#1072 Potential NULL-dereference in test_helper_debug_is_empty_message()
Closed: Fixed None Opened 12 years ago by sgallagh.

304int test_helper_debug_is_empty_message(int level, int msgmode)
305{
306    char filename[24] = {'\0'};
307    int fd;
308    int filesize;
309    int set_fd_result;
310    int ret;
311    FILE *file;
312
313    strncpy(filename, "sssd_debug_tests.XXXXXX", 24);
314    fd = mkstemp(filename);
315    if (fd == -1)
316        return errno;
317
318    file = fdopen(fd, "r");
At conditional (1): "file == NULL" taking the true branch.
CID 11013: Dereference after null check (FORWARD_NULL)Comparing "file" to null implies that "file" might be null.
319    if (file == NULL) {
320        ret = errno;
321        goto done;
322    }
323
324    set_fd_result = set_debug_file_from_fd(fd);
325    if (set_fd_result != EOK) {
326        ret = set_fd_result;
327        goto done;
328    }
329
330    if (msgmode == 0) {
331        DEBUG(level, ("some error\n"));
332    } else {
333        DEBUG_MSG(level, __FUNCTION__, "some error");
334    }
335    fseek(file, 0, SEEK_END);
336    filesize = ftell(file);
337
338    ret = filesize == 0 ? EOK : DEBUG_TEST_NOK;
339
340done:
Passing null variable "file" to function "fclose", which dereferences it.
341    fclose(file);
342    remove(filename);
343    return ret;
344}

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.7.0
resolution: => fixed
status: new => closed

Fields changed

rhbz: => 0

Metadata Update from @sgallagh:
- Issue assigned to pbrezina
- Issue set to the milestone: SSSD 1.7.0

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2114

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata