem;
diff --git a/poppler/SignatureInfo.cc b/poppler/SignatureInfo.cc
index 3be9160..7352285 100644
--- a/poppler/SignatureInfo.cc
+++ b/poppler/SignatureInfo.cc
@@ -9,6 +9,7 @@
// Copyright 2017 Hans-Ulrich Jüttner <huj@froreich-bioscientia.de>
// Copyright 2017, 2018 Albert Astals Cid <aacid@kde.org>
// Copyright 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@protonmail.com>
+// Copyright 2018 Oliver Sander <oliver.sander@tu-dresden.de>
//
//========================================================================
@@ -107,7 +108,7 @@
return signing_time;
}
-X509CertificateInfo *SignatureInfo::getCertificateInfo()
+const X509CertificateInfo *SignatureInfo::getCertificateInfo() const
{
return cert_info;
}
@@ -160,5 +161,6 @@
void SignatureInfo::setCertificateInfo(X509CertificateInfo *certInfo)
{
+ delete cert_info;
cert_info = certInfo;
}
diff --git a/poppler/SignatureInfo.h b/poppler/SignatureInfo.h
index de79062..f270899 100644
--- a/poppler/SignatureInfo.h
+++ b/poppler/SignatureInfo.h
@@ -9,6 +9,7 @@
// Copyright 2015, 2017, 2018 Albert Astals Cid <aacid@kde.org>
// Copyright 2017 Hans-Ulrich Jüttner <huj@froreich-bioscientia.de>
// Copyright 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@protonmail.com>
+// Copyright 2018 Oliver Sander <oliver.sander@tu-dresden.de>
//
//========================================================================
@@ -57,7 +58,7 @@
int getHashAlgorithm(); // Returns a NSS3 HASH_HashType or -1 if compiled without NSS3
time_t getSigningTime();
bool isSubfilterSupported() { return sig_subfilter_supported; }
- X509CertificateInfo *getCertificateInfo();
+ const X509CertificateInfo *getCertificateInfo() const;
/* SETTERS */
void setSignatureValStatus(enum SignatureValidationStatus );
diff --git a/qt5/src/poppler-form.cc b/qt5/src/poppler-form.cc
index 3794c9f..b5d1bb2 100644
--- a/qt5/src/poppler-form.cc
+++ b/qt5/src/poppler-form.cc
@@ -8,6 +8,7 @@
* Copyright (C) 2018, Andre Heinecke <aheinecke@intevation.de>
* Copyright (C) 2018 Klarälvdalens Datakonsult AB, a KDAB Group company, <info@kdab.com>. Work sponsored by the LiMux project of the city of Munich
* Copyright (C) 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@protonmail.com>
+ * Copyright (C) 2018 Oliver Sander <oliver.sander@tu-dresden.de>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -522,13 +523,20 @@
bool is_null;
};
+CertificateInfo::CertificateInfo()
+ : d_ptr( nullptr )
+{
+}
+
CertificateInfo::CertificateInfo(CertificateInfoPrivate* priv)
- : d_ptr(priv)
-{}
+ : d_ptr( priv )
+{
+}
CertificateInfo::CertificateInfo(const CertificateInfo &other)
- : d_ptr( other.d_ptr )
-{}
+ : d_ptr( other.d_ptr )
+{
+}
CertificateInfo::~CertificateInfo() = default;
@@ -675,7 +683,7 @@
public:
SignatureValidationInfo::SignatureStatus signature_status;
SignatureValidationInfo::CertificateStatus certificate_status;
- QSharedPointer<CertificateInfo> cert_info;
+ CertificateInfo cert_info;
QByteArray signature;
QString signer_name;
@@ -807,7 +815,7 @@
CertificateInfo SignatureValidationInfo::certificateInfo() const
{
Q_D(const SignatureValidationInfo);
- return *(d->cert_info.data());
+ return d->cert_info;
}
SignatureValidationInfo &SignatureValidationInfo::operator=(const SignatureValidationInfo &other)
@@ -933,7 +941,7 @@
delete checkedSignature;
// set certificate info
- X509CertificateInfo* ci = si->getCertificateInfo();
+ const X509CertificateInfo *ci = si->getCertificateInfo();
CertificateInfoPrivate* certPriv = new CertificateInfoPrivate;
certPriv->is_null = true;
