[SSSD] [PATCHES] Another batch of fixes for bugs found by Coverity

Thu, 16 Dec 2010 12:00:19 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Patch 0001: https://fedorahosted.org/sssd/ticket/711
Patch 0002: https://fedorahosted.org/sssd/ticket/713
Patch 0003: https://fedorahosted.org/sssd/ticket/718
Patch 0004: https://fedorahosted.org/sssd/ticket/725
Patch 0005: https://fedorahosted.org/sssd/ticket/714


- -- 
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk0Kb74ACgkQeiVVYja6o6ME7ACbBl+L4Rc4kg6X17nHUWsSsJaL
54UAnjqz0f72G5WY4kNfI9OMrua4CpyO
=ux66
-----END PGP SIGNATURE-----

From 96debe9a6bcc6b3d591cbbb972aa04b18ffb6af8 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <[email protected]>
Date: Thu, 16 Dec 2010 14:39:00 -0500
Subject: [PATCH 1/5] Fix unchecked return value in sss_krb5_verify_keytab_ex

https://fedorahosted.org/sssd/ticket/711
---
 src/util/sss_krb5.c |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)

diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
index 174b6d9fad0ffef4dd129c1e100a5fbcffc93c9e..894dd443d02f4f0549f4e50d1aff87be3f1c74e8 100644
--- a/src/util/sss_krb5.c
+++ b/src/util/sss_krb5.c
@@ -152,7 +152,14 @@ int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name,
             found = true;
         }
         free(kt_principal);
-        krb5_free_keytab_entry_contents(context, &entry);
+        krberr = krb5_free_keytab_entry_contents(context, &entry);
+        if (krberr) {
+            /* This should never happen. The API docs for this function
+             * specify only success for this function
+             */
+            DEBUG(1,("Could not free keytab entry contents\n"));
+            /* This is non-fatal, so we'll continue here */
+        }
 
         if (found) {
             break;
-- 
1.7.3.3


From c9e336c117aaf64bf6eaf0730d51576a20baaf04 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <[email protected]>
Date: Thu, 16 Dec 2010 14:44:22 -0500
Subject: [PATCH 2/5] Fix unchecked return value in set_nonblocking

https://fedorahosted.org/sssd/ticket/713
---
 src/responder/common/responder_common.c |   17 +++++++++++++++--
 1 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index 231d828064f32335c85b618d97c6316191365585..c11eccf19b2142af02b5a0416e1312727811729e 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -47,9 +47,22 @@
 
 static void set_nonblocking(int fd)
 {
-    unsigned v;
+    int v;
+    int ferr;
+    errno_t error;
+
+    /* Get the current flags for this file descriptor*/
     v = fcntl(fd, F_GETFL, 0);
-    fcntl(fd, F_SETFL, v | O_NONBLOCK);
+
+    errno = 0;
+    /* Set the non-blocking flag on this fd */
+    ferr = fcntl(fd, F_SETFL, v | O_NONBLOCK);
+    if (ferr < 0) {
+        error = errno;
+        DEBUG(1, ("Unable to set fd non-blocking: [%d][%s]\n",
+                  error, strerror(error)));
+        /* Non-fatal, we'll attempt to continue */
+    }
 }
 
 static void set_close_on_exec(int fd)
-- 
1.7.3.3


From eab29d97497ab02517908dfae91833befb3cd05e Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <[email protected]>
Date: Thu, 16 Dec 2010 14:48:14 -0500
Subject: [PATCH 3/5] Fix unsafe return condition in ipa_access_handler

https://fedorahosted.org/sssd/ticket/718
---
 src/providers/ipa/ipa_access.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c
index 130008d2f7afd390e33ba9063d01cdfa5d97bc88..45f96c9b2a95ca1e4f083ea79337ccec77a96727 100644
--- a/src/providers/ipa/ipa_access.c
+++ b/src/providers/ipa/ipa_access.c
@@ -1701,7 +1701,12 @@ void ipa_access_handler(struct be_req *be_req)
     return;
 
