The branch, master has been updated
via dff196a credentials: Fix CID 1414796 Explicit null dereferenced
via 7a9df79 credentials: Fix line length
via 56a8739 credentials: Revert "credentials: Fix CID 1414796 Explicit
null dereferenced"
via d40891a smbd: Fix CID 1414783 Double unlock
via e7522a4 dnsrpc: Use TALLOC_FREE instead of an explicit if-statement
via 6a9bc0f winbind: Fix CID 1427625 Calling risky function
via 37b094c vfs_fruit: Fix CID 1416474 Dereference null return value
via 95c81fe tevent: Fix CID 1414792 Unchecked return value
from 2128159 rpc_server: Init local_server_* in
make_internal_rpc_pipe_socketpair
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit dff196a15735ea4dd6946aa6f2efa8a7e8f54b77
Author: Volker Lendecke <[email protected]>
Date: Wed Apr 11 08:27:41 2018 +0200
credentials: Fix CID 1414796 Explicit null dereferenced
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Wed Apr 11 21:58:00 CEST 2018 on sn-devel-144
commit 7a9df7966031f3c364454e1497168e3bc24ad4d9
Author: Volker Lendecke <[email protected]>
Date: Wed Apr 11 08:26:33 2018 +0200
credentials: Fix line length
... just because I'll modify that line in the next commit
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 56a8739e228fd661e3c648a7a316f7967a55e81c
Author: Volker Lendecke <[email protected]>
Date: Wed Apr 11 08:21:23 2018 +0200
credentials: Revert "credentials: Fix CID 1414796 Explicit null
dereferenced"
This reverts commit 90c02ec64d0e3c860f8d6906cf849bdd2c7bcc54.
We have code to take care of password==NULL, this CID must be fixed in a
different way
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit d40891a14683a9cc8951ad36fb9e09831b7122af
Author: Volker Lendecke <[email protected]>
Date: Tue Apr 10 21:27:47 2018 +0200
smbd: Fix CID 1414783 Double unlock
The loop is unnecessary, both susv4 as well as the Linux manpage
explicitly say:
> These functions shall not return an error code of [EINTR].
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit e7522a4ff8124b8d7bfad9c805dd140475d418e2
Author: Volker Lendecke <[email protected]>
Date: Tue Apr 10 21:18:15 2018 +0200
dnsrpc: Use TALLOC_FREE instead of an explicit if-statement
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 6a9bc0fa209798c8e4d88a68dcc6ad0b95925a52
Author: Volker Lendecke <[email protected]>
Date: Tue Apr 10 21:13:37 2018 +0200
winbind: Fix CID 1427625 Calling risky function
Probably not really a problem, but we have generate_random(), so why not
use it?
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 37b094c3387310fc66eb523b4ccda4b587cf5e95
Author: Volker Lendecke <[email protected]>
Date: Tue Apr 10 21:05:09 2018 +0200
vfs_fruit: Fix CID 1416474 Dereference null return value
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 95c81fe5dc4c4722369e954e844e2bede32c4a89
Author: Volker Lendecke <[email protected]>
Date: Tue Apr 10 20:58:11 2018 +0200
tevent: Fix CID 1414792 Unchecked return value
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
auth/credentials/credentials_secrets.c | 10 ++++------
lib/tevent/testsuite.c | 5 ++++-
source3/modules/vfs_fruit.c | 5 +++++
source3/smbd/process.c | 12 +++---------
source3/winbindd/winbindd_gpupdate.c | 2 +-
source4/rpc_server/dnsserver/dnsdata.c | 4 +---
6 files changed, 18 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/credentials/credentials_secrets.c
b/auth/credentials/credentials_secrets.c
index 2ae384f..8d2a3b7 100644
--- a/auth/credentials/credentials_secrets.c
+++ b/auth/credentials/credentials_secrets.c
