X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_keychain/lib/SecKeychainSearch.cpp

diff --git a/OSX/libsecurity_keychain/lib/SecKeychainSearch.cpp b/OSX/libsecurity_keychain/lib/SecKeychainSearch.cpp
index 68eb54a0..5e94b58c 100644
--- a/OSX/libsecurity_keychain/lib/SecKeychainSearch.cpp
+++ b/OSX/libsecurity_keychain/lib/SecKeychainSearch.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2004,2011-2015 Apple Inc. All Rights Reserved.
+ * Copyright (c) 2000-2004,2011-2016 Apple Inc. All Rights Reserved.
  *
  * @APPLE_LICENSE_HEADER_START@
  *
@@ -29,6 +29,7 @@
 #include <security_keychain/Item.h>
 #include <security_cdsa_utilities/Schema.h>
 #include <syslog.h>
+#include <os/activity.h>
 
 #include "SecBridge.h"
 
@@ -47,6 +48,9 @@ OSStatus
 SecKeychainSearchCreateFromAttributes(CFTypeRef keychainOrArray, SecItemClass itemClass, const SecKeychainAttributeList *attrList, SecKeychainSearchRef *searchRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecKeychainSearchCreateFromAttributes", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
 	Required(searchRef);
 
@@ -63,6 +67,9 @@ OSStatus
 SecKeychainSearchCreateFromAttributesExtended(CFTypeRef keychainOrArray, SecItemClass itemClass, const SecKeychainAttributeList *attrList, CSSM_DB_CONJUNCTIVE dbConjunctive, CSSM_DB_OPERATOR dbOperator, SecKeychainSearchRef *searchRef)
 {
     BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecKeychainSearchCreateFromAttributesExtended", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
 	Required(searchRef); // Make sure that searchRef is an invalid SearchRef
 
@@ -80,7 +87,10 @@ SecKeychainSearchCreateFromAttributesExtended(CFTypeRef keychainOrArray, SecItem
 OSStatus
 SecKeychainSearchCopyNext(SecKeychainSearchRef searchRef, SecKeychainItemRef *itemRef)
 {
-    BEGIN_SECAPI
+	BEGIN_SECAPI
+    os_activity_t activity = os_activity_create("SecKeychainSearchCopyNext", OS_ACTIVITY_CURRENT, OS_ACTIVITY_FLAG_IF_NONE_PRESENT);
+    os_activity_scope(activity);
+    os_release(activity);
 
 	RequiredParam(itemRef);
 	Item item;
@@ -90,7 +100,6 @@ SecKeychainSearchCopyNext(SecKeychainSearchRef searchRef, SecKeychainItemRef *it
 
 	*itemRef=item->handle();
 
-#if SECTRUST_OSX
 	bool itemChecked = false;
 	do {
 		/* see if we should convert outgoing item to a unified SecCertificateRef */
@@ -104,8 +113,10 @@ SecKeychainSearchCopyNext(SecKeychainSearchRef searchRef, SecKeychainItemRef *it
 			}
 			if (!data) {
 				/* zero-length or otherwise bad cert data; skip to next item */
-				CFRelease(*itemRef);
-				*itemRef = NULL;
+				if (*itemRef) {
+					CFRelease(*itemRef);
+					*itemRef = NULL;
+				}
 				if (!itemCursor->next(item))
 					return errSecItemNotFound;
 				*itemRef=item->handle();
@@ -117,13 +128,24 @@ SecKeychainSearchCopyNext(SecKeychainSearchRef searchRef, SecKeychainItemRef *it
 				CFRelease(data);
 			if (tmpRef)
 				CFRelease(tmpRef);
+			if (NULL == *itemRef) {
+				/* unable to create unified certificate item; skip to next item */
+				if (!itemCursor->next(item))
+					return errSecItemNotFound;
+				*itemRef=item->handle();
+				continue;
+			}
 			itemChecked = true;
-        }
+		}
 		else {
 			itemChecked = true;
 		}
 	} while (!itemChecked);
-#endif
+
+	if (NULL == *itemRef) {
+		/* never permit a NULL item reference to be returned without an error result */
+		return errSecItemNotFound;
+	}
 
 	END_SECAPI
 }