On 07/21/2011 02:53 PM, Martin Kosek wrote:
> On Thu, 2011-07-21 at 14:40 +0200, Jan Cholasta wrote:
>> On 20.7.2011 17:10, Jakub Hrozek wrote:
>>> I was playing with ipa_kpasswd (long story short - I needed it running
>>> on a non-standard port) and I noticed there was a compilation warning -
>>> rtag was set but never checked.
>>>
>>> Also removes one unused #define.
>>>
>>
>> Found just a minor issue: you use spaces for indentation, but the rest
>> of the file uses tabs.
>>
>> Honza
>>
>
> To put my 2 cents in - I don't like throwing the same error message in
> more places.
>
> When it really ends with this message we wouldn't know the exact spot
> with the error. IMO it would make the following investigation simpler if
> we fix this.
>
> Martin
>
A new patch is attached.
From c29100c7a74fe7212f10cd935049bed2108d561c Mon Sep 17 00:00:00 2001
From: Jakub Hrozek
Date: Tue, 19 Jul 2011 16:07:57 +0200
Subject: [PATCH] Silence a compilation warning in ipa_kpasswd
rtag was set but never checked which resulted in a compilation warning
---
daemons/ipa-kpasswd/ipa_kpasswd.c | 18 --
1 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/daemons/ipa-kpasswd/ipa_kpasswd.c b/daemons/ipa-kpasswd/ipa_kpasswd.c
index acec3db..cfafac3 100644
--- a/daemons/ipa-kpasswd/ipa_kpasswd.c
+++ b/daemons/ipa-kpasswd/ipa_kpasswd.c
@@ -45,7 +45,6 @@
#define DEFAULT_KEYTAB "FILE:/var/kerberos/krb5kdc/kpasswd.keytab"
#define TMP_TEMPLATE "/var/cache/ipa/kpasswd/krb5_cc.XX"
-#define KPASSWD_PORT 464
/* blacklist entries are released only BLCAKLIST_TIMEOUT seconds
* after the children performing the noperation has finished.
@@ -576,8 +575,17 @@ int ldap_pwd_change(char *client_name, char *realm_name, krb5_data pwd, char **e
ber_tag_t rtag, btag;
ber_int_t bint;
rtag = ber_scanf(sctrl, "{t", &btag);
+ if (rtag == LBER_ERROR) {
+syslog(LOG_ERR, "Could not decode the tag BER element");
+goto done;
+ }
+
if (btag == LDAP_TAG_PWP_WARNING) {
rtag = ber_scanf(sctrl, "{ti}", &btag, &bint);
+if (rtag == LBER_ERROR) {
+ syslog(LOG_ERR, "Could not decode the warning BER element");
+ goto done;
+}
if (btag == LDAP_TAG_PWP_SECSLEFT) {
ret = asprintf(&exterr2, " (%d seconds left before password expires)", bint);
} else {
@@ -587,10 +595,16 @@ int ldap_pwd_change(char *client_name, char *realm_name, krb5_data pwd, char **e
syslog(LOG_ERR, "OOM while creating error message ...");
exterr2 = NULL;
}
-rtag = ber_scanf(sctrl, "t", &btag);
+/* The next element might or might not be there (the control is a sequence) */
+ber_scanf(sctrl, "t", &btag);
}
if (btag == LDAP_TAG_PWP_ERROR) {
rtag = ber_scanf(sctrl, "e", &bint);
+if (rtag == LBER_ERROR) {
+ syslog(LOG_ERR, "Could not decode the error BER element");
+ goto done;
+}
+
switch(bint) {
case 0:
ret = asprintf(&exterr1, " Err%d: Password Expired.", bint);
--
1.7.6
signature.asc
Description: OpenPGP digital signature
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