@@ -106,11 +106,6 @@ static NTSTATUS cli_credentials_set_secrets_lct(struct
cli_credentials *cred,
}
password = ldb_msg_find_attr_as_string(msg, "secret", NULL);
- if (password == NULL) {
- /* This attribute is mandatory */
- talloc_free(mem_ctx);
- return NT_STATUS_NOT_FOUND;
- }
whenChanged = ldb_msg_find_ldb_val(msg, "whenChanged");
if (!whenChanged || ldb_val_to_time(whenChanged, &lct) != LDB_SUCCESS) {
@@ -125,7 +120,10 @@ static NTSTATUS cli_credentials_set_secrets_lct(struct
cli_credentials *cred,
return NT_STATUS_NOT_FOUND;
}
- if (lct == secrets_tdb_last_change_time && secrets_tdb_password &&
strcmp(password, secrets_tdb_password) != 0) {
+ if ((lct == secrets_tdb_last_change_time) &&
+ (secrets_tdb_password != NULL) &&
+ (password != NULL) &&
+ (strcmp(password, secrets_tdb_password) != 0)) {
talloc_free(mem_ctx);
return NT_STATUS_NOT_FOUND;
}
diff --git a/lib/tevent/testsuite.c b/lib/tevent/testsuite.c
index e508452..63abbf2 100644
--- a/lib/tevent/testsuite.c
+++ b/lib/tevent/testsuite.c
@@ -375,6 +375,7 @@ static bool test_event_fd1(struct torture_context *tctx,
const void *test_data)
{
struct test_event_fd1_state state;
+ int ret;
ZERO_STRUCT(state);
state.tctx = tctx;
@@ -415,7 +416,9 @@ static bool test_event_fd1(struct torture_context *tctx,
*/
state.sock[0] = -1;
state.sock[1] = -1;
- socketpair(AF_UNIX, SOCK_STREAM, 0, state.sock);
+
+ ret = socketpair(AF_UNIX, SOCK_STREAM, 0, state.sock);
+ torture_assert(tctx, ret == 0, "socketpair() failed");
state.te = tevent_add_timer(state.ev, state.ev,
timeval_current_ofs(0,1000),
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index 4299583..0a8141a 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -4065,6 +4065,11 @@ static ssize_t fruit_pread_rsrc(vfs_handle_struct
*handle,
struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
ssize_t nread;
+ if (fio == NULL) {
+ errno = EINVAL;
+ return -1;
+ }
+
switch (fio->config->rsrc) {
case FRUIT_RSRC_STREAM:
nread = fruit_pread_rsrc_stream(handle, fsp, data, n, offset);
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index df54a44..f992e65 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -162,15 +162,9 @@ static bool smbd_unlock_socket_internal(struct
smbXsrv_connection *xconn)
#ifdef HAVE_ROBUST_MUTEXES
if (xconn->smb1.echo_handler.socket_mutex != NULL) {
- int ret = EINTR;
-
- while (ret == EINTR) {
- ret = pthread_mutex_unlock(
- xconn->smb1.echo_handler.socket_mutex);
- if (ret == 0) {
- break;
- }
- }
+ int ret;
+ ret = pthread_mutex_unlock(
+ xconn->smb1.echo_handler.socket_mutex);
if (ret != 0) {
DEBUG(1, ("pthread_mutex_unlock failed: %s\n",
strerror(ret)));
diff --git a/source3/winbindd/winbindd_gpupdate.c
b/source3/winbindd/winbindd_gpupdate.c
index 48ebb55..c86c007 100644
--- a/source3/winbindd/winbindd_gpupdate.c
+++ b/source3/winbindd/winbindd_gpupdate.c
@@ -34,7 +34,7 @@
#define GPUPDATE_RAND_OFFSET (30*60)
static uint32_t gpupdate_interval(void)
{
- int rand_int_offset = rand() % GPUPDATE_RAND_OFFSET;
+ int rand_int_offset = generate_random() % GPUPDATE_RAND_OFFSET;
return GPUPDATE_INTERVAL+rand_int_offset;
}
diff --git a/source4/rpc_server/dnsserver/dnsdata.c
b/source4/rpc_server/dnsserver/dnsdata.c
index 8080fa4..a7b8e74 100644
--- a/source4/rpc_server/dnsserver/dnsdata.c
+++ b/source4/rpc_server/dnsserver/dnsdata.c
@@ -219,9 +219,7 @@ int dns_split_name_components(TALLOC_CTX *tmp_ctx, const
char *name, char ***com
return count;
failed:
- if (str) {
- talloc_free(str);
- }
+ TALLOC_FREE(str);
return -1;
}
--
Samba Shared Repository
