diff --git a/admin/list.c b/admin/list.c index ffb3f0108..31be54611 100644 --- a/admin/list.c +++ b/admin/list.c @@ -132,8 +132,8 @@ do_list(struct list_options *opt, const char *keytab_str) for (i = 0; i< entry.aliases->len; i++) { krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf)); - rk_strpoolprintf(p, "%s%s", buf, - i + 1 < entry.aliases->len ? ", " : ""); + p = rk_strpoolprintf(p, "%s%s", buf, + i + 1 < entry.aliases->len ? ", " : ""); } rtbl_add_column_entry_by_id(table, 5, (s = rk_strpoolcollect(p))); diff --git a/kadmin/rpc.c b/kadmin/rpc.c index 631eb8426..770e0a0c4 100644 --- a/kadmin/rpc.c +++ b/kadmin/rpc.c @@ -463,7 +463,7 @@ ret_principal_ent(krb5_context contextp, ent->max_life = flag; CHECK(krb5_ret_uint32(sp, &flag)); if (flag == 0) - ret_principal_xdr(contextp, sp, &ent->mod_name); + CHECK(ret_principal_xdr(contextp, sp, &ent->mod_name)); CHECK(krb5_ret_uint32(sp, &flag)); ent->mod_date = flag; CHECK(krb5_ret_uint32(sp, &flag)); diff --git a/kadmin/server.c b/kadmin/server.c index d3a516de9..d0893089a 100644 --- a/kadmin/server.c +++ b/kadmin/server.c @@ -514,7 +514,8 @@ kadmind_dispatch(void *kadm_handlep, krb5_boolean initial, int i; krb5_store_int32(sp, n_keys); for(i = 0; i < n_keys; i++){ - krb5_store_keyblock(sp, new_keys[i]); + if (ret == 0) + ret = krb5_store_keyblock(sp, new_keys[i]); krb5_free_keyblock_contents(contextp->context, &new_keys[i]); } free(new_keys); diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c index caa1170e6..6048b9c55 100644 --- a/kdc/krb5tgs.c +++ b/kdc/krb5tgs.c @@ -920,12 +920,12 @@ tgs_make_reply(krb5_context context, ek.key = et.key; /* MIT must have at least one last_req */ - ek.last_req.len = 1; ek.last_req.val = calloc(1, sizeof(*ek.last_req.val)); if (ek.last_req.val == NULL) { ret = ENOMEM; goto out; } + ek.last_req.len = 1; /* set after alloc to avoid null deref on cleanup */ ek.nonce = b->nonce; ek.flags = et.flags; ek.authtime = et.authtime; diff --git a/lib/base/db.c b/lib/base/db.c index 4d9985abd..944091684 100644 --- a/lib/base/db.c +++ b/lib/base/db.c @@ -1394,13 +1394,19 @@ json_db_open(void *plug, const char *dbtype, const char *dbname, } ret = read_json(dbname, (heim_object_t *)&contents, error); - if (ret) + if (ret) { + heim_release(bkpname_s); + heim_release(dbname_s); return ret; + } - if (contents != NULL && heim_get_tid(contents) != HEIM_TID_DICT) + if (contents != NULL && heim_get_tid(contents) != HEIM_TID_DICT) { + heim_release(bkpname_s); + heim_release(dbname_s); return HEIM_ERROR(error, EINVAL, (EINVAL, N_("JSON DB contents not valid JSON", ""))); + } } jsondb = heim_alloc(sizeof (*jsondb), "json_db", NULL); diff --git a/lib/base/heimbase.c b/lib/base/heimbase.c index a93b1c7bf..6ad6ab258 100644 --- a/lib/base/heimbase.c +++ b/lib/base/heimbase.c @@ -962,7 +962,6 @@ heim_path_vcreate(heim_object_t ptr, size_t size, heim_object_t leaf, if (error) *error = heim_error_create(ret, "Node in path not a " "container"); - goto err; } heim_release(next_node); if (ret) diff --git a/lib/hdb/dbinfo.c b/lib/hdb/dbinfo.c index bead7170f..e2890255b 100644 --- a/lib/hdb/dbinfo.c +++ b/lib/hdb/dbinfo.c @@ -108,11 +108,9 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) NULL); if (db_binding) { - ret = get_dbinfo(context, db_binding, "default", &di); - if (ret == 0 && di) { - databases = di; - dt = &di->next; - } + ret = get_dbinfo(context, db_binding, "default", &databases); + if (ret == 0 && databases != NULL) + dt = &databases->next; for ( ; db_binding != NULL; db_binding = db_binding->next) { @@ -129,27 +127,28 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) if (dt) *dt = di; - else + else { + hdb_free_dbinfo(context, &databases); databases = di; + } dt = &di->next; } } - if(databases == NULL) { + if (databases == NULL) { /* if there are none specified, create one and use defaults */ - di = calloc(1, sizeof(*di)); - databases = di; - di->label = strdup("default"); + databases = calloc(1, sizeof(*databases)); + databases->label = strdup("default"); } - for(di = databases; di; di = di->next) { - if(di->dbname == NULL) { + for (di = databases; di; di = di->next) { + if (di->dbname == NULL) { di->dbname = strdup(default_dbname); if (di->mkey_file == NULL) di->mkey_file = strdup(default_mkey); } - if(di->mkey_file == NULL) { + if (di->mkey_file == NULL) { p = strrchr(di->dbname, '.'); if(p == NULL || strchr(p, '/') != NULL) /* final pathname component does not contain a . */ @@ -159,8 +158,10 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) .mkey */ ret = asprintf(&di->mkey_file, "%.*s.mkey", (int)(p - di->dbname), di->dbname); - if (ret == -1) + if (ret == -1) { + hdb_free_dbinfo(context, &databases); return ENOMEM; + } } if(di->acl_file == NULL) di->acl_file = strdup(default_acl); diff --git a/lib/hdb/hdb-ldap.c b/lib/hdb/hdb-ldap.c index e5861824e..9ce4ba74f 100644 --- a/lib/hdb/hdb-ldap.c +++ b/lib/hdb/hdb-ldap.c @@ -2044,8 +2044,7 @@ hdb_ldapi_create(krb5_context context, HDB ** db, const char *arg) krb5_error_code ret; char *search_base, *p; - asprintf(&p, "ldapi:%s", arg); - if (p == NULL) { + if (asprintf(&p, "ldapi:%s", arg) == -1 || p == NULL) { *db = NULL; krb5_set_error_message(context, ENOMEM, "out of memory"); return ENOMEM; diff --git a/lib/hdb/hdb-mitdb.c b/lib/hdb/hdb-mitdb.c index 3eefc62bc..4e4fcdc58 100644 --- a/lib/hdb/hdb-mitdb.c +++ b/lib/hdb/hdb-mitdb.c @@ -1212,7 +1212,7 @@ getdata(char **p, unsigned char *buf, size_t len, const char *what) } i = 0; while (*q && i < len) { - if(sscanf(q, "%02x", &v) != 1) + if (sscanf(q, "%02x", &v) != 1) break; buf[i++] = v; q += 2; @@ -1229,7 +1229,8 @@ getint(char **p, const char *what) warnx("Failed to find a signed integer (%s) in dump", what); return -1; } - sscanf(q, "%d", &val); + if (sscanf(q, "%d", &val) != 1) + return -1; return val; } @@ -1242,7 +1243,8 @@ getuint(char **p, const char *what) warnx("Failed to find an unsigned integer (%s) in dump", what); return 0; } - sscanf(q, "%u", &val); + if (sscanf(q, "%u", &val) != 1) + return 0; return val; } diff --git a/lib/hdb/keys.c b/lib/hdb/keys.c index 5e705eac5..7793d4088 100644 --- a/lib/hdb/keys.c +++ b/lib/hdb/keys.c @@ -515,7 +515,6 @@ ks_tuple2str(krb5_context context, int n_ks_tuple, { size_t i; char **ksnames; - char *ename, *sname; krb5_error_code rc = KRB5_PROG_ETYPE_NOSUPP; *ks_tuple_strs = NULL; @@ -526,11 +525,15 @@ ks_tuple2str(krb5_context context, int n_ks_tuple, return (errno); for (i = 0; i < n_ks_tuple; i++) { + char *ename, *sname; + if (krb5_enctype_to_string(context, ks_tuple[i].ks_enctype, &ename)) goto out; if (krb5_salttype_to_string(context, ks_tuple[i].ks_enctype, - ks_tuple[i].ks_salttype, &sname)) + ks_tuple[i].ks_salttype, &sname)) { + free(ename); goto out; + } if (asprintf(&ksnames[i], "%s:%s", ename, sname) == -1) { rc = errno; diff --git a/lib/ipc/server.c b/lib/ipc/server.c index 60efec88b..ef91f6a09 100644 --- a/lib/ipc/server.c +++ b/lib/ipc/server.c @@ -35,6 +35,7 @@ #include "hi_locl.h" #include +#include #define MAX_PACKET_SIZE (128 * 1024) @@ -980,7 +981,7 @@ process_loop(void) unsigned n; unsigned num_fds; - while(num_clients > 0) { + while (num_clients > 0) { fds = malloc(num_clients * sizeof(fds[0])); if(fds == NULL) @@ -999,7 +1000,11 @@ process_loop(void) fds[n].revents = 0; } - poll(fds, num_fds, -1); + while (poll(fds, num_fds, -1) == -1) { + if (errno == EINTR || errno == EAGAIN) + continue; + err(1, "poll(2) failed"); + } for (n = 0 ; n < num_fds; n++) { if (clients[n] == NULL) diff --git a/lib/kadm5/init_s.c b/lib/kadm5/init_s.c index 67154254a..599e34883 100644 --- a/lib/kadm5/init_s.c +++ b/lib/kadm5/init_s.c @@ -49,6 +49,7 @@ kadm5_s_init_with_context(krb5_context context, char *dbname; char *stash_file; + *server_handle = NULL; ret = _kadm5_s_init_context(&ctx, realm_params, context); if(ret) return ret; @@ -74,12 +75,13 @@ kadm5_s_init_with_context(krb5_context context, #endif ret = hdb_create(ctx->context, &ctx->db, dbname); - if(ret) - return ret; - ret = hdb_set_master_keyfile (ctx->context, - ctx->db, stash_file); - if(ret) + if (ret == 0) + ret = hdb_set_master_keyfile(ctx->context, + ctx->db, stash_file); + if (ret) { + kadm5_s_destroy(ctx); return ret; + } ctx->log_context.log_fd = -1; @@ -94,14 +96,12 @@ kadm5_s_init_with_context(krb5_context context, socket_set_nonblocking(ctx->log_context.socket_fd, 1); ret = krb5_parse_name(ctx->context, client_name, &ctx->caller); - if(ret) - return ret; - - ret = _kadm5_acl_init(ctx); - if(ret) - return ret; - - *server_handle = ctx; + if (ret == 0) + ret = _kadm5_acl_init(ctx); + if (ret) + kadm5_s_destroy(ctx); + else + *server_handle = ctx; return 0; } diff --git a/lib/kadm5/randkey_c.c b/lib/kadm5/randkey_c.c index b3b383cf8..24f38c591 100644 --- a/lib/kadm5/randkey_c.c +++ b/lib/kadm5/randkey_c.c @@ -79,17 +79,21 @@ kadm5_c_randkey_principal(void *server_handle, * * - opaque string2key parameters (salt, rounds, ...) */ - krb5_store_int32(sp, kadm_randkey); - krb5_store_principal(sp, princ); + ret = krb5_store_int32(sp, kadm_randkey); + if (ret == 0) + ret = krb5_store_principal(sp, princ); - if (keepold == TRUE || n_ks_tuple > 0) - krb5_store_uint32(sp, keepold); - if (n_ks_tuple > 0) - krb5_store_uint32(sp, n_ks_tuple); - for (i = 0; i < n_ks_tuple; i++) { - krb5_store_int32(sp, ks_tuple[i].ks_enctype); - krb5_store_int32(sp, ks_tuple[i].ks_salttype); + if (ret == 0 && (keepold == TRUE || n_ks_tuple > 0)) + ret = krb5_store_uint32(sp, keepold); + if (ret == 0 && n_ks_tuple > 0) + ret = krb5_store_uint32(sp, n_ks_tuple); + for (i = 0; ret == 0 && i < n_ks_tuple; i++) { + ret = krb5_store_int32(sp, ks_tuple[i].ks_enctype); + if (ret == 0) + krb5_store_int32(sp, ks_tuple[i].ks_salttype); } + if (ret) + return ret; /* Future extensions go here */ ret = _kadm5_client_send(context, sp); @@ -106,28 +110,35 @@ kadm5_c_randkey_principal(void *server_handle, return ENOMEM; } krb5_clear_error_message(context->context); - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0){ + ret = krb5_ret_int32(sp, &tmp); + if (ret == 0) + ret = tmp; + if (ret == 0){ krb5_keyblock *k; - krb5_ret_int32(sp, &tmp); + ret = krb5_ret_int32(sp, &tmp); + if (ret) + goto out; if (tmp < 0) { ret = EOVERFLOW; goto out; } - k = malloc(tmp * sizeof(*k)); + k = calloc(tmp, sizeof(*k)); if (k == NULL) { ret = ENOMEM; goto out; } - for(i = 0; i < tmp; i++) - krb5_ret_keyblock(sp, &k[i]); - if (n_keys && new_keys) { + for(i = 0; ret == 0 && i < tmp; i++) + ret = krb5_ret_keyblock(sp, &k[i]); + if (ret == 0 && n_keys && new_keys) { *n_keys = tmp; *new_keys = k; - } else + } else { + krb5_free_keyblock_contents(context->context, &k[i]); + for (; i > 0; i--) + krb5_free_keyblock_contents(context->context, &k[i - 1]); free(k); + } } out: krb5_storage_free(sp); diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c index a139275d8..1c30629db 100644 --- a/lib/krb5/crypto.c +++ b/lib/krb5/crypto.c @@ -2341,21 +2341,19 @@ _get_derived_key(krb5_context context, struct _krb5_key_data *d; unsigned char constant[5]; + *key = NULL; for(i = 0; i < crypto->num_key_usage; i++) if(crypto->key_usage[i].usage == usage) { *key = &crypto->key_usage[i].key; return 0; } d = _new_derived_key(crypto, usage); - if (d == NULL) { - *key = NULL; /* quiet warning */ + if (d == NULL) return krb5_enomem(context); - } - krb5_copy_keyblock(context, crypto->key.key, &d->key); - _krb5_put_int(constant, usage, 5); - _krb5_derive_key(context, crypto->et, d, constant, sizeof(constant)); *key = d; - return 0; + krb5_copy_keyblock(context, crypto->key.key, &d->key); + _krb5_put_int(constant, usage, sizeof(constant)); + return _krb5_derive_key(context, crypto->et, d, constant, sizeof(constant)); } /** diff --git a/lib/krb5/expand_path.c b/lib/krb5/expand_path.c index 765bd9dad..43b8dfeb3 100644 --- a/lib/krb5/expand_path.c +++ b/lib/krb5/expand_path.c @@ -493,7 +493,7 @@ _krb5_expand_path_tokensv(krb5_context context, return krb5_enomem(context); va_start(ap, ppath_out); for (i = 0; i < nargs; i++) { - char *s = va_arg(ap, const char *); /* token key */ + const char *s = va_arg(ap, const char *); /* token key */ if (s == NULL) break; extra_tokens[i] = strdup(s); diff --git a/lib/krb5/fcache.c b/lib/krb5/fcache.c index 48fc241ee..ab5d1c137 100644 --- a/lib/krb5/fcache.c +++ b/lib/krb5/fcache.c @@ -450,6 +450,7 @@ again: ret = fstat(fd, &sb2); if (ret < 0) { krb5_clear_error_message(context); + close(fd); return errno; } diff --git a/lib/krb5/pac.c b/lib/krb5/pac.c index 4b877e6d5..c26201be9 100644 --- a/lib/krb5/pac.c +++ b/lib/krb5/pac.c @@ -868,15 +868,14 @@ krb5_pac_verify(krb5_context context, { krb5_data *copy; + if (pac->server_checksum->buffersize < 4 || + pac->privsvr_checksum->buffersize < 4) + return EINVAL; + ret = krb5_copy_data(context, &pac->data, ©); if (ret) return ret; - if (pac->server_checksum->buffersize < 4) - return EINVAL; - if (pac->privsvr_checksum->buffersize < 4) - return EINVAL; - memset((char *)copy->data + pac->server_checksum->offset_lo + 4, 0, pac->server_checksum->buffersize - 4); diff --git a/lib/krb5/salt.c b/lib/krb5/salt.c index 198e1b8a4..a3e850fcb 100644 --- a/lib/krb5/salt.c +++ b/lib/krb5/salt.c @@ -43,6 +43,7 @@ krb5_salttype_to_string (krb5_context context, struct _krb5_encryption_type *e; struct salt_type *st; + *string = NULL; e = _krb5_find_enctype (etype); if (e == NULL) { krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, diff --git a/lib/krb5/send_to_kdc.c b/lib/krb5/send_to_kdc.c index 2afcfd772..1b0a53355 100644 --- a/lib/krb5/send_to_kdc.c +++ b/lib/krb5/send_to_kdc.c @@ -56,13 +56,11 @@ static int init_port(const char *s, int fallback) { - if (s) { - int tmp; + int tmp; - sscanf (s, "%d", &tmp); - return htons(tmp); - } else - return fallback; + if (s && sscanf(s, "%d", &tmp) == 1) + return htons(tmp); + return fallback; } struct send_via_plugin_s {