Misc fixes (coverity)

This commit is contained in:
Nicolas Williams
2016-11-20 17:43:07 -06:00
parent 6696920d9e
commit f38089257b
19 changed files with 105 additions and 81 deletions

View File

@@ -132,8 +132,8 @@ do_list(struct list_options *opt, const char *keytab_str)
for (i = 0; i< entry.aliases->len; i++) {
krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf));
rk_strpoolprintf(p, "%s%s", buf,
i + 1 < entry.aliases->len ? ", " : "");
p = rk_strpoolprintf(p, "%s%s", buf,
i + 1 < entry.aliases->len ? ", " : "");
}
rtbl_add_column_entry_by_id(table, 5, (s = rk_strpoolcollect(p)));

View File

@@ -463,7 +463,7 @@ ret_principal_ent(krb5_context contextp,
ent->max_life = flag;
CHECK(krb5_ret_uint32(sp, &flag));
if (flag == 0)
ret_principal_xdr(contextp, sp, &ent->mod_name);
CHECK(ret_principal_xdr(contextp, sp, &ent->mod_name));
CHECK(krb5_ret_uint32(sp, &flag));
ent->mod_date = flag;
CHECK(krb5_ret_uint32(sp, &flag));

View File

@@ -514,7 +514,8 @@ kadmind_dispatch(void *kadm_handlep, krb5_boolean initial,
int i;
krb5_store_int32(sp, n_keys);
for(i = 0; i < n_keys; i++){
krb5_store_keyblock(sp, new_keys[i]);
if (ret == 0)
ret = krb5_store_keyblock(sp, new_keys[i]);
krb5_free_keyblock_contents(contextp->context, &new_keys[i]);
}
free(new_keys);

View File

@@ -920,12 +920,12 @@ tgs_make_reply(krb5_context context,
ek.key = et.key;
/* MIT must have at least one last_req */
ek.last_req.len = 1;
ek.last_req.val = calloc(1, sizeof(*ek.last_req.val));
if (ek.last_req.val == NULL) {
ret = ENOMEM;
goto out;
}
ek.last_req.len = 1; /* set after alloc to avoid null deref on cleanup */
ek.nonce = b->nonce;
ek.flags = et.flags;
ek.authtime = et.authtime;

View File

@@ -1394,13 +1394,19 @@ json_db_open(void *plug, const char *dbtype, const char *dbname,
}
ret = read_json(dbname, (heim_object_t *)&contents, error);
if (ret)
if (ret) {
heim_release(bkpname_s);
heim_release(dbname_s);
return ret;
}
if (contents != NULL && heim_get_tid(contents) != HEIM_TID_DICT)
if (contents != NULL && heim_get_tid(contents) != HEIM_TID_DICT) {
heim_release(bkpname_s);
heim_release(dbname_s);
return HEIM_ERROR(error, EINVAL,
(EINVAL, N_("JSON DB contents not valid JSON",
"")));
}
}
jsondb = heim_alloc(sizeof (*jsondb), "json_db", NULL);

View File

@@ -962,7 +962,6 @@ heim_path_vcreate(heim_object_t ptr, size_t size, heim_object_t leaf,
if (error)
*error = heim_error_create(ret, "Node in path not a "
"container");
goto err;
}
heim_release(next_node);
if (ret)

View File

@@ -108,11 +108,9 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp)
NULL);
if (db_binding) {
ret = get_dbinfo(context, db_binding, "default", &di);
if (ret == 0 && di) {
databases = di;
dt = &di->next;
}
ret = get_dbinfo(context, db_binding, "default", &databases);
if (ret == 0 && databases != NULL)
dt = &databases->next;
for ( ; db_binding != NULL; db_binding = db_binding->next) {
@@ -129,27 +127,28 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp)
if (dt)
*dt = di;
else
else {
hdb_free_dbinfo(context, &databases);
databases = di;
}
dt = &di->next;
}
}
if(databases == NULL) {
if (databases == NULL) {
/* if there are none specified, create one and use defaults */
di = calloc(1, sizeof(*di));
databases = di;
di->label = strdup("default");
databases = calloc(1, sizeof(*databases));
databases->label = strdup("default");
}
for(di = databases; di; di = di->next) {
if(di->dbname == NULL) {
for (di = databases; di; di = di->next) {
if (di->dbname == NULL) {
di->dbname = strdup(default_dbname);
if (di->mkey_file == NULL)
di->mkey_file = strdup(default_mkey);
}
if(di->mkey_file == NULL) {
if (di->mkey_file == NULL) {
p = strrchr(di->dbname, '.');
if(p == NULL || strchr(p, '/') != NULL)
/* final pathname component does not contain a . */
@@ -159,8 +158,10 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp)
.mkey */
ret = asprintf(&di->mkey_file, "%.*s.mkey",
(int)(p - di->dbname), di->dbname);
if (ret == -1)
if (ret == -1) {
hdb_free_dbinfo(context, &databases);
return ENOMEM;
}
}
if(di->acl_file == NULL)
di->acl_file = strdup(default_acl);

