check return copy_Realm, copy_PrincipalName, copy_EncryptionKey

The ASN.1 functions copy_Realm(), copy_PrincipalName() and copy_EncryptionKey() can fail. Check the return and perform error handling as appropriate. Change-Id: I2b3629d19db96eb41d1cd554cef1dca99745e753
2017-04-29 15:22:23 -04:00
parent cb1ab5b5fc
commit 6f3ab01c75
6 changed files with 53 additions and 17 deletions
--- a/lib/krb5/build_auth.c
+++ b/lib/krb5/build_auth.c
@@ -117,8 +117,12 @@ _krb5_build_authenticator (krb5_context context,
    memset(&auth, 0, sizeof(auth));

    auth.authenticator_vno = 5;
-    copy_Realm(&cred->client->realm, &auth.crealm);
-    copy_PrincipalName(&cred->client->name, &auth.cname);
+    ret = copy_Realm(&cred->client->realm, &auth.crealm);
+    if (ret)
+	goto fail;
+    ret = copy_PrincipalName(&cred->client->name, &auth.cname);
+    if (ret)
+	goto fail;

    krb5_us_timeofday (context, &auth.ctime, &auth.cusec);

--- a/lib/krb5/get_for_creds.c
+++ b/lib/krb5/get_for_creds.c
@@ -355,11 +355,17 @@ krb5_get_forwarded_creds (krb5_context	    context,

    krb_cred_info = enc_krb_cred_part.ticket_info.val;

-    copy_EncryptionKey (&out_creds->session, &krb_cred_info->key);
+    ret = copy_EncryptionKey (&out_creds->session, &krb_cred_info->key);
+    if (ret)
+	goto out4;
    ALLOC(krb_cred_info->prealm, 1);
-    copy_Realm (&out_creds->client->realm, krb_cred_info->prealm);
+    ret = copy_Realm (&out_creds->client->realm, krb_cred_info->prealm);
+    if (ret)
+	goto out4;
    ALLOC(krb_cred_info->pname, 1);
-    copy_PrincipalName(&out_creds->client->name, krb_cred_info->pname);
+    ret = copy_PrincipalName(&out_creds->client->name, krb_cred_info->pname);
+    if (ret)
+	goto out4;
    ALLOC(krb_cred_info->flags, 1);
    *krb_cred_info->flags          = out_creds->flags.b;
    ALLOC(krb_cred_info->authtime, 1);
@@ -371,11 +377,17 @@ krb5_get_forwarded_creds (krb5_context	    context,
    ALLOC(krb_cred_info->renew_till, 1);
    *krb_cred_info->renew_till = out_creds->times.renew_till;
    ALLOC(krb_cred_info->srealm, 1);
-    copy_Realm (&out_creds->server->realm, krb_cred_info->srealm);
+    ret = copy_Realm (&out_creds->server->realm, krb_cred_info->srealm);
+    if (ret)
+	goto out4;
    ALLOC(krb_cred_info->sname, 1);
-    copy_PrincipalName (&out_creds->server->name, krb_cred_info->sname);
+    ret = copy_PrincipalName (&out_creds->server->name, krb_cred_info->sname);
+    if (ret)
+	goto out4;
    ALLOC(krb_cred_info->caddr, 1);
-    copy_HostAddresses (&out_creds->addresses, krb_cred_info->caddr);
+    ret = copy_HostAddresses (&out_creds->addresses, krb_cred_info->caddr);
+    if (ret)
+	goto out4;

    krb5_free_creds (context, out_creds);

--- a/lib/krb5/rd_cred.c
+++ b/lib/krb5/rd_cred.c
@@ -271,7 +271,11 @@ krb5_rd_cred(krb5_context context,
 	}
 	if(creds->ticket.length != len)
 	    krb5_abortx(context, "internal error in ASN.1 encoder");
-	copy_EncryptionKey (&kci->key, &creds->session);
+	ret = copy_EncryptionKey (&kci->key, &creds->session);
+	if (ret) {
+	    krb5_free_creds(context, creds);
+	    goto out;
+	}
 	if (kci->prealm && kci->pname)
 	    _krb5_principalname2krb5_principal (context,
 						&creds->client,