From: Felix Dörre <felix@dogcraft.de>
Date: Thu, 12 Nov 2015 11:34:55 +0000 (+0100)
Subject: fix: some coverity bugs
X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=6d215e9cd20c590f1d9fdf17c56043fa7c20239f

fix: some coverity bugs
---

diff --git a/src/org/cacert/gigi/output/template/Template.java b/src/org/cacert/gigi/output/template/Template.java
index 2a2bba6a..da94098a 100644
--- a/src/org/cacert/gigi/output/template/Template.java
+++ b/src/org/cacert/gigi/output/template/Template.java
@@ -21,7 +21,7 @@ import org.cacert.gigi.util.HTMLEncoder;
 
 public class Template implements Outputable {
 
-    class ParseResult {
+    private static class ParseResult {
 
         TemplateBlock block;
 
diff --git a/src/org/cacert/gigi/pages/wot/AssurePage.java b/src/org/cacert/gigi/pages/wot/AssurePage.java
index aed78f84..efb246b6 100644
--- a/src/org/cacert/gigi/pages/wot/AssurePage.java
+++ b/src/org/cacert/gigi/pages/wot/AssurePage.java
@@ -40,7 +40,6 @@ public class AssurePage extends Page {
     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
 
         PrintWriter out = resp.getWriter();
-        String pi = req.getPathInfo().substring(PATH.length());
         HashMap<String, Object> vars = new HashMap<String, Object>();
         vars.put("DoB", ds);
         t.output(out, getLanguage(req), vars);
diff --git a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
index 18b97c2f..85041860 100644
--- a/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
+++ b/src/org/cacert/gigi/pages/wot/RequestTTPForm.java
@@ -41,6 +41,7 @@ public class RequestTTPForm extends Form {
             }
             country = COUNTRIES[cid];
         }
+        // TODO use country?
 
         User uReq = LoginPage.getUser(req);
 
diff --git a/src/org/cacert/gigi/util/AuthorizationContext.java b/src/org/cacert/gigi/util/AuthorizationContext.java
index 4cab2a53..114475c5 100644
--- a/src/org/cacert/gigi/util/AuthorizationContext.java
+++ b/src/org/cacert/gigi/util/AuthorizationContext.java
@@ -78,7 +78,7 @@ public class AuthorizationContext implements Outputable {
         if (supporterTicketId != null) {
             out.println("<div>");
             out.println(l.getTranslation("SupportTicket: "));
-            out.println(supporterTicketId);
+            out.println(HTMLEncoder.encodeHTML(supporterTicketId));
             out.println("</div>");
         }
     }
diff --git a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
index 38130bc4..820471f5 100644
--- a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
+++ b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
@@ -180,6 +180,7 @@ public class TestCertificateAdd extends ClientTest {
                     }
                 }
             }
+            assertNotNull(current);
             return current.getEncoded();
         }
     }
diff --git a/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java b/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java
index cdbf9321..77c3e2d6 100644
--- a/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java
+++ b/tests/org/cacert/gigi/testUtils/TestEmailReceiver.java
@@ -26,7 +26,7 @@ public final class TestEmailReceiver extends EmailProvider implements Runnable {
     /**
      * An email that has been intercepted.
      */
-    public class TestMail {
+    public static class TestMail {
 
         String to;
 
