oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Misc fixes (coverity)

Browse Source
This commit is contained in:
Nicolas Williams
2016-11-20 17:43:07 -06:00
parent 6696920d9e
commit f38089257b
19 changed files with 105 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
admin/list.c
View File

@@ -132,8 +132,8 @@ do_list(struct list_options *opt, const char *keytab_str)
for (i = 0; i< entry.aliases->len; i++) { for (i = 0; i< entry.aliases->len; i++) {
krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf)); krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf));
rk_strpoolprintf(p, "%s%s", buf, p = rk_strpoolprintf(p, "%s%s", buf,
i + 1 < entry.aliases->len ? ", " : ""); i + 1 < entry.aliases->len ? ", " : "");
} }
rtbl_add_column_entry_by_id(table, 5, (s = rk_strpoolcollect(p))); rtbl_add_column_entry_by_id(table, 5, (s = rk_strpoolcollect(p)));

2
kadmin/rpc.c
View File

@@ -463,7 +463,7 @@ ret_principal_ent(krb5_context contextp,
ent->max_life = flag; ent->max_life = flag;
CHECK(krb5_ret_uint32(sp, &flag)); CHECK(krb5_ret_uint32(sp, &flag));
if (flag == 0) if (flag == 0)
ret_principal_xdr(contextp, sp, &ent->mod_name); CHECK(ret_principal_xdr(contextp, sp, &ent->mod_name));
CHECK(krb5_ret_uint32(sp, &flag)); CHECK(krb5_ret_uint32(sp, &flag));
ent->mod_date = flag; ent->mod_date = flag;
CHECK(krb5_ret_uint32(sp, &flag)); CHECK(krb5_ret_uint32(sp, &flag));

3
kadmin/server.c
View File

@@ -514,7 +514,8 @@ kadmind_dispatch(void *kadm_handlep, krb5_boolean initial,
int i; int i;
krb5_store_int32(sp, n_keys); krb5_store_int32(sp, n_keys);
for(i = 0; i < n_keys; i++){ for(i = 0; i < n_keys; i++){
krb5_store_keyblock(sp, new_keys[i]); if (ret == 0)
ret = krb5_store_keyblock(sp, new_keys[i]);
krb5_free_keyblock_contents(contextp->context, &new_keys[i]); krb5_free_keyblock_contents(contextp->context, &new_keys[i]);
} }
free(new_keys); free(new_keys);

2
kdc/krb5tgs.c
View File

@@ -920,12 +920,12 @@ tgs_make_reply(krb5_context context,
ek.key = et.key; ek.key = et.key;
/* MIT must have at least one last_req */ /* MIT must have at least one last_req */
ek.last_req.len = 1;
ek.last_req.val = calloc(1, sizeof(*ek.last_req.val)); ek.last_req.val = calloc(1, sizeof(*ek.last_req.val));
if (ek.last_req.val == NULL) { if (ek.last_req.val == NULL) {
ret = ENOMEM; ret = ENOMEM;
goto out; goto out;
} }
ek.last_req.len = 1; /* set after alloc to avoid null deref on cleanup */
ek.nonce = b->nonce; ek.nonce = b->nonce;
ek.flags = et.flags; ek.flags = et.flags;
ek.authtime = et.authtime; ek.authtime = et.authtime;

10
lib/base/db.c
View File

@@ -1394,13 +1394,19 @@ json_db_open(void *plug, const char *dbtype, const char *dbname,
} }
ret = read_json(dbname, (heim_object_t *)&contents, error); ret = read_json(dbname, (heim_object_t *)&contents, error);
if (ret) if (ret) {
heim_release(bkpname_s);
heim_release(dbname_s);
return ret; return ret;
}
if (contents != NULL && heim_get_tid(contents) != HEIM_TID_DICT) if (contents != NULL && heim_get_tid(contents) != HEIM_TID_DICT) {
heim_release(bkpname_s);
heim_release(dbname_s);
return HEIM_ERROR(error, EINVAL, return HEIM_ERROR(error, EINVAL,
(EINVAL, N_("JSON DB contents not valid JSON", (EINVAL, N_("JSON DB contents not valid JSON",
""))); "")));
}
} }
jsondb = heim_alloc(sizeof (*jsondb), "json_db", NULL); jsondb = heim_alloc(sizeof (*jsondb), "json_db", NULL);

