Check return value from asprintf instead of string != NULL since it
undefined behavior on Linux. From Björn Sandell git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16220 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -325,6 +325,10 @@ send_krb5_auth(int s,
|
||||
do_encrypt ? "-x " : "",
|
||||
cmd,
|
||||
remote_user);
|
||||
if (cksum_data.length == -1) {
|
||||
warnx ("%s: failed to allocate command", hostname);
|
||||
return 1;
|
||||
}
|
||||
|
||||
ap_opts = 0;
|
||||
|
||||
|
||||
@@ -376,6 +376,8 @@ recv_krb5_auth (int s, u_char *buf,
|
||||
ntohs(socket_get_port (thisaddr)),
|
||||
*cmd,
|
||||
*server_username);
|
||||
if (cksum_data.length == -1)
|
||||
syslog_and_die ("asprintf: out of memory");
|
||||
|
||||
status = krb5_verify_authenticator_checksum(context,
|
||||
auth_context,
|
||||
@@ -632,19 +634,25 @@ setup_environment (char ***env, const struct passwd *pwd)
|
||||
e = *env;
|
||||
e = realloc(e, (i + 7) * sizeof(char *));
|
||||
|
||||
asprintf (&e[i++], "USER=%s", pwd->pw_name);
|
||||
asprintf (&e[i++], "HOME=%s", pwd->pw_dir);
|
||||
asprintf (&e[i++], "SHELL=%s", pwd->pw_shell);
|
||||
if (asprintf (&e[i++], "USER=%s", pwd->pw_name) == -1)
|
||||
syslog_and_die ("asprintf: out of memory");
|
||||
if (asprintf (&e[i++], "HOME=%s", pwd->pw_dir) == -1)
|
||||
syslog_and_die ("asprintf: out of memory");
|
||||
if (asprintf (&e[i++], "SHELL=%s", pwd->pw_shell) == -1)
|
||||
syslog_and_die ("asprintf: out of memory");
|
||||
if (! path) {
|
||||
asprintf (&e[i++], "PATH=%s", _PATH_DEFPATH);
|
||||
if (asprintf (&e[i++], "PATH=%s", _PATH_DEFPATH) == -1)
|
||||
syslog_and_die ("asprintf: out of memory");
|
||||
}
|
||||
asprintf (&e[i++], "SSH_CLIENT=only_to_make_bash_happy");
|
||||
#if defined(DCE)
|
||||
if (getenv("KRB5CCNAME"))
|
||||
asprintf (&e[i++], "KRB5CCNAME=%s", getenv("KRB5CCNAME"));
|
||||
if (asprintf (&e[i++], "KRB5CCNAME=%s", getenv("KRB5CCNAME")) == -1)
|
||||
syslog_and_die ("asprintf: out of memory");
|
||||
#else
|
||||
if (do_unique_tkfile)
|
||||
asprintf (&e[i++], "KRB5CCNAME=%s", tkfile);
|
||||
if (asprintf (&e[i++], "KRB5CCNAME=%s", tkfile) == -1)
|
||||
syslog_and_die ("asprintf: out of memory");
|
||||
#endif
|
||||
e[i++] = NULL;
|
||||
*env = e;
|
||||
|
||||
17
appl/su/su.c
17
appl/su/su.c
@@ -248,8 +248,10 @@ krb5_start_session(void)
|
||||
|
||||
ret = krb5_cc_copy_cache(context, ccache, ccache2);
|
||||
|
||||
asprintf(&cc_name, "%s:%s", krb5_cc_get_type(context, ccache2),
|
||||
krb5_cc_get_name(context, ccache2));
|
||||
ret = asprintf(&cc_name, "%s:%s", krb5_cc_get_type(context, ccache2),
|
||||
krb5_cc_get_name(context, ccache2));
|
||||
if (ret == -1)
|
||||
errx(1, "malloc - out of memory");
|
||||
esetenv("KRB5CCNAME", cc_name, 1);
|
||||
|
||||
/* we want to export this even if we don't directly support KRB4 */
|
||||
@@ -299,9 +301,11 @@ krb_verify(const struct passwd *login_info,
|
||||
krb_kuserok(name, instance, realm, su_info->pw_name) == 0) {
|
||||
char password[128];
|
||||
char *prompt;
|
||||
asprintf (&prompt,
|
||||
ret = asprintf (&prompt,
|
||||
"%s's Password: ",
|
||||
krb_unparse_name_long (name, instance, realm));
|
||||
if (ret == -1)
|
||||
return (1);
|
||||
if (UI_UTIL_read_pw_string (password, sizeof (password), prompt, 0)) {
|
||||
memset (password, 0, sizeof (password));
|
||||
free(prompt);
|
||||
@@ -515,9 +519,10 @@ main(int argc, char **argv)
|
||||
if (args == NULL)
|
||||
err (1, "malloc");
|
||||
i = 0;
|
||||
if(full_login)
|
||||
asprintf(&args[i++], "-%s", p);
|
||||
else
|
||||
if(full_login) {
|
||||
if (asprintf(&args[i++], "-%s", p) == -1)
|
||||
errx (1, "malloc");
|
||||
} else
|
||||
args[i++] = p;
|
||||
if (cmd) {
|
||||
args[i++] = "-c";
|
||||
|
||||
Reference in New Issue
Block a user