All of these patches are being submitted for both master and sssd-1-8. Patch 0001: Remove some leftover code that was unreachable
Patch 0002: Make sure to check for NULL on malloc() in pam_sss.c Patch 0003: Avoid an uninitialized value comparison on ret in check_cache() Patch 0004: Add missing 'break' to two switch statements due to a bad merge of the service and autofs megapatches. Patch 0005: Fix two places where in_transaction wasn't being initialized to 'false' Patch 0006: If the dbus_message_get_args() failed, we would have been dereferencing a NULL be_req. Patch 0007: Check for failure in sss_packet_grow() Patch 0008: Fix uninitialized value error in proxy provider
From 0ad815a19886ea6b5832aef6ba9aa855c18ec661 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 08:30:56 -0500 Subject: [PATCH 1/8] Remove dead code Coverity #12529 --- src/providers/data_provider_be.c | 9 --------- 1 files changed, 0 insertions(+), 9 deletions(-) diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 992ab3103b96d41cae710988eb22de1a1fb3da2a..401b3a4002232420d2e681c2b328c9f612bd340b 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -1180,7 +1180,6 @@ static int be_host_handler(DBusMessage *message, struct sbus_connection *conn) } if (filter) { - ret = EOK; if (strncmp(filter, "name=", 5) == 0) { req->filter_type = BE_FILTER_NAME; req->filter_value = &filter[5]; @@ -1190,14 +1189,6 @@ static int be_host_handler(DBusMessage *message, struct sbus_connection *conn) err_msg = "Invalid Filter"; goto done; } - - if (ret != EOK) { - err_maj = DP_ERR_FATAL; - err_min = EINVAL; - err_msg = "Invalid Filter"; - goto done; - } - } else { err_maj = DP_ERR_FATAL; err_min = EINVAL; -- 1.7.7.6
From dbfaa9d119971d3ebe53c082745f69cccc45e717 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 08:39:00 -0500 Subject: [PATCH 2/8] Fix missing NULL check after malloc Coverity #12528 --- src/sss_client/pam_sss.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c index a7eb603092be293bf6207d4512a731991bd59ea2..45e318109c7b929574835434b39362a1c73344fc 100644 --- a/src/sss_client/pam_sss.c +++ b/src/sss_client/pam_sss.c @@ -972,6 +972,10 @@ static int eval_response(pam_handle_t *pamh, size_t buflen, uint8_t *buf, free(pi->selinux_user); } pi->selinux_user = (char *)malloc(len + 1); + if (!pi->selinux_user) { + D(("Insufficient memory.")); + return PAM_SYSTEM_ERR; + } memcpy(pi->selinux_user, &buf[p], len + 1); break; default: -- 1.7.7.6
From 57e3ca49851e5c12dcf8070d0a894d5d0133b0fc Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 08:46:02 -0500 Subject: [PATCH 3/8] Avoid uninitialized value comparison Coverity #12526 --- src/responder/nss/nsssrv_cmd.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 1c9160b7ab824654133a3d34be29bcde8a4a7a17..1ad8e292790024aad3699e57efc1cd56664c48b8 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -552,6 +552,9 @@ errno_t check_cache(struct nss_dom_ctx *dctx, DEBUG(SSSDBG_CRIT_FAILURE, ("Error checking cache: %d\n", ret)); goto error; } + } else { + /* No replies */ + ret = ENOENT; } /* EAGAIN (off band) or ENOENT (cache miss) -> check cache */ -- 1.7.7.6
From 38e25c87c70f7af01e6fb197ce8910edc7871ff7 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 08:47:44 -0500 Subject: [PATCH 4/8] Add missing breaks to switch statements Coverity #12525 and #12524 --- src/providers/ldap/ldap_common.c | 1 + src/providers/ldap/sdap.c | 1 + 2 files changed, 2 insertions(+), 0 deletions(-) diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index c92eb282af19411a1e09c0663e845ebabe2f7647..4f78313bcd172b5caff98bbc1a4189f01300856d 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -742,6 +742,7 @@ errno_t sdap_parse_search_base(TALLOC_CTX *mem_ctx, break; case SDAP_SERVICE_SEARCH_BASE: class_name = "SERVICE"; + break; case SDAP_AUTOFS_SEARCH_BASE: class_name = "AUTOFS"; break; diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index 3ac19498ae85d26a30b68987c170a1aace8fcaa2..9e052eef5fe1de2bcf2719379392ea399fe9c943 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -733,6 +733,7 @@ static errno_t sdap_set_search_base(struct sdap_options *opts, break; case SDAP_SERVICE_SEARCH_BASE: bases = &opts->service_search_bases; + break; case SDAP_AUTOFS_SEARCH_BASE: bases = &opts->autofs_search_bases; break; -- 1.7.7.6
From 3c986a8d0d6305e4f3917b45213750dfa00d9dc8 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 08:50:25 -0500 Subject: [PATCH 5/8] Fix uninitialized in_transaction Coverity #12521 and #12491 --- src/db/sysdb_services.c | 2 +- src/providers/ldap/sdap_async_services.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/db/sysdb_services.c b/src/db/sysdb_services.c index 425e9ed713a46676878d5e35264a1aca097f7cf3..69326309967d9387c99d4f82c46ee52be29e6d57 100644 --- a/src/db/sysdb_services.c +++ b/src/db/sysdb_services.c @@ -652,7 +652,7 @@ sysdb_svc_delete(struct sysdb_ctx *sysdb, TALLOC_CTX *tmp_ctx; struct ldb_result *res; unsigned int i; - bool in_transaction; + bool in_transaction = false; tmp_ctx = talloc_new(NULL); if (!tmp_ctx) { diff --git a/src/providers/ldap/sdap_async_services.c b/src/providers/ldap/sdap_async_services.c index bde5820d28c8dba4029a81fc541b90678aba9523..b472e4072eadee454616ba42bfca8f2b15dd059b 100644 --- a/src/providers/ldap/sdap_async_services.c +++ b/src/providers/ldap/sdap_async_services.c @@ -260,7 +260,7 @@ sdap_save_services(TALLOC_CTX *mem_ctx, errno_t ret, sret; time_t now; size_t i; - bool in_transaction; + bool in_transaction = false; char *higher_usn = NULL; char *usn_value; TALLOC_CTX *tmp_ctx; -- 1.7.7.6
From dab36760e6dde36c508d36baa1339d9a89cc0bd8 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 08:57:23 -0500 Subject: [PATCH 6/8] Fix bad failure handling in be_sudo_handler() If the dbus_message_get_args() failed, we would have been dereferencing a NULL be_req. Coverity #12490 --- src/providers/data_provider_be.c | 26 +++++++++++++------------- 1 files changed, 13 insertions(+), 13 deletions(-) diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 401b3a4002232420d2e681c2b328c9f612bd340b..2cea1933c0af83573bd5a703ab2f0630818d9fe5 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -720,6 +720,19 @@ static int be_sudo_handler(DBusMessage *message, struct sbus_connection *conn) return ENOMEM; } + /* create be request */ + be_req = talloc_zero(be_cli, struct be_req); + if (be_req == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n")); + dbus_message_unref(reply); + return ENOMEM; + } + + be_req->becli = be_cli; + be_req->be_ctx = be_cli->bectx; + be_req->pvt = reply; + be_req->fn = be_sudo_handler_callback; + /* get arguments */ dbus_error_init(&dbus_error); @@ -751,19 +764,6 @@ static int be_sudo_handler(DBusMessage *message, struct sbus_connection *conn) */ } - /* create be request */ - be_req = talloc_zero(be_cli, struct be_req); - if (be_req == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n")); - dbus_message_unref(reply); - return ENOMEM; - } - - be_req->becli = be_cli; - be_req->be_ctx = be_cli->bectx; - be_req->pvt = reply; - be_req->fn = be_sudo_handler_callback; - /* get and set sudo request data */ sudo_req = talloc_zero(be_req, struct be_sudo_req); if (sudo_req == NULL) { -- 1.7.7.6
From 49b52fb605e0fe9faaa935564ebec39b1a24db16 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 09:02:19 -0500 Subject: [PATCH 7/8] Check for failure in sss_packet_grow() Coverity #12489 --- src/responder/nss/nsssrv_services.c | 10 +++++----- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c index 3ce3d090271a5a182b37892d7ae1d570c1db1df7..0d2cf2bfcbb21a3a3556efffd0e0ea125e8209f5 100644 --- a/src/responder/nss/nsssrv_services.c +++ b/src/responder/nss/nsssrv_services.c @@ -33,8 +33,8 @@ #include "db/sysdb_services.h" struct getserv_ctx { + uint16_t port; struct tevent_context *ev; - uint16_t port; struct nss_dom_ctx *dctx; struct sss_domain_info **domains; @@ -681,10 +681,10 @@ fill_service(struct sss_packet *packet, } to_sized_string(&cased_proto, tmpstr); - sss_packet_grow(packet, 2 * sizeof(uint16_t) - + sizeof(uint32_t) - + cased_name.len - + cased_proto.len); + ret = sss_packet_grow(packet, 2 * sizeof(uint16_t) + + sizeof(uint32_t) + + cased_name.len + + cased_proto.len); if (ret != EOK) { num = 0; goto done; -- 1.7.7.6
From 55f18f3f3221bef302e4bc2fab4c91b2674ba4b4 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 13 Feb 2012 09:14:22 -0500 Subject: [PATCH 8/8] Fix uninitialized value error in proxy provider Coverity #12467 --- src/providers/proxy/proxy_id.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c index 206af294f1870b9a89de2ebee4e5f5a68b2fa3e5..ca647f891bbd4fb4a2c6377b20ca1f59d10eed41 100644 --- a/src/providers/proxy/proxy_id.c +++ b/src/providers/proxy/proxy_id.c @@ -130,7 +130,7 @@ static int save_user(struct sysdb_ctx *sysdb, bool lowercase, { const char *shell; char *lower; - struct sysdb_attrs *attrs; + struct sysdb_attrs *attrs = NULL; errno_t ret; if (pwd->pw_shell && pwd->pw_shell[0] != '\0') { -- 1.7.7.6
signature.asc
Description: This is a digitally signed message part
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
