On Tue, Oct 15, 2013 at 01:59:28PM +0200, Pavel Březina wrote: > On 10/14/2013 11:50 AM, Lukas Slebodnik wrote: > >ehlo, > > > >yet another warning from clang static analyser. > > > >sss_krb5_princ_realm set output parameter realm to NULL and len to 0 > >in case of failure. Clang static analysers repoted warning > >"Null pointer passed as an argument to a 'nonnull' parameter" > >in function match_principal. It was possible, that realm_name with value NULL > >could be used in strncmp. > > > >Function sss_krb5_princ_realm is used on other places for > >printing(formatting) > >realm_name and NULL can be safely used as a argument for printf-like > >functions. > > > >Patch is attached. > > > >LS > > The returned value should be checked on other references as well.
Hi Lukas, are you planning to update this patch? I think it would be a good idea. Additionally I would like to ask you if you can fix the HAVE_KRB5_PRINCIPAL_GET_REALM branch of sss_krb5_princ_realm(). Since krb5_principal_get_realm() may return NULL I think it is not a good idea to call strlen() unconditionally. bye, Sumit > > _______________________________________________ > sssd-devel mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-devel _______________________________________________ sssd-devel mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
