Security-59306.120.7.tar.gz

[apple/security.git] / OSX / libsecurity_keychain / lib / Item.cpp

diff --git a/OSX/libsecurity_keychain/lib/Item.cpp b/OSX/libsecurity_keychain/lib/Item.cpp
index 2ec227ef090dee51d57673381f5aea79654ca951..4d4dc772e14dbc548e949c50289fe3d6b205013b 100644 (file)
--- a/OSX/libsecurity_keychain/lib/Item.cpp
+++ b/OSX/libsecurity_keychain/lib/Item.cpp
@@ -46,9 +46,7 @@
 #include <utilities/der_plist.h>
 
 #include <security_utilities/CSPDLTransaction.h>
-#include <SecBasePriv.h>
-
-#define SENDACCESSNOTIFICATIONS 1
+#include <Security/SecBasePriv.h>
 
 //%%% schema indexes should be defined in Schema.h
 #define _kSecAppleSharePasswordItemClass               'ashp'
@@ -640,7 +638,7 @@ bool ItemImpl::checkIntegrityFromDictionary(AclBearer& aclBearer, DbAttributes*
             return false; // No MAC, no integrity.
         }
 
-        throw cssme;
+        throw;
     }
 
     secnotice("integrity", "***** INVALID ITEM");
@@ -1415,23 +1413,12 @@ ItemImpl::getContent(SecItemClass *itemClass, SecKeychainAttributeList *attrList
     {
                getLocalContent(attrList, length, outData);
        }
-
-       // Inform anyone interested that we are doing this
-#if SENDACCESSNOTIFICATIONS
-    if (outData)
-    {
-               secinfo("kcnotify", "ItemImpl::getContent(%p, %p, %p, %p) retrieved content",
-                       itemClass, attrList, length, outData);
-
-        KCEventNotifier::PostKeychainEvent(kSecDataAccessEvent, mKeychain, this);
-    }
-#endif
 }
 
 void
 ItemImpl::freeContent(SecKeychainAttributeList *attrList, void *data)
 {
-    Allocator &allocator = Allocator::standard(); // @@@ This might not match the one used originally
+    Allocator &allocator = Allocator::standard(Allocator::sensitive); // @@@ This might not match the one used originally
     if (data)
                allocator.free(data);
 
@@ -1539,7 +1526,7 @@ ItemImpl::getAttributesAndData(SecKeychainAttributeInfo *info, SecItemClass *ite
             theList->count = 0;
             theList->attr = NULL;
         } else {
-            SecKeychainAttribute *attr=reinterpret_cast<SecKeychainAttribute *>(malloc(sizeof(SecKeychainAttribute)*attrCount));
+            SecKeychainAttribute *attr=reinterpret_cast<SecKeychainAttribute *>(calloc(attrCount, sizeof(SecKeychainAttribute)));
             theList->count=attrCount;
             theList->attr=attr;
 
@@ -1573,13 +1560,6 @@ ItemImpl::getAttributesAndData(SecKeychainAttributeInfo *info, SecItemClass *ite
 
                if (length) *length=(UInt32)itemData.length();
                itemData.Length=0;
-
-#if SENDACCESSNOTIFICATIONS
-               secinfo("kcnotify", "ItemImpl::getAttributesAndData(%p, %p, %p, %p, %p) retrieved data",
-                       info, itemClass, attrList, length, outData);
-
-               KCEventNotifier::PostKeychainEvent(kSecDataAccessEvent, mKeychain, this);
-#endif
        }
 
 }
@@ -1587,7 +1567,7 @@ ItemImpl::getAttributesAndData(SecKeychainAttributeInfo *info, SecItemClass *ite
 void
 ItemImpl::freeAttributesAndData(SecKeychainAttributeList *attrList, void *data)
 {
-       Allocator &allocator = Allocator::standard(); // @@@ This might not match the one used originally
+       Allocator &allocator = Allocator::standard(Allocator::sensitive); // @@@ This might not match the one used originally
 
        if (data)
                allocator.free(data);
@@ -1740,13 +1720,6 @@ ItemImpl::getData(CssmDataContainer& outData)
        }
 
     getContent(NULL, &outData);
-
-#if SENDACCESSNOTIFICATIONS
-    secinfo("kcnotify", "ItemImpl::getData retrieved data");
-
-       //%%%<might> be done elsewhere, but here is good for now
-       KCEventNotifier::PostKeychainEvent(kSecDataAccessEvent, mKeychain, this);
-#endif
 }
 
 SSGroup
@@ -1833,7 +1806,7 @@ ItemImpl::getContent(DbAttributes *dbAttributes, CssmDataContainer *itemData)
                 }
             } catch(CssmError cssme) {
                 secnotice("integrity", "error while checking integrity, denying access: %s", cssme.what());
-                throw cssme;
+                throw;
             }
 
                        SSDbUniqueRecordImpl* impl = dynamic_cast<SSDbUniqueRecordImpl *>(&(*dbUniqueRecord()));