if (ci)
@@ -941,16 +949,16 @@
certPriv->version = ci->getVersion();
certPriv->ku_extensions = ci->getKeyUsageExtensions();
- GooString *certSerial = ci->getSerialNumber();
- certPriv->serial_number = QByteArray(certSerial->c_str(), certSerial->getLength());
+ const GooString &certSerial = ci->getSerialNumber();
+ certPriv->serial_number = QByteArray(certSerial.c_str(), certSerial.getLength());
- X509CertificateInfo::EntityInfo issuerInfo = ci->getIssuerInfo();
+ const X509CertificateInfo::EntityInfo &issuerInfo = ci->getIssuerInfo();
certPriv->issuer_info.common_name = issuerInfo.commonName;
certPriv->issuer_info.distinguished_name = issuerInfo.distinguishedName;
certPriv->issuer_info.email_address = issuerInfo.email;
certPriv->issuer_info.org_name = issuerInfo.organization;
- X509CertificateInfo::EntityInfo subjectInfo = ci->getSubjectInfo();
+ const X509CertificateInfo::EntityInfo &subjectInfo = ci->getSubjectInfo();
certPriv->subject_info.common_name = subjectInfo.commonName;
certPriv->subject_info.distinguished_name = subjectInfo.distinguishedName;
certPriv->subject_info.email_address = subjectInfo.email;
@@ -960,17 +968,17 @@
certPriv->validity_start = QDateTime::fromTime_t(certValidity.notBefore, Qt::UTC);
certPriv->validity_end = QDateTime::fromTime_t(certValidity.notAfter, Qt::UTC);
- X509CertificateInfo::PublicKeyInfo pkInfo = ci->getPublicKeyInfo();
+ const X509CertificateInfo::PublicKeyInfo &pkInfo = ci->getPublicKeyInfo();
certPriv->public_key = QByteArray(pkInfo.publicKey->c_str(), pkInfo.publicKey->getLength());
certPriv->public_key_type = static_cast<int>(pkInfo.publicKeyType);
certPriv->public_key_strength = pkInfo.publicKeyStrength;
- GooString *certDer = ci->getCertificateDER();
- certPriv->certificate_der = QByteArray(certDer->c_str(), certDer->getLength());
+ const GooString &certDer = ci->getCertificateDER();
+ certPriv->certificate_der = QByteArray(certDer.c_str(), certDer.getLength());
certPriv->is_null = false;
}
- priv->cert_info = QSharedPointer<CertificateInfo>(new CertificateInfo(certPriv));
+ priv->cert_info = CertificateInfo(certPriv);
return SignatureValidationInfo(priv);
}
diff --git a/qt5/src/poppler-form.h b/qt5/src/poppler-form.h
index b389e5b..2c97383 100644
--- a/qt5/src/poppler-form.h
+++ b/qt5/src/poppler-form.h
@@ -7,6 +7,7 @@
* Copyright (C) 2017, Tobias C. Berner <tcberner@freebsd.org>
* Copyright (C) 2018, Andre Heinecke <aheinecke@intevation.de>
* Copyright (C) 2018, Chinmoy Ranjan Pradhan <chinmoyrp65@protonmail.com>
+ * Copyright (C) 2018, Oliver Sander <oliver.sander@tu-dresden.de>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -451,6 +452,7 @@
Organization,
};
+ CertificateInfo();
CertificateInfo(CertificateInfoPrivate *priv);
~CertificateInfo();
@@ -522,7 +524,7 @@
CertificateInfo(const CertificateInfo &other);
CertificateInfo &operator=(const CertificateInfo &other);
- private:
+ private:
Q_DECLARE_PRIVATE(CertificateInfo)
QSharedPointer<CertificateInfoPrivate> d_ptr;
@@ -643,17 +645,16 @@
/**
Checks whether the signature authenticates the total document
- except for the signature itself.
- \since 0.58
+ except for the signature itself.
+ \since 0.58
*/
bool signsTotalDocument() const;
- /**
- The signer certificate info
-
- \since 0.73
- */
- CertificateInfo certificateInfo() const;
+ /**
+ The signer certificate info.
+ \since 0.73
+ */
+ CertificateInfo certificateInfo() const;
SignatureValidationInfo(const SignatureValidationInfo &other);
SignatureValidationInfo &operator=(const SignatureValidationInfo &other);