oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

hdb: Fix warnings and leaks

Browse Source
This commit is contained in:
Nicolas Williams
2021-03-28 17:55:14 -05:00
parent fb553dde1d
commit 4f8399a433
9 changed files with 44 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
lib/hdb/common.c
View File

@@ -433,14 +433,8 @@ hdb_derive_etypes(krb5_context context, hdb_entry *e, HDB_Ext_KeySet *base_keys)
free(e->etypes->val);
e->etypes->len = 0;
e->etypes->val = 0;
}
if (e->etypes == NULL &&
(e->etypes = malloc(sizeof(e->etypes[0]))) == NULL)
} else if ((e->etypes = calloc(1, sizeof(e->etypes[0]))) == NULL) {
ret = krb5_enomem(context);
if (ret == 0) {
e->etypes->len = 0;
e->etypes->val = 0;
}
if (ret == 0 &&
(e->etypes->val = calloc(netypes, sizeof(e->etypes->val[0]))) == NULL)
@@ -516,7 +510,9 @@ _hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry)
if (code)
return code;
hdb_principal2key(context, entry->entry.principal, &key);
code = hdb_principal2key(context, entry->entry.principal, &key);
if (code)
return code;
/* remove aliases */
code = hdb_remove_aliases(context, db, &key);
@@ -554,8 +550,9 @@ _hdb_remove(krb5_context context, HDB *db,
* HDB_entry_alias instead and assume it's an entry if decoding fails...
*/
hdb_principal2key(context, principal, &key);
code = db->hdb__get(context, db, key, &value);
code = hdb_principal2key(context, principal, &key);
if (code == 0)
code = db->hdb__get(context, db, key, &value);
if (code == 0) {
code = decode_HDB_EntryOrAlias(value.data, value.length, &eoa, NULL);
krb5_data_free(&value);
@@ -573,7 +570,8 @@ _hdb_remove(krb5_context context, HDB *db,
return code;
}
code = hdb_remove_aliases(context, db, &key);
if (code == 0)
code = hdb_remove_aliases(context, db, &key);
if (code == 0)
code = db->hdb__del(context, db, key);
krb5_data_free(&key);
@@ -714,7 +712,7 @@ derive_keyset(krb5_context context,
{
dks->kvno = kvno;
dks->keys.val = 0;
dks->set_time = malloc(sizeof(*dks->set_time));
dks->set_time = malloc(sizeof(*(dks->set_time)));
if (dks->set_time == NULL)
return krb5_enomem(context);
*dks->set_time = set_time;
@@ -1136,7 +1134,7 @@ derive_keys(krb5_context context,
* the KDC won't issue tickets longer lived than this.
*/
if (ret == 0 && !h->entry.max_life &&
(h->entry.max_life = malloc(sizeof(h->entry.max_life[0]))) == NULL)
(h->entry.max_life = calloc(1, sizeof(h->entry.max_life[0]))) == NULL)
ret = krb5_enomem(context);
if (ret == 0 && *h->entry.max_life > kr.val[current_kr].period >> 1)
*h->entry.max_life = kr.val[current_kr].period >> 1;

4
lib/hdb/ext.c
View File

@@ -712,7 +712,7 @@ hdb_entry_add_key_rotation(krb5_context context,
{
krb5_error_code ret;
HDB_extension new_ext;
HDB_extension *ext = 0;
HDB_extension *ext = &new_ext;
KeyRotation tmp;
size_t i, sz;
@@ -734,8 +734,6 @@ hdb_entry_add_key_rotation(krb5_context context,
ext = hdb_find_extension(entry, choice_HDB_extension_data_key_rotation);
if (!ext)
ext = &new_ext;
else
krs = &ext->data.u.key_rotation;
} else {
const KeyRotation *prev_kr = &krs->val[0];
unsigned int last_kvno = 0;

5
lib/hdb/hdb-ldap.c
View File

@@ -1172,6 +1172,11 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
ret = hex_decode(ntPasswordIN,
ent->entry.keys.val[ent->entry.keys.len].key.keyvalue.data, 16);
ent->entry.keys.len++;
if (ret == -1) {
krb5_set_error_message(context, ret = EINVAL,
"invalid hex encoding of password");
goto out;
}
if (ent->entry.etypes == NULL) {
ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes)));

10
lib/hdb/hdb-mitdb.c
View File

@@ -555,7 +555,7 @@ _hdb_mdb_value2entry(krb5_context context, krb5_data *data,
goto out;
}
CHECK(ret = krb5_parse_name(context, p, &modby));
ret = hdb_set_last_modified_by(context, entry, modby, u32);
CHECK(ret = hdb_set_last_modified_by(context, entry, modby, u32));
krb5_free_principal(context, modby);
free(p);
break;
@@ -1435,8 +1435,10 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
if (tl_length) {
buf = malloc(tl_length);
if (!buf) return ENOMEM;
if (getdata(&p, buf, tl_length, reading_what) != tl_length)
if (getdata(&p, buf, tl_length, reading_what) != tl_length) {
free(buf);
return EINVAL;
}
sz = krb5_storage_write(sp, buf, tl_length);
free(buf);
if (sz != tl_length) return ENOMEM;
@@ -1478,8 +1480,10 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
if (keylen) {
buf = malloc(keylen);
if (!buf) return ENOMEM;
if (getdata(&p, buf, keylen, "key (or salt) data") != keylen)
if (getdata(&p, buf, keylen, "key (or salt) data") != keylen) {
free(buf);
return EINVAL;
}
sz = krb5_storage_write(sp, buf, keylen);
free(buf);
if (sz != keylen) return ENOMEM;