1
lib/base/heimbase.c
View File

@@ -962,7 +962,6 @@ heim_path_vcreate(heim_object_t ptr, size_t size, heim_object_t leaf,
if (error) if (error)
*error = heim_error_create(ret, "Node in path not a " *error = heim_error_create(ret, "Node in path not a "
"container"); "container");
goto err;
} }
heim_release(next_node); heim_release(next_node);
if (ret) if (ret)

29
lib/hdb/dbinfo.c
View File

@@ -108,11 +108,9 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp)
NULL); NULL);
if (db_binding) { if (db_binding) {
ret = get_dbinfo(context, db_binding, "default", &di); ret = get_dbinfo(context, db_binding, "default", &databases);
if (ret == 0 && di) { if (ret == 0 && databases != NULL)
databases = di; dt = &databases->next;
dt = &di->next;
}
for ( ; db_binding != NULL; db_binding = db_binding->next) { for ( ; db_binding != NULL; db_binding = db_binding->next) {
@@ -129,27 +127,28 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp)
if (dt) if (dt)
*dt = di; *dt = di;
else else {
hdb_free_dbinfo(context, &databases);
databases = di; databases = di;
}
dt = &di->next; dt = &di->next;
} }
} }
if(databases == NULL) { if (databases == NULL) {
/* if there are none specified, create one and use defaults */ /* if there are none specified, create one and use defaults */
di = calloc(1, sizeof(*di)); databases = calloc(1, sizeof(*databases));
databases = di; databases->label = strdup("default");
di->label = strdup("default");
} }
for(di = databases; di; di = di->next) { for (di = databases; di; di = di->next) {
if(di->dbname == NULL) { if (di->dbname == NULL) {
di->dbname = strdup(default_dbname); di->dbname = strdup(default_dbname);
if (di->mkey_file == NULL) if (di->mkey_file == NULL)
di->mkey_file = strdup(default_mkey); di->mkey_file = strdup(default_mkey);
} }
if(di->mkey_file == NULL) { if (di->mkey_file == NULL) {
p = strrchr(di->dbname, '.'); p = strrchr(di->dbname, '.');
if(p == NULL || strchr(p, '/') != NULL) if(p == NULL || strchr(p, '/') != NULL)
/* final pathname component does not contain a . */ /* final pathname component does not contain a . */
@@ -159,8 +158,10 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp)
.mkey */ .mkey */
ret = asprintf(&di->mkey_file, "%.*s.mkey", ret = asprintf(&di->mkey_file, "%.*s.mkey",
(int)(p - di->dbname), di->dbname); (int)(p - di->dbname), di->dbname);
if (ret == -1) if (ret == -1) {
hdb_free_dbinfo(context, &databases);
return ENOMEM; return ENOMEM;
}
} }
if(di->acl_file == NULL) if(di->acl_file == NULL)
di->acl_file = strdup(default_acl); di->acl_file = strdup(default_acl);

3
lib/hdb/hdb-ldap.c
View File

@@ -2044,8 +2044,7 @@ hdb_ldapi_create(krb5_context context, HDB ** db, const char *arg)
krb5_error_code ret; krb5_error_code ret;
char *search_base, *p; char *search_base, *p;
asprintf(&p, "ldapi:%s", arg); if (asprintf(&p, "ldapi:%s", arg) == -1 || p == NULL) {
if (p == NULL) {
*db = NULL; *db = NULL;
krb5_set_error_message(context, ENOMEM, "out of memory"); krb5_set_error_message(context, ENOMEM, "out of memory");
return ENOMEM; return ENOMEM;