View File

@@ -2044,8 +2044,7 @@ hdb_ldapi_create(krb5_context context, HDB ** db, const char *arg)
krb5_error_code ret;
char *search_base, *p;
asprintf(&p, "ldapi:%s", arg);
if (p == NULL) {
if (asprintf(&p, "ldapi:%s", arg) == -1 || p == NULL) {
*db = NULL;
krb5_set_error_message(context, ENOMEM, "out of memory");
return ENOMEM;

View File

@@ -1212,7 +1212,7 @@ getdata(char **p, unsigned char *buf, size_t len, const char *what)
}
i = 0;
while (*q && i < len) {
if(sscanf(q, "%02x", &v) != 1)
if (sscanf(q, "%02x", &v) != 1)
break;
buf[i++] = v;
q += 2;
@@ -1229,7 +1229,8 @@ getint(char **p, const char *what)
warnx("Failed to find a signed integer (%s) in dump", what);
return -1;
}
sscanf(q, "%d", &val);
if (sscanf(q, "%d", &val) != 1)
return -1;
return val;
}
@@ -1242,7 +1243,8 @@ getuint(char **p, const char *what)
warnx("Failed to find an unsigned integer (%s) in dump", what);
return 0;
}
sscanf(q, "%u", &val);
if (sscanf(q, "%u", &val) != 1)
return 0;
return val;
}

View File

@@ -515,7 +515,6 @@ ks_tuple2str(krb5_context context, int n_ks_tuple,
{
size_t i;
char **ksnames;
char *ename, *sname;
krb5_error_code rc = KRB5_PROG_ETYPE_NOSUPP;
*ks_tuple_strs = NULL;
@@ -526,11 +525,15 @@ ks_tuple2str(krb5_context context, int n_ks_tuple,
return (errno);
for (i = 0; i < n_ks_tuple; i++) {
char *ename, *sname;
if (krb5_enctype_to_string(context, ks_tuple[i].ks_enctype, &ename))
goto out;
if (krb5_salttype_to_string(context, ks_tuple[i].ks_enctype,
ks_tuple[i].ks_salttype, &sname))
ks_tuple[i].ks_salttype, &sname)) {
free(ename);
goto out;
}
if (asprintf(&ksnames[i], "%s:%s", ename, sname) == -1) {
rc = errno;

View File

@@ -35,6 +35,7 @@
#include "hi_locl.h"
#include <assert.h>
#include <err.h>
#define MAX_PACKET_SIZE (128 * 1024)
@@ -980,7 +981,7 @@ process_loop(void)
unsigned n;
unsigned num_fds;
while(num_clients > 0) {
while (num_clients > 0) {
fds = malloc(num_clients * sizeof(fds[0]));
if(fds == NULL)
@@ -999,7 +1000,11 @@ process_loop(void)
fds[n].revents = 0;
}
poll(fds, num_fds, -1);
while (poll(fds, num_fds, -1) == -1) {
if (errno == EINTR || errno == EAGAIN)
continue;
err(1, "poll(2) failed");
}
for (n = 0 ; n < num_fds; n++) {
if (clients[n] == NULL)

View File

@@ -49,6 +49,7 @@ kadm5_s_init_with_context(krb5_context context,
char *dbname;
char *stash_file;
*server_handle = NULL;
ret = _kadm5_s_init_context(&ctx, realm_params, context);
if(ret)
return ret;
@@ -74,12 +75,13 @@ kadm5_s_init_with_context(krb5_context context,
#endif
ret = hdb_create(ctx->context, &ctx->db, dbname);
if(ret)
return ret;
ret = hdb_set_master_keyfile (ctx->context,
ctx->db, stash_file);
if(ret)
if (ret == 0)
ret = hdb_set_master_keyfile(ctx->context,
ctx->db, stash_file);
if (ret) {
kadm5_s_destroy(ctx);
return ret;
}
ctx->log_context.log_fd = -1;
@@ -94,14 +96,12 @@ kadm5_s_init_with_context(krb5_context context,
socket_set_nonblocking(ctx->log_context.socket_fd, 1);
ret = krb5_parse_name(ctx->context, client_name, &ctx->caller);
if(ret)
return ret;
ret = _kadm5_acl_init(ctx);
if(ret)
return ret;
*server_handle = ctx;
if (ret == 0)
ret = _kadm5_acl_init(ctx);
if (ret)
kadm5_s_destroy(ctx);
else
*server_handle = ctx;
return 0;
}