 fail:
-    ipa_access_reply(hbac_ctx, pam_status);
+    if (hbac_ctx) {
+        /* Return an proper error */
+        ipa_access_reply(hbac_ctx, pam_status);
+    } else {
+        be_req->fn(be_req, DP_ERR_FATAL, pam_status, NULL);
+    }
 }
 
 static int hbac_retry(struct hbac_ctx *hbac_ctx)
-- 
1.7.3.3


From 27284dc43b5fb10123c4b511a8a706d0a2481647 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <[email protected]>
Date: Thu, 16 Dec 2010 14:50:01 -0500
Subject: [PATCH 4/5] Fix uninitialized value error in set_local_and_remote_host_info

https://fedorahosted.org/sssd/ticket/725
---
 src/providers/ipa/ipa_access.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c
index 45f96c9b2a95ca1e4f083ea79337ccec77a96727..c66bb9c8bfa55ae92cd37036365fe589c9533172 100644
--- a/src/providers/ipa/ipa_access.c
+++ b/src/providers/ipa/ipa_access.c
@@ -176,7 +176,7 @@ static errno_t set_local_and_remote_host_info(TALLOC_CTX *mem_ctx,
     int ret;
     struct hbac_host_info *hhi;
     struct ldb_message_element *el;
-    TALLOC_CTX *tmp_ctx;
+    TALLOC_CTX *tmp_ctx = NULL;
 
     if (local_hostname == NULL || *local_hostname == '\0') {
         DEBUG(1, ("Missing local hostname.\n"));
-- 
1.7.3.3


From ed1576f8f046187f49f19041946191c80e1f661a Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <[email protected]>
Date: Thu, 16 Dec 2010 14:59:10 -0500
Subject: [PATCH 5/5] Fix unchecked return value in test_sysdb_attrs_to_list

https://fedorahosted.org/sssd/ticket/714
---
 src/tests/sysdb-tests.c |    9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 4d21395a09771f7b7027d2a68d785881b9effa9f..2beb2588427355851abd856c4cea2e91506d37ee 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -2180,11 +2180,14 @@ START_TEST (test_sysdb_attrs_to_list)
     TALLOC_CTX *test_ctx = talloc_new(NULL);
 
     attrs_list[0] = sysdb_new_attrs(test_ctx);
-    sysdb_attrs_add_string(attrs_list[0], "test_attr", "attr1");
+    ret = sysdb_attrs_add_string(attrs_list[0], "test_attr", "attr1");
+    fail_if(ret, "Add string failed");
     attrs_list[1] = sysdb_new_attrs(test_ctx);
-    sysdb_attrs_add_string(attrs_list[1], "test_attr", "attr2");
+    ret = sysdb_attrs_add_string(attrs_list[1], "test_attr", "attr2");
+    fail_if(ret, "Add string failed");
     attrs_list[2] = sysdb_new_attrs(test_ctx);
-    sysdb_attrs_add_string(attrs_list[2], "nottest_attr", "attr3");
+    ret = sysdb_attrs_add_string(attrs_list[2], "nottest_attr", "attr3");
+    fail_if(ret, "Add string failed");
 
     ret = sysdb_attrs_to_list(test_ctx, attrs_list, 3,
                               "test_attr", &list);
-- 
1.7.3.3

Attachment: 0001-Fix-unchecked-return-value-in-sss_krb5_verify_keytab.patch.sig
Description: PGP signature

Attachment: 0002-Fix-unchecked-return-value-in-set_nonblocking.patch.sig
Description: PGP signature

Attachment: 0003-Fix-unsafe-return-condition-in-ipa_access_handler.patch.sig
Description: PGP signature

Attachment: 0004-Fix-uninitialized-value-error-in-set_local_and_remot.patch.sig
Description: PGP signature

Attachment: 0005-Fix-unchecked-return-value-in-test_sysdb_attrs_to_li.patch.sig
Description: PGP signature

_______________________________________________
sssd-devel mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/sssd-devel

Reply via email to