]> git.saurik.com Git - apple/security.git/blobdiff - libsecurity_codesigning/lib/signerutils.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-55471.14.4.tar.gz
[apple/security.git] / libsecurity_codesigning / lib / signerutils.cpp
diff --git a/libsecurity_codesigning/lib/signerutils.cpp b/libsecurity_codesigning/lib/signerutils.cpp
index d03d884e5ede3411717bbbd525c894416da899fe..74dd23cebe10014d064a0d313cb38af75cd799de 100644 (file)
--- a/libsecurity_codesigning/lib/signerutils.cpp
+++ b/libsecurity_codesigning/lib/signerutils.cpp
@@ -29,7 +29,7 @@
 #include "SecCodeSigner.h"
 #include <Security/SecIdentity.h>
 #include <Security/CMSEncoder.h>
 #include "SecCodeSigner.h"
 #include <Security/SecIdentity.h>
 #include <Security/CMSEncoder.h>
-#include "renum.h"
+#include "resources.h"
 #include "csutilities.h"
 #include "drmaker.h"
 #include <security_utilities/unix++.h>
 #include "csutilities.h"
 #include "drmaker.h"
 #include <security_utilities/unix++.h>
@@ -67,7 +67,7 @@ void BlobWriter::component(CodeDirectory::SpecialSlot slot, CFDataRef data)
 void DetachedBlobWriter::flush()
 {
        EmbeddedSignatureBlob *blob = this->make();
 void DetachedBlobWriter::flush()
 {
        EmbeddedSignatureBlob *blob = this->make();
-       signer.code->detachedSignature(makeCFData(*blob));
+       signer.code->detachedSignature(CFTempData(*blob));
        signer.state.returnDetachedSignature(blob, signer);
        ::free(blob);
 }
        signer.state.returnDetachedSignature(blob, signer);
        ::free(blob);
 }
@@ -171,7 +171,7 @@ void MachOEditor::allocate()
        fork();
        wait();
        if (!Child::succeeded())
        fork();
        wait();
        if (!Child::succeeded())
-               UnixError::throwMe(ENOEXEC);    //@@@ how to signal "it din' work"?
+               MacOSError::throwMe(errSecCSHelperFailed);
        
        // open the new (temporary) Universal file
        {
        
        // open the new (temporary) Universal file
        {
@@ -197,9 +197,7 @@ void MachOEditor::parentAction()
                CODESIGN_ALLOCATE_VALIDATE((char*)mHelperPath, this->pid());
                // check code identity of an overridden allocation helper
                SecPointer<SecStaticCode> code = new SecStaticCode(DiskRep::bestGuess(mHelperPath));
                CODESIGN_ALLOCATE_VALIDATE((char*)mHelperPath, this->pid());
                // check code identity of an overridden allocation helper
                SecPointer<SecStaticCode> code = new SecStaticCode(DiskRep::bestGuess(mHelperPath));
-               code->validateDirectory();
-               code->validateExecutable();
-               code->validateResources();
+               code->staticValidate(kSecCSDefaultFlags, NULL);
                code->validateRequirement((const Requirement *)appleReq, errSecCSReqFailed);
        }
 }
                code->validateRequirement((const Requirement *)appleReq, errSecCSReqFailed);
        }
 }
@@ -219,11 +217,11 @@ void MachOEditor::childAction()
                asprintf(&ssize, "%zd", size);
 
                if (const char *arch = it->first.name()) {
                asprintf(&ssize, "%zd", size);
 
                if (const char *arch = it->first.name()) {
-                       CODESIGN_ALLOCATE_ARCH((char*)arch, size);
+                       CODESIGN_ALLOCATE_ARCH((char*)arch, (unsigned int)size);
                        arguments.push_back("-a");
                        arguments.push_back(arch);
                } else {
                        arguments.push_back("-a");
                        arguments.push_back(arch);
                } else {
-                       CODESIGN_ALLOCATE_ARCHN(it->first.cpuType(), it->first.cpuSubtype(), size);
+                       CODESIGN_ALLOCATE_ARCHN(it->first.cpuType(), it->first.cpuSubtype(), (unsigned int)size);
                        arguments.push_back("-A");
                        char *anum;
                        asprintf(&anum, "%d", it->first.cpuType());
                        arguments.push_back("-A");
                        char *anum;
                        asprintf(&anum, "%d", it->first.cpuType());
@@ -257,7 +255,7 @@ void MachOEditor::write(Arch &arch, EmbeddedSignatureBlob *blob)
 {
        if (size_t offset = arch.source->signingOffset()) {
                size_t signingLength = arch.source->signingLength();
 {
        if (size_t offset = arch.source->signingOffset()) {
                size_t signingLength = arch.source->signingLength();
-               CODESIGN_ALLOCATE_WRITE((char*)arch.architecture.name(), offset, blob->length(), signingLength);
+               CODESIGN_ALLOCATE_WRITE((char*)arch.architecture.name(), offset, (unsigned)blob->length(), (unsigned)signingLength);
                if (signingLength < blob->length())
                        MacOSError::throwMe(errSecCSCMSTooLarge);
                arch.source->seek(offset);
                if (signingLength < blob->length())
                        MacOSError::throwMe(errSecCSCMSTooLarge);
                arch.source->seek(offset);
mirror of Security