oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(krb5_parse_name): check memory allocations

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7282 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1999-10-28 23:37:40 +00:00
parent 6c949f55e9
commit aff9338312
1 changed files with 39 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
lib/krb5/principal.c
View File

@@ -68,7 +68,7 @@ krb5_parse_name(krb5_context context,
const char *name, const char *name,
krb5_principal *principal) krb5_principal *principal)
{ {
krb5_error_code ret;
general_string *comp; general_string *comp;
general_string realm; general_string realm;
int ncomp; int ncomp;
@@ -93,9 +93,15 @@ krb5_parse_name(krb5_context context,
ncomp++; ncomp++;
} }
comp = calloc(ncomp, sizeof(*comp)); comp = calloc(ncomp, sizeof(*comp));
if (comp == NULL)
return ENOMEM;
n = 0; n = 0;
start = q = p = s = strdup(name); start = q = p = s = strdup(name);
if (start == NULL) {
free (comp);
return ENOMEM;
}
while(*p){ while(*p){
c = *p++; c = *p++;
if(c == '\\'){ if(c == '\\'){
@@ -110,15 +116,14 @@ krb5_parse_name(krb5_context context,
c = '\0'; c = '\0';
}else if(c == '/' || c == '@'){ }else if(c == '/' || c == '@'){
if(got_realm){ if(got_realm){
exit: ret = KRB5_PARSE_MALFORMED;
while(n>0){ goto exit;
free(comp[--n]);
}
free(comp);
free(s);
return KRB5_PARSE_MALFORMED;
}else{ }else{
comp[n] = malloc(q - start + 1); comp[n] = malloc(q - start + 1);
if (comp[n] == NULL) {
ret = ENOMEM;
goto exit;
}
strncpy(comp[n], start, q - start); strncpy(comp[n], start, q - start);
comp[n][q - start] = 0; comp[n][q - start] = 0;
n++; n++;
@@ -128,29 +133,52 @@ krb5_parse_name(krb5_context context,
start = q; start = q;
continue; continue;
} }
if(got_realm && (c == ':' || c == '/' || c == '\0')) if(got_realm && (c == ':' || c == '/' || c == '\0')) {
ret = KRB5_PARSE_MALFORMED;
goto exit; goto exit;
}
*q++ = c; *q++ = c;
} }
if(got_realm){ if(got_realm){
realm = malloc(q - start + 1); realm = malloc(q - start + 1);
if (realm == NULL) {
ret = ENOMEM;
goto exit;
}
strncpy(realm, start, q - start); strncpy(realm, start, q - start);
realm[q - start] = 0; realm[q - start] = 0;
}else{ }else{
krb5_get_default_realm (context, &realm); ret = krb5_get_default_realm (context, &realm);
if (ret)
goto exit;
comp[n] = malloc(q - start + 1); comp[n] = malloc(q - start + 1);
if (comp[n] == NULL) {
ret = ENOMEM;
goto exit;
}
strncpy(comp[n], start, q - start); strncpy(comp[n], start, q - start);
comp[n][q - start] = 0; comp[n][q - start] = 0;
n++; n++;
} }
*principal = malloc(sizeof(**principal)); *principal = malloc(sizeof(**principal));
if (*principal == NULL) {
ret = ENOMEM;
goto exit;
}
(*principal)->name.name_type = KRB5_NT_PRINCIPAL; (*principal)->name.name_type = KRB5_NT_PRINCIPAL;
(*principal)->name.name_string.val = comp; (*principal)->name.name_string.val = comp;
princ_num_comp(*principal) = n; princ_num_comp(*principal) = n;
(*principal)->realm = realm; (*principal)->realm = realm;
free(s); free(s);
return 0; return 0;
exit:
while(n>0){
free(comp[--n]);
}
free(comp);
free(s);
return ret;
} }
static const char quotable_chars[] = "\n\t\b\\/@"; static const char quotable_chars[] = "\n\t\b\\/@";
@@ -403,7 +431,7 @@ krb5_make_principal(krb5_context context,
krb5_error_code ret; krb5_error_code ret;
krb5_realm r = NULL; krb5_realm r = NULL;
va_list ap; va_list ap;
if(realm == NULL){ if(realm == NULL) {
ret = krb5_get_default_realm(context, &r); ret = krb5_get_default_realm(context, &r);
if(ret) if(ret)
return ret; return ret;