All of these patches are fairly trivial one- or two-liners. They were detected by Coverity scan.
From 2cd1d3393b9cb9b4a7720e445240b06d71e0cd5a Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 11:35:26 -0400 Subject: [PATCH 01/12] Fix use-after-free
Coverity #12803
---
src/sss_client/sudo_testcli/sudo_testcli.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/sss_client/sudo_testcli/sudo_testcli.c b/src/sss_client/sudo_testcli/sudo_testcli.c
index d86fb75213e327e279e2908f1d4c57b5c43f8e97..50675f94320d6f2f43fa14d37b1788836d436d24 100644
--- a/src/sss_client/sudo_testcli/sudo_testcli.c
+++ b/src/sss_client/sudo_testcli/sudo_testcli.c
@@ -86,6 +86,7 @@ int main(int argc, char **argv)
}
sss_sudo_free_result(result);
+ result = NULL;
/* get rules */
--
1.7.10.4
From 47214e2754afa33379e3409e85bb1bdfdd838c87 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 11:37:49 -0400 Subject: [PATCH 02/12] Fix uninitialized variable Coverity #12802 --- src/providers/ldap/sdap_sudo.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c index 1d33b5dc47e5c3e95ebf3d4cd1ca29d3135a3fc8..0d590023055939876677010306cef4140bb5072e 100644 --- a/src/providers/ldap/sdap_sudo.c +++ b/src/providers/ldap/sdap_sudo.c @@ -841,6 +841,7 @@ static struct tevent_req *sdap_sudo_smart_refresh_send(TALLOC_CTX *mem_ctx, ldap_full_filter = sdap_sudo_get_filter(state, map, sudo_ctx, ldap_filter); if (ldap_full_filter == NULL) { + ret = ENOMEM; goto immediately; } -- 1.7.10.4
From 0f7c7e33cb7ab331b126ff4ad745d5f4cca25f50 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 11:39:47 -0400 Subject: [PATCH 03/12] Fix potential NULL-dereference Coverity #12801 --- src/responder/sudo/sudosrv_get_sudorules.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index 65e475fb20f24c5a0e64e0112a53912654dbc162..13e1224b44d49c7bd9d23245b6e286360720e934 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -325,7 +325,7 @@ errno_t sudosrv_get_rules(struct sudo_cmd_ctx *cmd_ctx) TALLOC_CTX *tmp_ctx = NULL; struct tevent_req *dpreq = NULL; struct dp_callback_ctx *cb_ctx = NULL; - struct sysdb_ctx *sysdb = cmd_ctx->domain->sysdb; + struct sysdb_ctx *sysdb; char **groupnames = NULL; size_t expired_rules_num = 0; struct sysdb_attrs **expired_rules = NULL; @@ -339,6 +339,8 @@ errno_t sudosrv_get_rules(struct sudo_cmd_ctx *cmd_ctx) return EFAULT; } + sysdb = cmd_ctx->domain->sysdb; + tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_new() failed\n")); -- 1.7.10.4
From c826e5dd69ef57869e27af2f8afefeb499be758d Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 11:41:23 -0400 Subject: [PATCH 04/12] Fix potential NULL-dereference Coverity #12800 --- src/responder/sudo/sudosrv_get_sudorules.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index 13e1224b44d49c7bd9d23245b6e286360720e934..10cef552f094584e6dc5642c808fd25f0520764a 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -448,7 +448,7 @@ sudosrv_dp_req_done(struct tevent_req *req) { struct dp_callback_ctx *cb_ctx = tevent_req_callback_data(req, struct dp_callback_ctx); - struct cli_ctx *cli_ctx = talloc_get_type(cb_ctx->cctx, struct cli_ctx); + struct cli_ctx *cli_ctx; errno_t ret; dbus_uint16_t err_maj; @@ -460,6 +460,7 @@ sudosrv_dp_req_done(struct tevent_req *req) talloc_free(req); return; } + cli_ctx = talloc_get_type(cb_ctx->cctx, struct cli_ctx); ret = sss_dp_get_sudoers_recv(cb_ctx->mem_ctx, req, &err_maj, &err_min, -- 1.7.10.4
From 8e1394753db4e2a76908c65b2ea13c9924d6486a Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 11:46:39 -0400 Subject: [PATCH 05/12] Fix incorrect return value in tests Coverity #12798 --- src/tests/krb5_utils-tests.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/tests/krb5_utils-tests.c b/src/tests/krb5_utils-tests.c index 581212997907100ef2de74853eb0eaf2230ec930..5fee4544bf05464f44a98fc6496403afa90eb0d6 100644 --- a/src/tests/krb5_utils-tests.c +++ b/src/tests/krb5_utils-tests.c @@ -389,6 +389,7 @@ START_TEST(test_cc_dir_create) ret = cc_dir_create(residual, illegal_re, uid, gid, true); fail_unless(ret == EOK, "cc_dir_create failed\n"); ret = rmdir(dirname); + if (ret < 0) ret = errno; fail_unless(ret == 0, "Cannot remove %s: %s\n", dirname, strerror(ret)); talloc_free(residual); @@ -401,6 +402,7 @@ START_TEST(test_cc_dir_create) ret = cc_dir_create(residual, illegal_re, uid, gid, true); fail_unless(ret == EOK, "cc_dir_create failed\n"); ret = rmdir(dirname); + if (ret < 0) ret = errno; fail_unless(ret == 0, "Cannot remove %s: %s\n", dirname, strerror(ret)); talloc_free(residual); free(cwd); -- 1.7.10.4
From baeacdaddd5425e2a36345a5c0175274232147e8 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 11:49:32 -0400 Subject: [PATCH 06/12] Fix potential NULL-dereference Coverity #12797 --- src/providers/ldap/sdap_async_sudo_hostinfo.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/providers/ldap/sdap_async_sudo_hostinfo.c b/src/providers/ldap/sdap_async_sudo_hostinfo.c index 99a9bc77a27a649e5e83c0855c024ce13c83e0b6..82b63296139483d0bb48ca0ced60aafdcb0ac245 100644 --- a/src/providers/ldap/sdap_async_sudo_hostinfo.c +++ b/src/providers/ldap/sdap_async_sudo_hostinfo.c @@ -281,7 +281,9 @@ static int sdap_sudo_get_ip_addresses(TALLOC_CTX *mem_ctx, char ***_ip_addr_list ip_addr, network_addr, netmask)); } - ip_addr_list[addr_count] = NULL; + if (ip_addr_list) { + ip_addr_list[addr_count] = NULL; + } *_ip_addr_list = talloc_steal(mem_ctx, ip_addr_list); done: -- 1.7.10.4
From 7587bf7986473dd766dec3f4a99907b03787f8ef Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 11:58:40 -0400 Subject: [PATCH 07/12] Fix uninitialized value return Coverity #12786 --- src/tests/krb5_child-test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tests/krb5_child-test.c b/src/tests/krb5_child-test.c index 760b9586164b17fb28c4bacced52730104843a26..82252a6104767d14eceed54e812a777c1b310e3f 100644 --- a/src/tests/krb5_child-test.c +++ b/src/tests/krb5_child-test.c @@ -369,7 +369,7 @@ print_ccache(const char *cc) krb5_creds creds; char *defname = NULL; int i = 1; - errno_t ret; + errno_t ret = EIO; kret = krb5_init_context(&kcontext); CHECK_KRET_L(kret, EIO, done); -- 1.7.10.4
From 41daa7038719a633327eb87b633b564256519908 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 12:05:37 -0400 Subject: [PATCH 08/12] Fix uninitialized memcpy error Coverity #12784 --- src/providers/krb5/krb5_child_handler.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/providers/krb5/krb5_child_handler.c b/src/providers/krb5/krb5_child_handler.c index 6343f3b5355b62f50b4412a737b81a701538c143..0526ff019f2ced739cea6154e048aa0c45e16e6a 100644 --- a/src/providers/krb5/krb5_child_handler.c +++ b/src/providers/krb5/krb5_child_handler.c @@ -444,6 +444,8 @@ parse_krb5_child_response(TALLOC_CTX *mem_ctx, uint8_t *buf, ssize_t len, return EINVAL; } + memset(&tgtt, 0, sizeof(struct tgt_times)); + if (pwd_exp_warning < 0) { pwd_exp_warning = KERBEROS_PWEXPIRE_WARNING_TIME; } -- 1.7.10.4