8
lib/hdb/hdb-mitdb.c
View File

@@ -1212,7 +1212,7 @@ getdata(char **p, unsigned char *buf, size_t len, const char *what)
} }
i = 0; i = 0;
while (*q && i < len) { while (*q && i < len) {
if(sscanf(q, "%02x", &v) != 1) if (sscanf(q, "%02x", &v) != 1)
break; break;
buf[i++] = v; buf[i++] = v;
q += 2; q += 2;
@@ -1229,7 +1229,8 @@ getint(char **p, const char *what)
warnx("Failed to find a signed integer (%s) in dump", what); warnx("Failed to find a signed integer (%s) in dump", what);
return -1; return -1;
} }
sscanf(q, "%d", &val); if (sscanf(q, "%d", &val) != 1)
return -1;
return val; return val;
} }
@@ -1242,7 +1243,8 @@ getuint(char **p, const char *what)
warnx("Failed to find an unsigned integer (%s) in dump", what); warnx("Failed to find an unsigned integer (%s) in dump", what);
return 0; return 0;
} }
sscanf(q, "%u", &val); if (sscanf(q, "%u", &val) != 1)
return 0;
return val; return val;
} }

7
lib/hdb/keys.c
View File

@@ -515,7 +515,6 @@ ks_tuple2str(krb5_context context, int n_ks_tuple,
{ {
size_t i; size_t i;
char **ksnames; char **ksnames;
char *ename, *sname;
krb5_error_code rc = KRB5_PROG_ETYPE_NOSUPP; krb5_error_code rc = KRB5_PROG_ETYPE_NOSUPP;
*ks_tuple_strs = NULL; *ks_tuple_strs = NULL;
@@ -526,11 +525,15 @@ ks_tuple2str(krb5_context context, int n_ks_tuple,
return (errno); return (errno);
for (i = 0; i < n_ks_tuple; i++) { for (i = 0; i < n_ks_tuple; i++) {
char *ename, *sname;
if (krb5_enctype_to_string(context, ks_tuple[i].ks_enctype, &ename)) if (krb5_enctype_to_string(context, ks_tuple[i].ks_enctype, &ename))
goto out; goto out;
if (krb5_salttype_to_string(context, ks_tuple[i].ks_enctype, if (krb5_salttype_to_string(context, ks_tuple[i].ks_enctype,
ks_tuple[i].ks_salttype, &sname)) ks_tuple[i].ks_salttype, &sname)) {
free(ename);
goto out; goto out;
}
if (asprintf(&ksnames[i], "%s:%s", ename, sname) == -1) { if (asprintf(&ksnames[i], "%s:%s", ename, sname) == -1) {
rc = errno; rc = errno;

9
lib/ipc/server.c
View File

@@ -35,6 +35,7 @@
#include "hi_locl.h" #include "hi_locl.h"
#include <assert.h> #include <assert.h>
#include <err.h>
#define MAX_PACKET_SIZE (128 * 1024) #define MAX_PACKET_SIZE (128 * 1024)
@@ -980,7 +981,7 @@ process_loop(void)
unsigned n; unsigned n;
unsigned num_fds; unsigned num_fds;
while(num_clients > 0) { while (num_clients > 0) {
fds = malloc(num_clients * sizeof(fds[0])); fds = malloc(num_clients * sizeof(fds[0]));
if(fds == NULL) if(fds == NULL)
@@ -999,7 +1000,11 @@ process_loop(void)
fds[n].revents = 0; fds[n].revents = 0;
} }
poll(fds, num_fds, -1); while (poll(fds, num_fds, -1) == -1) {
if (errno == EINTR || errno == EAGAIN)
continue;
err(1, "poll(2) failed");
}
for (n = 0 ; n < num_fds; n++) { for (n = 0 ; n < num_fds; n++) {
if (clients[n] == NULL) if (clients[n] == NULL)

