oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,622 Commits 2 Branches 2 Tags
1baec53f8de146755e7e76703425d0b221dd41f9
Commit Graph

18107 Commits

Author SHA1 Message Date
Nicolas Williams
16c9813140 negoex: Quiet a static analyzer false positive 2023-01-04 00:43:43 -06:00
Nicolas Williams
7c519d9c34 negoex: Fix use-after-free 2023-01-04 00:43:43 -06:00
Nicolas Williams
df81ad1c93 spnego: Quiet warning in ret_spnego_context() 2023-01-04 00:43:43 -06:00
Nicolas Williams
78c261f689 gsskrb5: Add missing error check in cred import 2023-01-04 00:43:43 -06:00
Nicolas Williams
882f9fddaa gsskrb5: Fix uninit var in acceptor 2023-01-04 00:43:43 -06:00
Nicolas Williams
67c35bc1ca gsskrb5: Fix NULL deref in init_sec_context 2023-01-04 00:43:43 -06:00
Nicolas Williams
27e5c40a79 gss: Fix leaks 2023-01-04 00:43:43 -06:00
Nicolas Williams
a5093f6e0d kadm5: Fix clobbering of interruption code in kadm5_c_iter_principals() 2023-01-04 00:43:43 -06:00
Nicolas Williams
26488ce60d kadm5: Export _kadm5 functions for fuzzing 2023-01-04 00:43:43 -06:00
Nicolas Williams
d26a60310e hdb: Fix leak in virtual namespaced principals support 2023-01-04 00:43:43 -06:00
Nicolas Williams
1a75e174ac krb5: Always try mkdir in DIR: ccache (quiet [harmless] TOCTOU warning) 2023-01-04 00:43:36 -06:00
Nicolas Williams
b0b4510f9f krb5: Fix return of pointer to local in krb5_sendauth() (never exercised) 
We don't have a caller in-tree that exercises this path.
 2023-01-04 00:43:36 -06:00
Nicolas Williams
46df04dafb krb5: Fix leaks 2023-01-04 00:43:36 -06:00
Nicolas Williams
21ada15e08 krb5: Expand breadcrumb commentary in _krb5_get_host_realm_int() 2023-01-04 00:43:36 -06:00
Nicolas Williams
2e7d996ea9 krb5: Fix string read overrun (fix #1057) 2023-01-04 00:43:36 -06:00
Nicolas Williams
cc641edf6b krb5: Fix moduli open file leak 2023-01-04 00:43:36 -06:00
Nicolas Williams
7705ff6588 krb5: Fix FAST anon PKINIT leak 2023-01-04 00:43:36 -06:00
Nicolas Williams
59e13ad299 krb5: Quiet static analyzer warning in store.c 2023-01-04 00:43:36 -06:00
Nicolas Williams
5535ace6ea krb5: Fix ignored error in SCC: ccache 2023-01-04 00:43:36 -06:00
Nicolas Williams
0fba239baa krb5: Quiet static analyzer warning in name canon rules 2023-01-04 00:43:36 -06:00
Nicolas Williams
e5a8a6f972 krb5: Quiet static analyzer warning in krbhst 2023-01-04 00:43:36 -06:00
Nicolas Williams
a1c0639ddd krb5: Fix NULL deref in KCM: ccache 2023-01-04 00:43:36 -06:00
Nicolas Williams
2e11ecefba krb5: Fix krb5_copy_context() use-after-free copy-pasto 2023-01-04 00:43:35 -06:00
Nicolas Williams
8b44896bc1 hx509: Fix harmless TOCTOU in load_crl() 2023-01-04 00:43:35 -06:00
Nicolas Williams
64254d64dd hx509: Fix ENOMEM free of garbage encoding PKCS#10 2023-01-04 00:43:35 -06:00
Nicolas Williams
1473b96d1c hx509: Fix leak in templated certificates 2023-01-04 00:43:35 -06:00
Nicolas Williams
06fdd14d4d hx509: Quiet static analyzer false positives 2023-01-04 00:43:35 -06:00
Nicolas Williams
86af011f0b hcrypto: Fix integer undeflow in rsa-ltm.c 2023-01-04 00:43:35 -06:00
Nicolas Williams
274b683d76 hcrypto: Fix warning in HMAC_Init_ex() 2023-01-04 00:43:35 -06:00
Nicolas Williams
20c4c0dea9 asn1: Fix ENOMEM leak in der_print_bit_string() 2023-01-04 00:43:35 -06:00
Nicolas Williams
26b1acf3b8 asn1: Remove unused variable assignment in main.c 2023-01-04 00:43:35 -06:00
Nicolas Williams
9fc2e943ca base: Fix use-after-free in heim_path_vcreate() 2023-01-04 00:43:35 -06:00
Nicolas Williams
23a9ca27a5 base: Fix use-after-free db.c (mostly unused in prod) 
We only use `db` for an2ln testing.
 2023-01-04 00:43:35 -06:00
Nicolas Williams
c05294e2c5 base: Remove unused variable assignment in JSON string parsing 2023-01-04 00:43:35 -06:00
Nicolas Williams
a331a7a04f wind: Check for integer overflow in idn-lookup utility 2023-01-04 00:43:35 -06:00
Nicolas Williams
0ffb00275a sl: Fix leak 2023-01-04 00:43:35 -06:00
Nicolas Williams
b93129f83d roken: Fix FD and memory leaks in rk_undumptext() 2023-01-04 00:43:35 -06:00
Nicolas Williams
11c0cbe9c2 roken: Fix base32/64 decode slowness 2023-01-04 00:43:35 -06:00
Nicolas Williams
7c3a064764 roken: Quiet warnings at mergesort callers 
Some static analyzers can't tell that mergesort_r() isn't outputting
freed memory.
 2023-01-04 00:43:35 -06:00
Nicolas Williams
aee72d61bf roken: Move an #endif in issuid() to avoid dead code 2023-01-04 00:43:35 -06:00
Nicolas Williams
319793b30b roken: Fix leak in new undump_not_file() 2023-01-04 00:43:35 -06:00
Brian May
73b42d3238 Build rk_closefrom even if including in libc 2023-01-04 00:43:35 -06:00
Nicolas Williams
58e07f8882 krb5: Fix(?) st_nlink check in fcache.c 
We have a check for symlinks and hardlinks so that we refuse to open
ccaches through symlinks or which have hardlinks.  This check is too
strict, checking for `st_nlink != 1`, which runs into trouble when a
ccache is mounted as a file into a container, in which case `stat(2)`
reports it as having zero links.