From 5b9f1ffa62a503eb230dfa23e3941c243d4d5eee Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 12:07:17 -0400 Subject: [PATCH 09/12] Avoid NULL-dereference in error-handling Coverity #12783 --- src/tests/krb5_child-test.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/tests/krb5_child-test.c b/src/tests/krb5_child-test.c index 82252a6104767d14eceed54e812a777c1b310e3f..4d39e1c007effaaf2b4642d8dbdfbf9fb48df49f 100644 --- a/src/tests/krb5_child-test.c +++ b/src/tests/krb5_child-test.c @@ -551,7 +551,9 @@ main(int argc, const char *argv[]) ret = 0; done: - if (rm_ccache && ctx->res && ctx->res->ccname) { + if (rm_ccache && ctx->res + && ctx->res->ccname + && ctx->kr) { ctx->kr->krb5_ctx->cc_be->remove(ctx->res->ccname); } free(password); -- 1.7.10.4
From e848e8924c71fa80d3574e01b5486a78046aa952 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 12:09:17 -0400 Subject: [PATCH 10/12] Add missing return value check Coverity #12782 --- src/tests/krb5_child-test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tests/krb5_child-test.c b/src/tests/krb5_child-test.c index 4d39e1c007effaaf2b4642d8dbdfbf9fb48df49f..5314b1277a4c68227e5d0fcc53de0ef2d1b43d74 100644 --- a/src/tests/krb5_child-test.c +++ b/src/tests/krb5_child-test.c @@ -396,7 +396,7 @@ print_ccache(const char *cc) krb5_free_cred_contents(kcontext, &creds); } - krb5_cc_end_seq_get(kcontext, cache, &cur); + kret = krb5_cc_end_seq_get(kcontext, cache, &cur); CHECK_KRET_L(kret, EIO, done); ret = EOK; -- 1.7.10.4
From b6d338f259a2cead994a1c87d56935591dfd4cba Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 12:12:50 -0400 Subject: [PATCH 11/12] Check for errors from krb5_unparse_name Coverity #12781 --- src/util/sss_krb5.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c index 8180d73d531a42ac5b9e0df8275b32e2a5fd86b2..24229f8b3694c4a33351e771f5d5bbe111982848 100644 --- a/src/util/sss_krb5.c +++ b/src/util/sss_krb5.c @@ -327,7 +327,14 @@ int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name, found = false; while((krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ - krb5_unparse_name(context, entry.principal, &kt_principal); + krberr = krb5_unparse_name(context, entry.principal, &kt_principal); + if (krberr) { + DEBUG(SSSDBG_FATAL_FAILURE, + ("Could not parse keytab entry\n")); + sss_log(SSS_LOG_ERR, "Could not parse keytab entry\n"); + return EIO; + } + if (strcmp(principal, kt_principal) == 0) { found = true; } -- 1.7.10.4
From 57105078366a824bc0ac0dd9e7d5c44c1feb8a13 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Mon, 9 Jul 2012 12:14:59 -0400 Subject: [PATCH 12/12] Fix incorrect error-check Coverity #12770 --- src/providers/ldap/sdap_async_groups.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index 858c8c90c6478b8c113cda797e267de6b58ad00b..1c651c1a8d133f6a8b8ad9b2f1f785e639658cfc 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -1007,7 +1007,7 @@ sdap_process_missing_member_2307(struct sdap_process_group_state *state, goto done; } user_dn = sysdb_user_strdn(tmp_ctx, state->dom->name, username); - if (username == NULL) { + if (user_dn == NULL) { return ENOMEM; } -- 1.7.10.4
signature.asc
Description: This is a digitally signed message part
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