View File

@@ -79,17 +79,21 @@ kadm5_c_randkey_principal(void *server_handle,
*
* - opaque string2key parameters (salt, rounds, ...)
*/
krb5_store_int32(sp, kadm_randkey);
krb5_store_principal(sp, princ);
ret = krb5_store_int32(sp, kadm_randkey);
if (ret == 0)
ret = krb5_store_principal(sp, princ);
if (keepold == TRUE || n_ks_tuple > 0)
krb5_store_uint32(sp, keepold);
if (n_ks_tuple > 0)
krb5_store_uint32(sp, n_ks_tuple);
for (i = 0; i < n_ks_tuple; i++) {
krb5_store_int32(sp, ks_tuple[i].ks_enctype);
krb5_store_int32(sp, ks_tuple[i].ks_salttype);
if (ret == 0 && (keepold == TRUE || n_ks_tuple > 0))
ret = krb5_store_uint32(sp, keepold);
if (ret == 0 && n_ks_tuple > 0)
ret = krb5_store_uint32(sp, n_ks_tuple);
for (i = 0; ret == 0 && i < n_ks_tuple; i++) {
ret = krb5_store_int32(sp, ks_tuple[i].ks_enctype);
if (ret == 0)
krb5_store_int32(sp, ks_tuple[i].ks_salttype);
}
if (ret)
return ret;
/* Future extensions go here */
ret = _kadm5_client_send(context, sp);
@@ -106,28 +110,35 @@ kadm5_c_randkey_principal(void *server_handle,
return ENOMEM;
}
krb5_clear_error_message(context->context);
krb5_ret_int32(sp, &tmp);
ret = tmp;
if(ret == 0){
ret = krb5_ret_int32(sp, &tmp);
if (ret == 0)
ret = tmp;
if (ret == 0){
krb5_keyblock *k;
krb5_ret_int32(sp, &tmp);
ret = krb5_ret_int32(sp, &tmp);
if (ret)
goto out;
if (tmp < 0) {
ret = EOVERFLOW;
goto out;
}
k = malloc(tmp * sizeof(*k));
k = calloc(tmp, sizeof(*k));
if (k == NULL) {
ret = ENOMEM;
goto out;
}
for(i = 0; i < tmp; i++)
krb5_ret_keyblock(sp, &k[i]);
if (n_keys && new_keys) {
for(i = 0; ret == 0 && i < tmp; i++)
ret = krb5_ret_keyblock(sp, &k[i]);
if (ret == 0 && n_keys && new_keys) {
*n_keys = tmp;
*new_keys = k;
} else
} else {
krb5_free_keyblock_contents(context->context, &k[i]);
for (; i > 0; i--)
krb5_free_keyblock_contents(context->context, &k[i - 1]);
free(k);
}
}
out:
krb5_storage_free(sp);

View File

@@ -2341,21 +2341,19 @@ _get_derived_key(krb5_context context,
struct _krb5_key_data *d;
unsigned char constant[5];
*key = NULL;
for(i = 0; i < crypto->num_key_usage; i++)
if(crypto->key_usage[i].usage == usage) {
*key = &crypto->key_usage[i].key;
return 0;
}
d = _new_derived_key(crypto, usage);
if (d == NULL) {
*key = NULL; /* quiet warning */
if (d == NULL)
return krb5_enomem(context);
}
krb5_copy_keyblock(context, crypto->key.key, &d->key);
_krb5_put_int(constant, usage, 5);
_krb5_derive_key(context, crypto->et, d, constant, sizeof(constant));
*key = d;
return 0;
krb5_copy_keyblock(context, crypto->key.key, &d->key);
_krb5_put_int(constant, usage, sizeof(constant));
return _krb5_derive_key(context, crypto->et, d, constant, sizeof(constant));
}
/**

View File

@@ -493,7 +493,7 @@ _krb5_expand_path_tokensv(krb5_context context,
return krb5_enomem(context);
va_start(ap, ppath_out);
for (i = 0; i < nargs; i++) {
char *s = va_arg(ap, const char *); /* token key */
const char *s = va_arg(ap, const char *); /* token key */
if (s == NULL)
break;
extra_tokens[i] = strdup(s);

View File

@@ -450,6 +450,7 @@ again:
ret = fstat(fd, &sb2);
if (ret < 0) {
krb5_clear_error_message(context);
close(fd);
return errno;
}

View File

@@ -868,15 +868,14 @@ krb5_pac_verify(krb5_context context,
{
krb5_data *copy;
if (pac->server_checksum->buffersize < 4 ||
pac->privsvr_checksum->buffersize < 4)
return EINVAL;
ret = krb5_copy_data(context, &pac->data, &copy);
if (ret)
return ret;
if (pac->server_checksum->buffersize < 4)
return EINVAL;
if (pac->privsvr_checksum->buffersize < 4)
return EINVAL;
memset((char *)copy->data + pac->server_checksum->offset_lo + 4,
0,
pac->server_checksum->buffersize - 4);

View File

@@ -43,6 +43,7 @@ krb5_salttype_to_string (krb5_context context,
struct _krb5_encryption_type *e;
struct salt_type *st;
*string = NULL;
e = _krb5_find_enctype (etype);
if (e == NULL) {
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,

View File

@@ -56,13 +56,11 @@
static int
init_port(const char *s, int fallback)
{
if (s) {
int tmp;
int tmp;
sscanf (s, "%d", &tmp);
return htons(tmp);
} else
return fallback;
if (s && sscanf(s, "%d", &tmp) == 1)
return htons(tmp);
return fallback;
}
struct send_via_plugin_s {