check malloc and strdup
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4129 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
@@ -161,7 +161,12 @@ int krb4_mic(char *msg)
|
|||||||
MSG_DAT m_data;
|
MSG_DAT m_data;
|
||||||
char *tmp, *cmd;
|
char *tmp, *cmd;
|
||||||
|
|
||||||
cmd = strdup(msg);
|
cmd = malloc(strlen(msg) + 1);
|
||||||
|
|
||||||
|
if (cmd == NULL) {
|
||||||
|
reply(451, "Failed to allocate memory.");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
len = base64_decode(msg, cmd);
|
len = base64_decode(msg, cmd);
|
||||||
if(len < 0){
|
if(len < 0){
|
||||||
@@ -172,18 +177,22 @@ int krb4_mic(char *msg)
|
|||||||
kerror = krb_rd_safe(cmd, len, &auth_dat.session,
|
kerror = krb_rd_safe(cmd, len, &auth_dat.session,
|
||||||
&his_addr, &ctrl_addr, &m_data);
|
&his_addr, &ctrl_addr, &m_data);
|
||||||
|
|
||||||
|
free(cmd);
|
||||||
if(kerror){
|
if(kerror){
|
||||||
reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
|
reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
|
||||||
free(cmd);
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
tmp = malloc(strlen(msg) + 1);
|
tmp = malloc(strlen(msg) + 1);
|
||||||
snprintf(tmp, strlen(msg) + 1, "%.*s", (int)m_data.app_length, m_data.app_data);
|
if (tmp == NULL) {
|
||||||
|
reply(451, "Failed to allocate memory.");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
snprintf(tmp, strlen(msg) + 1, "%.*s",
|
||||||
|
(int)m_data.app_length, m_data.app_data);
|
||||||
if(!strstr(tmp, "\r\n"))
|
if(!strstr(tmp, "\r\n"))
|
||||||
strcat(tmp, "\r\n");
|
strcat(tmp, "\r\n");
|
||||||
new_ftp_command(tmp);
|
new_ftp_command(tmp);
|
||||||
free(cmd);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -202,7 +211,7 @@ int krb4_enc(char *msg)
|
|||||||
MSG_DAT m_data;
|
MSG_DAT m_data;
|
||||||
char *tmp, *cmd;
|
char *tmp, *cmd;
|
||||||
|
|
||||||
cmd = strdup(msg);
|
cmd = malloc(strlen(msg) + 1);
|
||||||
|
|
||||||
len = base64_decode(msg, cmd);
|
len = base64_decode(msg, cmd);
|
||||||
if(len < 0){
|
if(len < 0){
|
||||||
@@ -212,19 +221,22 @@ int krb4_enc(char *msg)
|
|||||||
}
|
}
|
||||||
kerror = krb_rd_priv(cmd, len, schedule, &auth_dat.session,
|
kerror = krb_rd_priv(cmd, len, schedule, &auth_dat.session,
|
||||||
&his_addr, &ctrl_addr, &m_data);
|
&his_addr, &ctrl_addr, &m_data);
|
||||||
|
free(cmd);
|
||||||
|
|
||||||
if(kerror){
|
if(kerror){
|
||||||
reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
|
reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
|
||||||
free(cmd);
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
tmp = strdup(msg);
|
tmp = malloc(strlen(msg) + 1);
|
||||||
|
if (tmp == NULL) {
|
||||||
|
reply(451, "Failed to allocate memory.");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
snprintf(tmp, strlen(msg) + 1, "%.*s", (int)m_data.app_length, m_data.app_data);
|
snprintf(tmp, strlen(msg) + 1, "%.*s", (int)m_data.app_length, m_data.app_data);
|
||||||
if(!strstr(tmp, "\r\n"))
|
if(!strstr(tmp, "\r\n"))
|
||||||
strcat(tmp, "\r\n");
|
strcat(tmp, "\r\n");
|
||||||
new_ftp_command(tmp);
|
new_ftp_command(tmp);
|
||||||
free(cmd);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -141,6 +141,7 @@ get_xsockets (int *unix_socket, int *tcp_socket)
|
|||||||
char *dir, *p;
|
char *dir, *p;
|
||||||
|
|
||||||
dir = strdup (X_UNIX_PATH);
|
dir = strdup (X_UNIX_PATH);
|
||||||
|
errx (1, "strdup: out of memory");
|
||||||
p = strrchr (dir, '/');
|
p = strrchr (dir, '/');
|
||||||
if (p)
|
if (p)
|
||||||
*p = '\0';
|
*p = '\0';
|
||||||
@@ -339,19 +340,29 @@ verify_and_remove_cookies (int fd, int sock)
|
|||||||
npad = (4 - (n % 4)) % 4;
|
npad = (4 - (n % 4)) % 4;
|
||||||
dpad = (4 - (d % 4)) % 4;
|
dpad = (4 - (d % 4)) % 4;
|
||||||
protocol_name = malloc(n + npad);
|
protocol_name = malloc(n + npad);
|
||||||
|
if (protocol_name == NULL)
|
||||||
|
return 1;
|
||||||
protocol_data = malloc(d + dpad);
|
protocol_data = malloc(d + dpad);
|
||||||
|
if (protocol_data == NULL)
|
||||||
|
goto fail;
|
||||||
if (krb_net_read (fd, protocol_name, n + npad) != n + npad)
|
if (krb_net_read (fd, protocol_name, n + npad) != n + npad)
|
||||||
return 1;
|
goto fail;
|
||||||
if (krb_net_read (fd, protocol_data, d + dpad) != d + dpad)
|
if (krb_net_read (fd, protocol_data, d + dpad) != d + dpad)
|
||||||
return 1;
|
goto fail;
|
||||||
if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0)
|
if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0)
|
||||||
return 1;
|
goto fail;
|
||||||
if (d != cookie_len ||
|
if (d != cookie_len ||
|
||||||
memcmp (protocol_data, cookie, cookie_len) != 0)
|
memcmp (protocol_data, cookie, cookie_len) != 0)
|
||||||
return 1;
|
goto fail;
|
||||||
|
free (protocol_name);
|
||||||
|
free (protocol_data);
|
||||||
if (krb_net_write (sock, zeros, 6) != 6)
|
if (krb_net_write (sock, zeros, 6) != 6)
|
||||||
return 1;
|
return 1;
|
||||||
return 0;
|
return 0;
|
||||||
|
fail:
|
||||||
|
free (protocol_name);
|
||||||
|
free (protocol_data);
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -601,6 +601,8 @@ main(int argc, char **argv)
|
|||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
errx(1, "Who are you?");
|
errx(1, "Who are you?");
|
||||||
user = strdup (p->pw_name);
|
user = strdup (p->pw_name);
|
||||||
|
if (user == NULL)
|
||||||
|
errx (1, "strdup: out of memory");
|
||||||
}
|
}
|
||||||
if (port == 0)
|
if (port == 0)
|
||||||
port = k_getportbyname ("kx", "tcp", htons(KX_PORT));
|
port = k_getportbyname ("kx", "tcp", htons(KX_PORT));
|
||||||
|
|||||||
Reference in New Issue
Block a user