diff --git a/util-testing/org/cacert/gigi/GenerateProfileOverview.java b/util-testing/org/cacert/gigi/GenerateProfileOverview.java
index 45e98ef2..99d45e2e 100644
--- a/util-testing/org/cacert/gigi/GenerateProfileOverview.java
+++ b/util-testing/org/cacert/gigi/GenerateProfileOverview.java
@@ -34,50 +34,50 @@ public class GenerateProfileOverview {
             }
             req.addAll(cp.getReqireds());
         }
-        PrintWriter pw = new PrintWriter("profiles.html");
-        pw.println("<!DOCTYPE html><html><head><title>Profiles</title>");
-        pw.println("<style>.split{background-color:#000;margin:0;cell-spacing:0}td{text-align:center}</style>");
-        pw.println("</head>");
-        pw.println("<body><table border='1'>");
-        pw.println("<tr><td>id</td><td> </td>");
-        for (String p : pt) {
-            pw.println("<th>" + p + "</th>");
-        }
-        pw.println("<th class='split'></th>");
-        for (String p : req) {
-            pw.println("<th class='req'>" + p + "</th>");
-        }
-        pw.println("</tr>");
-        for (CertificateProfile certificateProfile : cps) {
-            pw.println("<tr>");
-            pw.println("<td>" + certificateProfile.getId() + "</td>");
-            pw.println("<td>" + certificateProfile.getKeyName() + "</td>");
-            outer:
+        try (PrintWriter pw = new PrintWriter("profiles.html", "UTF-8")) {
+            pw.println("<!DOCTYPE html><html><head><title>Profiles</title>");
+            pw.println("<style>.split{background-color:#000;margin:0;cell-spacing:0}td{text-align:center}</style>");
+            pw.println("</head>");
+            pw.println("<body><table border='1'>");
+            pw.println("<tr><td>id</td><td> </td>");
             for (String p : pt) {
-                for (PropertyTemplate t : certificateProfile.getTemplates().values()) {
-                    if (t.getBase().equals(p)) {
-                        pw.println("<td>" + (t.isRequired() ? (t.isMultiple() ? "+" : "y") : (t.isMultiple() ? "*" : "?")) + "</td>");
-                        continue outer;
-                    }
-                }
-                pw.println("<td></td>");
+                pw.println("<th>" + p + "</th>");
             }
-            pw.println("<td class='split'></td>");
-            outer:
+            pw.println("<th class='split'></th>");
             for (String p : req) {
-                for (String t : certificateProfile.getReqireds()) {
-                    if (t.equals(p)) {
-                        pw.println("<td class='req'>y</td>");
-                        continue outer;
+                pw.println("<th class='req'>" + p + "</th>");
+            }
+            pw.println("</tr>");
+            for (CertificateProfile certificateProfile : cps) {
+                pw.println("<tr>");
+                pw.println("<td>" + certificateProfile.getId() + "</td>");
+                pw.println("<td>" + certificateProfile.getKeyName() + "</td>");
+                outer:
+                for (String p : pt) {
+                    for (PropertyTemplate t : certificateProfile.getTemplates().values()) {
+                        if (t.getBase().equals(p)) {
+                            pw.println("<td>" + (t.isRequired() ? (t.isMultiple() ? "+" : "y") : (t.isMultiple() ? "*" : "?")) + "</td>");
+                            continue outer;
+                        }
+                    }
+                    pw.println("<td></td>");
+                }
+                pw.println("<td class='split'></td>");
+                outer:
+                for (String p : req) {
+                    for (String t : certificateProfile.getReqireds()) {
+                        if (t.equals(p)) {
+                            pw.println("<td class='req'>y</td>");
+                            continue outer;
+                        }
                     }
+                    pw.println("<td></td>");
                 }
-                pw.println("<td></td>");
+                pw.println("</tr>");
             }
-            pw.println("</tr>");
+            pw.println("</table></body></html>");
+            Desktop.getDesktop().browse(new File("profiles.html").toURI());
         }
-        pw.println("</table></body></html>");
-        Desktop.getDesktop().browse(new File("profiles.html").toURI());
-        pw.close();
     }
 
 }
diff --git a/util-testing/org/cacert/gigi/util/SimpleSigner.java b/util-testing/org/cacert/gigi/util/SimpleSigner.java
index f8ee1e90..d7bfee5f 100644
--- a/util-testing/org/cacert/gigi/util/SimpleSigner.java
+++ b/util-testing/org/cacert/gigi/util/SimpleSigner.java
@@ -1,6 +1,5 @@
 package org.cacert.gigi.util;
 
-import java.io.ByteArrayInputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
@@ -274,10 +273,8 @@ public class SimpleSigner {
                 getSANSs.setInt(1, id);
                 GigiResultSet san = getSANSs.executeQuery();
 
-                boolean first = true;
                 LinkedList<SubjectAlternateName> altnames = new LinkedList<>();
                 while (san.next()) {
-                    first = false;
                     altnames.add(new SubjectAlternateName(SANType.valueOf(san.getString("type").toUpperCase()), san.getString("contents")));
                 }
                 // TODO look them up!
@@ -294,7 +291,9 @@ public class SimpleSigner {
                 }
                 s += "-" + cp.getKeyName() + ".cfg";
                 Properties caP = new Properties();
-                caP.load(new FileInputStream("signer/profiles/" + s));
+                try (FileInputStream inStream = new FileInputStream("signer/profiles/" + s)) {
+                    caP.load(inStream);
+                }
                 String ca = caP.getProperty("ca") + "_2015_1";
 