26
lib/kadm5/init_s.c
View File

@@ -49,6 +49,7 @@ kadm5_s_init_with_context(krb5_context context,
char *dbname; char *dbname;
char *stash_file; char *stash_file;
*server_handle = NULL;
ret = _kadm5_s_init_context(&ctx, realm_params, context); ret = _kadm5_s_init_context(&ctx, realm_params, context);
if(ret) if(ret)
return ret; return ret;
@@ -74,12 +75,13 @@ kadm5_s_init_with_context(krb5_context context,
#endif #endif
ret = hdb_create(ctx->context, &ctx->db, dbname); ret = hdb_create(ctx->context, &ctx->db, dbname);
if(ret) if (ret == 0)
return ret; ret = hdb_set_master_keyfile(ctx->context,
ret = hdb_set_master_keyfile (ctx->context, ctx->db, stash_file);
ctx->db, stash_file); if (ret) {
if(ret) kadm5_s_destroy(ctx);
return ret; return ret;
}
ctx->log_context.log_fd = -1; ctx->log_context.log_fd = -1;
@@ -94,14 +96,12 @@ kadm5_s_init_with_context(krb5_context context,
socket_set_nonblocking(ctx->log_context.socket_fd, 1); socket_set_nonblocking(ctx->log_context.socket_fd, 1);
ret = krb5_parse_name(ctx->context, client_name, &ctx->caller); ret = krb5_parse_name(ctx->context, client_name, &ctx->caller);
if(ret) if (ret == 0)
return ret; ret = _kadm5_acl_init(ctx);
if (ret)
ret = _kadm5_acl_init(ctx); kadm5_s_destroy(ctx);
if(ret) else
return ret; *server_handle = ctx;
*server_handle = ctx;
return 0; return 0;
} }

47
lib/kadm5/randkey_c.c
View File

@@ -79,17 +79,21 @@ kadm5_c_randkey_principal(void *server_handle,
* *
* - opaque string2key parameters (salt, rounds, ...) * - opaque string2key parameters (salt, rounds, ...)
*/ */
krb5_store_int32(sp, kadm_randkey); ret = krb5_store_int32(sp, kadm_randkey);
krb5_store_principal(sp, princ); if (ret == 0)
ret = krb5_store_principal(sp, princ);
if (keepold == TRUE || n_ks_tuple > 0) if (ret == 0 && (keepold == TRUE || n_ks_tuple > 0))
krb5_store_uint32(sp, keepold); ret = krb5_store_uint32(sp, keepold);
if (n_ks_tuple > 0) if (ret == 0 && n_ks_tuple > 0)
krb5_store_uint32(sp, n_ks_tuple); ret = krb5_store_uint32(sp, n_ks_tuple);
for (i = 0; i < n_ks_tuple; i++) { for (i = 0; ret == 0 && i < n_ks_tuple; i++) {
krb5_store_int32(sp, ks_tuple[i].ks_enctype); ret = krb5_store_int32(sp, ks_tuple[i].ks_enctype);
krb5_store_int32(sp, ks_tuple[i].ks_salttype); if (ret == 0)
krb5_store_int32(sp, ks_tuple[i].ks_salttype);
} }
if (ret)
return ret;
/* Future extensions go here */ /* Future extensions go here */
ret = _kadm5_client_send(context, sp); ret = _kadm5_client_send(context, sp);
@@ -106,28 +110,35 @@ kadm5_c_randkey_principal(void *server_handle,
return ENOMEM; return ENOMEM;
} }
krb5_clear_error_message(context->context); krb5_clear_error_message(context->context);
krb5_ret_int32(sp, &tmp); ret = krb5_ret_int32(sp, &tmp);
ret = tmp; if (ret == 0)
if(ret == 0){ ret = tmp;
if (ret == 0){
krb5_keyblock *k; krb5_keyblock *k;
krb5_ret_int32(sp, &tmp); ret = krb5_ret_int32(sp, &tmp);
if (ret)
goto out;
if (tmp < 0) { if (tmp < 0) {
ret = EOVERFLOW; ret = EOVERFLOW;
goto out; goto out;
} }
k = malloc(tmp * sizeof(*k)); k = calloc(tmp, sizeof(*k));
if (k == NULL) { if (k == NULL) {
ret = ENOMEM; ret = ENOMEM;
goto out; goto out;
} }
for(i = 0; i < tmp; i++) for(i = 0; ret == 0 && i < tmp; i++)
krb5_ret_keyblock(sp, &k[i]); ret = krb5_ret_keyblock(sp, &k[i]);
if (n_keys && new_keys) { if (ret == 0 && n_keys && new_keys) {
*n_keys = tmp; *n_keys = tmp;
*new_keys = k; *new_keys = k;
} else } else {
krb5_free_keyblock_contents(context->context, &k[i]);
for (; i > 0; i--)
krb5_free_keyblock_contents(context->context, &k[i - 1]);
free(k); free(k);
}
} }
out: out:
krb5_storage_free(sp); krb5_storage_free(sp);

12
lib/krb5/crypto.c
View File

@@ -2341,21 +2341,19 @@ _get_derived_key(krb5_context context,
struct _krb5_key_data *d; struct _krb5_key_data *d;
unsigned char constant[5]; unsigned char constant[5];
*key = NULL;
for(i = 0; i < crypto->num_key_usage; i++) for(i = 0; i < crypto->num_key_usage; i++)
if(crypto->key_usage[i].usage == usage) { if(crypto->key_usage[i].usage == usage) {
*key = &crypto->key_usage[i].key; *key = &crypto->key_usage[i].key;
return 0; return 0;
} }
d = _new_derived_key(crypto, usage); d = _new_derived_key(crypto, usage);
if (d == NULL) { if (d == NULL)
*key = NULL; /* quiet warning */
return krb5_enomem(context); return krb5_enomem(context);
}
krb5_copy_keyblock(context, crypto->key.key, &d->key);
_krb5_put_int(constant, usage, 5);
_krb5_derive_key(context, crypto->et, d, constant, sizeof(constant));
*key = d; *key = d;
return 0; krb5_copy_keyblock(context, crypto->key.key, &d->key);
_krb5_put_int(constant, usage, sizeof(constant));
return _krb5_derive_key(context, crypto->et, d, constant, sizeof(constant));
} }
/** /**

2
lib/krb5/expand_path.c
View File

@@ -493,7 +493,7 @@ _krb5_expand_path_tokensv(krb5_context context,
return krb5_enomem(context); return krb5_enomem(context);
va_start(ap, ppath_out); va_start(ap, ppath_out);
for (i = 0; i < nargs; i++) { for (i = 0; i < nargs; i++) {
char *s = va_arg(ap, const char *); /* token key */ const char *s = va_arg(ap, const char *); /* token key */
if (s == NULL) if (s == NULL)
break; break;
extra_tokens[i] = strdup(s); extra_tokens[i] = strdup(s);

1
lib/krb5/fcache.c
View File

@@ -450,6 +450,7 @@ again:
ret = fstat(fd, &sb2); ret = fstat(fd, &sb2);
if (ret < 0) { if (ret < 0) {
krb5_clear_error_message(context); krb5_clear_error_message(context);
close(fd);
return errno; return errno;
} }

9
lib/krb5/pac.c
View File

@@ -868,15 +868,14 @@ krb5_pac_verify(krb5_context context,
{ {
krb5_data *copy; krb5_data *copy;
if (pac->server_checksum->buffersize < 4 ||
pac->privsvr_checksum->buffersize < 4)
return EINVAL;
ret = krb5_copy_data(context, &pac->data, &copy); ret = krb5_copy_data(context, &pac->data, &copy);
if (ret) if (ret)
return ret; return ret;
if (pac->server_checksum->buffersize < 4)
return EINVAL;
if (pac->privsvr_checksum->buffersize < 4)
return EINVAL;
memset((char *)copy->data + pac->server_checksum->offset_lo + 4, memset((char *)copy->data + pac->server_checksum->offset_lo + 4,
0, 0,
pac->server_checksum->buffersize - 4); pac->server_checksum->buffersize - 4);

1
lib/krb5/salt.c
View File

@@ -43,6 +43,7 @@ krb5_salttype_to_string (krb5_context context,
struct _krb5_encryption_type *e; struct _krb5_encryption_type *e;
struct salt_type *st; struct salt_type *st;
*string = NULL;
e = _krb5_find_enctype (etype); e = _krb5_find_enctype (etype);
if (e == NULL) { if (e == NULL) {
krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP,

10
lib/krb5/send_to_kdc.c
View File

@@ -56,13 +56,11 @@
static int static int
init_port(const char *s, int fallback) init_port(const char *s, int fallback)
{ {
if (s) { int tmp;
int tmp;
sscanf (s, "%d", &tmp); if (s && sscanf(s, "%d", &tmp) == 1)
return htons(tmp); return htons(tmp);
} else return fallback;
return fallback;
} }
struct send_via_plugin_s { struct send_via_plugin_s {