There is one memory leak in case of an unlikely error condition, most others are just changes to silence coverity where we know that the condition cannot really happen.
Simo. -- Simo Sorce * Red Hat, Inc * New York
>From a95eff3dd9cd896cfe1e14cc3fc58fc30bc4c2e8 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Tue, 20 Mar 2012 09:47:52 -0400 Subject: [PATCH] Fix memleak and silence Coverity defects Some of these are not real defects, because we are guaranteed to have valid context in some functions, and checks are not necessary. I added the checks anyway in order to silence Coverity on these issues. One meleak on error condition was fixed in daemons/ipa-kdb/ipa_kdb_pwdpolicy.c Silence errors in ipa-client/ipa-getkeytab.c, the code looks wrong, but it is actually fine as we count before hand so we never actually use the wrong value that is computed on the last pass when p == 0 Fixes: https://fedorahosted.org/freeipa/ticket/2488 --- daemons/ipa-kdb/ipa_kdb_passwords.c | 3 +++ daemons/ipa-kdb/ipa_kdb_principals.c | 3 +++ daemons/ipa-kdb/ipa_kdb_pwdpolicy.c | 3 +++ ipa-client/ipa-getkeytab.c | 4 ++-- 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_passwords.c b/daemons/ipa-kdb/ipa_kdb_passwords.c index c717e2031b6a8b5c19b54c42ac964edf9d5aad1a..b6520ea75a78474f6f7761311c9d165924e88b27 100644 --- a/daemons/ipa-kdb/ipa_kdb_passwords.c +++ b/daemons/ipa-kdb/ipa_kdb_passwords.c @@ -71,6 +71,9 @@ static krb5_error_code ipadb_check_pw_policy(krb5_context context, int ret; ipactx = ipadb_get_context(context); + if (!ipactx) { + return KRB5_KDB_DBNOTINITED; + } ied = (struct ipadb_e_data *)db_entry->e_data; if (ied->magic != IPA_E_DATA_MAGIC) { diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c index a0d4687175d8283020ce9da83b355dd1c94051b0..143261982bbadb9a23d4db08bdae6d8f5df476a8 100644 --- a/daemons/ipa-kdb/ipa_kdb_principals.c +++ b/daemons/ipa-kdb/ipa_kdb_principals.c @@ -373,6 +373,9 @@ static krb5_error_code ipadb_parse_ldap_entry(krb5_context kcontext, /* proceed to fill in attributes in the order they are defined in * krb5_db_entry in kdb.h */ ipactx = ipadb_get_context(kcontext); + if (!ipactx) { + return KRB5_KDB_DBNOTINITED; + } lcontext = ipactx->lcontext; entry->magic = KRB5_KDB_MAGIC_NUMBER; diff --git a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c index 91de0342bb0e7e57b188a40642c06127549c33fb..a54380815bc91df6856d1a62fc61b54471b5ce5b 100644 --- a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c +++ b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c @@ -121,6 +121,9 @@ krb5_error_code ipadb_get_ipapwd_policy(struct ipadb_context *ipactx, done: ldap_msgfree(res); + if (kerr) { + free(pol); + } return kerr; } diff --git a/ipa-client/ipa-getkeytab.c b/ipa-client/ipa-getkeytab.c index aa9336f2e8cb07b0831762eabefe1d2d384167dd..05e57bbe17fdc92833028388404701b3a0d73394 100644 --- a/ipa-client/ipa-getkeytab.c +++ b/ipa-client/ipa-getkeytab.c @@ -211,10 +211,10 @@ static int prep_ksdata(krb5_context krbctx, const char *str, if (krberr != 0) { fprintf(stderr, _("Warning unrecognized encryption type: [%s]\n"), t); - t = p+1; + if (p) t = p + 1; continue; } - t = p+1; + if (p) t = p + 1; if (!q) { ksdata[j].salttype = KRB5_KDB_SALTTYPE_NORMAL; -- 1.7.7.6
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel