[SSSD] Re: [PATCH] IPA_SUDO: Prevent dereference of NULL pointer

Thu, 14 Apr 2016 05:37:16 -0700 

On (14/04/16 14:07), Pavel Březina wrote:
>Hi,
>good catch.
>
>On 04/14/2016 10:27 AM, Luka
>>      DLIST_FOR_EACH(listitem, list) {
>>          cmdgroup = ipa_sudo_conv_lookup(conv->cmdgroups, listitem->dn);
>>+        if (cmdgroup == NULL) {
>>+            DEBUG(SSSDBG_CRIT_FAILURE,
>>+                  "ipa_sudo_conv_lookup failed for DN:%s\n", listitem->dn);
>>+            continue;
>
>If you consider it a critical failure we should return here, so I'd recommend
>using SSSSDBG_MINOR_FAILURE if we will just skip it. I'm fine either way.
SSSSDBG_MINOR_FAILURE should be enough.

updated version is attached.

LS

>From 097ddecfd4c55c540bfa9c13b376279e2769a70c Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <[email protected]>
Date: Wed, 13 Apr 2016 17:29:57 +0200
Subject: [PATCH] IPA_SUDO: Prevent dereference of NULL pointer

Error: NULL_RETURNS (CWE-476): [#def31]
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:964:
    returned_null: "ipa_sudo_conv_lookup" returns null.
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:149:9:
    return_null: Explicitly returning null.
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:964:
    var_assigned: Assigning: "cmdgroup" = null return value
                  from "ipa_sudo_conv_lookup".
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:966:
    dereference: Dereferencing a null pointer "cmdgroup".
 #  964|           cmdgroup = ipa_sudo_conv_lookup(conv->cmdgroups, 
listitem->dn);
 #  965|
 #  966|->         ret = add_strings_lists(mem_ctx, values, cmdgroup->expanded,
 #  967|                                   false, discard_const(&values));
 #  968|           if (ret != EOK) {
---
 src/providers/ipa/ipa_sudo_conversion.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/providers/ipa/ipa_sudo_conversion.c 
b/src/providers/ipa/ipa_sudo_conversion.c
index 
278fee600369e3002cc177313c1ce9f6131c08f7..1286bf35112cbd5e529654708b9d58dbb5af62ff
 100644
--- a/src/providers/ipa/ipa_sudo_conversion.c
+++ b/src/providers/ipa/ipa_sudo_conversion.c
@@ -962,6 +962,11 @@ combine_cmdgroups(TALLOC_CTX *mem_ctx,
 
     DLIST_FOR_EACH(listitem, list) {
         cmdgroup = ipa_sudo_conv_lookup(conv->cmdgroups, listitem->dn);
+        if (cmdgroup == NULL) {
+            DEBUG(SSSDBG_MINOR_FAILURE,
+                  "ipa_sudo_conv_lookup failed for DN:%s\n", listitem->dn);
+            continue;
+        }
 
         ret = add_strings_lists(mem_ctx, values, cmdgroup->expanded,
                                 false, discard_const(&values));
-- 
2.7.3


_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/admin/lists/[email protected]

Reply via email to