The fix is to check for `st_nlink > 1`:

    -    if (sb2.st_nlink != 1) {
    +    if (sb2.st_nlink > 1) {
            krb5_set_error_message(context, EPERM, N_("Refuses to open hardlinks for caches FILE:%s", ""), filename);

Though I question the utility of the hardlink check.  MIT Kerberos
doesn't have it.
 2022-12-29 22:27:42 -06:00
Brian May
f4fd02b810 Increment hcrypto library version 2022-12-29 21:43:02 -06:00
Nicolas Williams
5c74a82e98 kadm5: Fix #1055 2022-12-29 12:20:19 -06:00
Nicolas Williams
1d9ea9b73c kadm5: Add better fuzz inputs 2022-12-22 18:14:07 -06:00
Nicolas Williams
42b0702601 krb5: Better checking for storage EOF 2022-12-22 17:55:13 -06:00
Nicolas Williams
662fda9608 kadm5: Add a fuzzer input for test_marshall 
TODO:

 - Add more inputs.
 2022-12-22 10:27:23 -06:00
Nicolas Williams
66b16d12d8 roken: Use calloc() for overflow det. in hex_encode 
Using calloc() means setting errno on overflow instead of not.
 2022-12-22 10:27:23 -06:00
Stefan Metzmacher
dc3ac8592b heimbase-atomics: let heim_base_atomic_* use 'long' instead of 'int' on AIX 
As the atomics are signed on AIX, we better try to use the largest
possible max value.

The 'int' API uses 32-bit values for both 32-bit and 64-bit binaries:

  typedef int *atomic_p;

  int fetch_and_add(atomic_p addr, int value);

The 'long' API uses 32-bit values for 32-bit binaries and 64-bit values
for 64-bit binaries:

  typedef long *atomic_l;

  long fetch_and_addlp(atomic_l addr, long value);

So we better use the 'long' API in order to avoid any potential
problems with the heim_base_atomic_integer_max magic value, where
INT[32]_MAX would be a little bit low compared to 64-bit pointer space.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2022-12-22 22:12:52 +11:00