8
lib/hdb/hdb.c
View File

@@ -312,12 +312,12 @@ hdb_install_keyset(krb5_context context,
(ret = hdb_add_current_keys_to_history(context, e)))
return ret;
free_Keys(&e->keys);
e->kvno = ks->kvno;
if (ret == 0)
ret = copy_Keys(&ks->keys, &e->keys);
e->kvno = ks->kvno;
if (ks->set_time)
return hdb_entry_set_pw_change_time(context, e, *ks->set_time);
return 0;
if (ret == 0 && ks->set_time)
ret = hdb_entry_set_pw_change_time(context, e, *ks->set_time);
return ret;
}
return hdb_add_history_keyset(context, e, ks);
}

2
lib/hdb/keys.c
View File

@@ -305,7 +305,7 @@ hdb_add_history_keyset(krb5_context context,
HDB_Ext_KeySet *hist_keys;
HDB_extension ext;
HDB_extension *extp;
krb5_error_code ret;
krb5_error_code ret = 0;
memset(&ext, 0, sizeof (ext));

5
lib/hdb/keytab.c
View File

@@ -160,8 +160,11 @@ find_db (krb5_context context,
}
hdb_free_dbinfo(context, &head);
if (*dbname == NULL &&
(*dbname = strdup(hdb_default_db(context))) == NULL)
(*dbname = strdup(hdb_default_db(context))) == NULL) {
free(*mkey);
*mkey = NULL;
return krb5_enomem(context);
}
return 0;
}

6
lib/hdb/test_concurrency.c
View File

@@ -172,6 +172,8 @@ forked_reader(struct tsync *s)
while ((bytes = read(s->reader_go_pipe[0], b, sizeof(b))) == -1 &&
errno == EINTR)
;
if (bytes == -1)
err(1, "Could not read from reader-go pipe (error)");
/* Open a new HDB handle to read */
if ((ret = hdb_create(context, &dbr, s->hdb_name))) {
@@ -195,6 +197,8 @@ forked_reader(struct tsync *s)
while ((bytes = write(s->writer_go_pipe[1], "", sizeof(""))) == -1 &&
errno == EINTR)
;
if (bytes == -1)
err(1, "Could not write to writer-go pipe (error)");
/* Wait for the writer to have written one more entry to the HDB */
@@ -231,6 +235,8 @@ forked_reader(struct tsync *s)
while ((bytes = write(s->writer_go_pipe[1], "", sizeof(""))) == -1 &&
errno == EINTR)
;
if (bytes == -1)
err(1, "Could not write to writer-go pipe (error)");
dbr->hdb_close(context, dbr);
dbr->hdb_destroy(context, dbr);

10
lib/hdb/test_namespace.c
View File

@@ -151,14 +151,13 @@ TDB__put(krb5_context context, HDB *db, int rplc, krb5_data kd, krb5_data vd)
{
krb5_error_code ret = 0;
TEST_HDB *tdb = (void *)db;
heim_object_t e = NULL;
heim_object_t k = NULL;
heim_object_t v = NULL;
if ((k = heim_data_create(kd.data, kd.length)) == NULL ||
(v = heim_data_create(vd.data, vd.length)) == NULL)
ret = krb5_enomem(context);
if (ret == 0 && !rplc && (e = heim_dict_get_value(tdb->dict, k)) != NULL)
if (ret == 0 && !rplc && heim_dict_get_value(tdb->dict, k) != NULL)
ret = HDB_ERR_EXISTS;
if (ret == 0 && heim_dict_set_value(tdb->dict, k, v))
ret = krb5_enomem(context);
@@ -172,11 +171,11 @@ TDB__del(krb5_context context, HDB *db, krb5_data key)
{
krb5_error_code ret = 0;
TEST_HDB *tdb = (void *)db;
heim_object_t k, v;
heim_object_t k;
if ((k = heim_data_create(key.data, key.length)) == NULL)
ret = krb5_enomem(context);
if (ret == 0 && (v = heim_dict_get_value(tdb->dict, k)) == NULL)
if (ret == 0 && heim_dict_get_value(tdb->dict, k) == NULL)
ret = HDB_ERR_NOENTRY;
if (ret == 0)
heim_dict_delete_key(tdb->dict, k);
@@ -198,7 +197,8 @@ hdb_test_create(krb5_context context, struct HDB **db, const char *arg)
if ((tdb = calloc(1, sizeof(tdb[0]))) == NULL ||
(tdb->hdb.hdb_name = strdup(arg)) == NULL ||
(tdb->dict = heim_dict_create(10)) == NULL) {
free(tdb->hdb.hdb_name);
if (tdb)
free(tdb->hdb.hdb_name);
free(tdb);
return krb5_enomem(context);
}