oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

hdb: Fix coverity warnings

Browse Source 
This is a fix for a false positive that we can avoid by changing the
internal API in question.  Might as well.
This commit is contained in:
Nicolas Williams
2022-01-20 12:38:50 -06:00
parent d1564ce6e9
commit b991c4b2b3
4 changed files with 10 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/hdb/common.c
View File

@@ -999,7 +999,7 @@ derive_keys(krb5_context context,
base_keys.val = 0; base_keys.val = 0;
base_keys.len = 0; base_keys.len = 0;
if (ret == 0) if (ret == 0)
ret = hdb_remove_base_keys(context, h, &base_keys); ret = _hdb_remove_base_keys(context, h, &base_keys, &kr);
/* Make sure we have h->etypes */ /* Make sure we have h->etypes */
if (ret == 0 && !h->etypes) if (ret == 0 && !h->etypes)

32
lib/hdb/hdb.c
View File

@@ -232,38 +232,25 @@ hdb_remove_keys(krb5_context context,
* @param context Context * @param context Context
* @param e The HDB entry * @param e The HDB entry
* @param ks A pointer to a variable of type HDB_Ext_KeySet * @param ks A pointer to a variable of type HDB_Ext_KeySet
* @param ckr A pointer to stable (copied) HDB_Ext_KeyRotation
* *
* @return Zero on success, an error code otherwise. * @return Zero on success, an error code otherwise.
*/ */
krb5_error_code krb5_error_code
hdb_remove_base_keys(krb5_context context, _hdb_remove_base_keys(krb5_context context,
hdb_entry *e, hdb_entry *e,
HDB_Ext_KeySet *base_keys) HDB_Ext_KeySet *base_keys,
const HDB_Ext_KeyRotation *ckr)
{ {
krb5_error_code ret; krb5_error_code ret = 0;
const HDB_Ext_KeyRotation *ckr;
HDB_Ext_KeyRotation kr;
size_t i, k; size_t i, k;
ret = hdb_entry_get_key_rotation(context, e, &ckr);
if (!ckr)
return 0;
if (ret == 0) {
/*
* Changing the entry's extensions invalidates extensions obtained
* before the change.
*/
ret = copy_HDB_Ext_KeyRotation(ckr, &kr);
ckr = NULL;
}
base_keys->len = 0; base_keys->len = 0;
if (ret == 0 && if ((base_keys->val = calloc(ckr->len, sizeof(base_keys->val[0]))) == NULL)
(base_keys->val = calloc(kr.len, sizeof(base_keys->val[0]))) == NULL)
ret = krb5_enomem(context); ret = krb5_enomem(context);
for (k = i = 0; ret == 0 && i < kr.len; i++) { for (k = i = 0; ret == 0 && i < ckr->len; i++) {
const KeyRotation *krp = &kr.val[i]; const KeyRotation *krp = &ckr->val[i];
/* /*
* WARNING: O(N * M) where M is number of keysets and N is the number * WARNING: O(N * M) where M is number of keysets and N is the number
@@ -284,7 +271,6 @@ hdb_remove_base_keys(krb5_context context,
base_keys->len = k; base_keys->len = k;
else else
free_HDB_Ext_KeySet(base_keys); free_HDB_Ext_KeySet(base_keys);
free_HDB_Ext_KeyRotation(&kr);
return 0; return 0;
} }

1
lib/hdb/libhdb-exports.def
View File

@@ -69,7 +69,6 @@ EXPORTS
hdb_prune_keys hdb_prune_keys
hdb_prune_keys_kvno hdb_prune_keys_kvno
hdb_read_master_key hdb_read_master_key
hdb_remove_base_keys
hdb_remove_keys hdb_remove_keys
hdb_replace_extension hdb_replace_extension
hdb_seal_key hdb_seal_key

1
lib/hdb/version-script.map
View File

@@ -70,7 +70,6 @@ HEIMDAL_HDB_1.0 {
hdb_prune_keys; hdb_prune_keys;
hdb_prune_keys_kvno; hdb_prune_keys_kvno;
hdb_read_master_key; hdb_read_master_key;
hdb_remove_base_keys;
hdb_remove_keys; hdb_remove_keys;
hdb_replace_extension; hdb_replace_extension;
hdb_seal_key; hdb_seal_key;