                 HashMap<String, String> subj = new HashMap<>();
@@ -317,16 +316,16 @@ public class SimpleSigner {
                 PublicKey pk;
                 byte[] data = IOUtils.readURL(new FileInputStream(csrname));
                 if (ct == CSRType.SPKAC) {
-                    String dt = new String(data);
+                    String dt = new String(data, "UTF-8");
                     if (dt.startsWith("SPKAC=")) {
                         dt = dt.substring(6);
-                        data = dt.getBytes();
+                        data = dt.getBytes("UTF-8");
                         System.out.println(dt);
                     }
                     SPKAC sp = new SPKAC(Base64.getDecoder().decode(data));
                     pk = sp.getPubkey();
                 } else {
-                    PKCS10 p10 = new PKCS10(PEM.decode("(NEW )?CERTIFICATE REQUEST", new String(data)));
+                    PKCS10 p10 = new PKCS10(PEM.decode("(NEW )?CERTIFICATE REQUEST", new String(data, "UTF-8")));
                     pk = p10.getSubjectPublicKeyInfo();
                 }
                 PrivateKey i = loadOpensslKey(new File("signer/ca/" + ca + "/ca.key"));
@@ -339,19 +338,18 @@ public class SimpleSigner {
                 out.println(Base64.getMimeEncoder().encodeToString(cert));
                 out.println("-----END CERTIFICATE-----");
                 out.close();
-                synchronized (sdf) {
-                    /*
-                     * call = new String[] { "openssl", "ca",// "-in", "../../"
-                     * + csrname,// "-cert", "../" + ca + ".crt",// "-keyfile",
-                     * "../" + ca + ".key",// "-out", "../../" +
-                     * crt.getPath(),// "-utf8", "-startdate",
-                     * sdf.format(fromDate),// "-enddate", sdf.format(toDate),//
-                     * "-batch",// "-md", rs.getString("md"),// "-extfile",
-                     * "../" + f.getName(),// "-subj",
-                     * Certificate.stringifyDN(subj),// "-config",
-                     * "../selfsign.config"// };
-                     */
-                }
+                // synchronized (sdf) {
+                /*
+                 * call = new String[] { "openssl", "ca",// "-in", "../../" +
+                 * csrname,// "-cert", "../" + ca + ".crt",// "-keyfile", "../"
+                 * + ca + ".key",// "-out", "../../" + crt.getPath(),// "-utf8",
+                 * "-startdate", sdf.format(fromDate),// "-enddate",
+                 * sdf.format(toDate),// "-batch",// "-md",
+                 * rs.getString("md"),// "-extfile", "../" + f.getName(),//
+                 * "-subj", Certificate.stringifyDN(subj),// "-config",
+                 * "../selfsign.config"// };
+                 */
+                // }
 
                 try (InputStream is = new FileInputStream(crt)) {
                     locateCA.setString(1, ca);
@@ -409,9 +407,9 @@ public class SimpleSigner {
     private static synchronized byte[] generateCert(PublicKey pk, PrivateKey prk, Map<String, String> subj, X500Principal issuer, List<SubjectAlternateName> altnames, Date fromDate, Date toDate, Digest digest, String eku) throws IOException, GeneralSecurityException {
         File f = Paths.get("signer", "serial").toFile();
         if ( !f.exists()) {
-            FileOutputStream fos = new FileOutputStream(f);
-            fos.write("1".getBytes());
-            fos.close();
+            try (FileOutputStream fos = new FileOutputStream(f)) {
+                fos.write("1".getBytes("UTF-8"));
+            }
         }
         try (FileInputStream fr = new FileInputStream(f)) {
             byte[] serial = IOUtils.readURL(fr);
@@ -487,7 +485,9 @@ public class SimpleSigner {
             contentSeq.putBitString(s.sign());
             cert.write(DerValue.tag_Sequence, contentSeq);
 
-            X509Certificate c = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(cert.toByteArray()));
+            // X509Certificate c = (X509Certificate)
+            // CertificateFactory.getInstance("X509").generateCertificate(new
+            // ByteArrayInputStream(cert.toByteArray()));
             // c.verify(pk); only for self-signeds
 
             return cert.toByteArray();
@@ -610,7 +610,7 @@ public class SimpleSigner {
             } else {
                 throw new Error("" + san.getType());
             }
-            SANContent.write(DerValue.createTag(DerValue.TAG_CONTEXT, false, type), san.getName().getBytes());
+            SANContent.write(DerValue.createTag(DerValue.TAG_CONTEXT, false, type), san.getName().getBytes("UTF-8"));
         }
         DerOutputStream SANSeqContent = new DerOutputStream();
         SANSeqContent.write(DerValue.tag_Sequence, SANContent);