#1112 Use of uninitialized value in sss_ldap_dn_in_search_bases
Closed: Fixed None Opened 8 years ago by sgallagh.

474bool sss_ldap_dn_in_search_bases(TALLOC_CTX *mem_ctx,
475                                 const char *dn,
476                                 struct sdap_search_base **search_bases,
477                                 char **_filter)
478{
479    struct sdap_search_base *base;
480    int basedn_len, dn_len;
481    int len_diff;
482    int i, j;
483    bool base_confirmed;
484    bool comma_found;
CID 12386: Uninitialized scalar variable (UNINIT)Declaring variable "backslash_found" without initializer.
485    bool backslash_found;
486    char *filter = NULL;
487    bool ret = false;
488
At conditional (1): "dn == NULL" taking the false branch.
489    if (dn == NULL) {
490        DEBUG(SSSDBG_FUNC_DATA, ("dn is NULL\n"));
491        ret = false;
492        goto done;
493    }
494
At conditional (2): "search_bases == NULL" taking the false branch.
495    if (search_bases == NULL) {
496        DEBUG(SSSDBG_FUNC_DATA, ("search_bases is NULL\n"));
497        ret = false;
498        goto done;
499    }
500
501    dn_len = strlen(dn);
At conditional (3): "search_bases[i] != NULL" taking the true branch.
At conditional (5): "search_bases[i] != NULL" taking the true branch.
At conditional (7): "search_bases[i] != NULL" taking the true branch.
502    for (i = 0; search_bases[i] != NULL; i++) {
503        base = search_bases[i];
504        basedn_len = strlen(base->basedn);
505
At conditional (4): "basedn_len > dn_len" taking the true branch.
At conditional (6): "basedn_len > dn_len" taking the true branch.
At conditional (8): "basedn_len > dn_len" taking the false branch.
506        if (basedn_len > dn_len) {
507            continue;
508        }
509
510        len_diff = dn_len - basedn_len;
At conditional (9): "strncasecmp(dn + len_diff, base->basedn, basedn_len) == 0" taking the true branch.
At conditional (10): "strncasecmp(dn + len_diff, base->basedn, basedn_len) == 0" taking the true branch.
511        base_confirmed = (strncasecmp(&dn[len_diff], base->basedn, basedn_len) == 0);
At conditional (11): "!base_confirmed" taking the false branch.
512        if (!base_confirmed) {
513            continue;
514        }
515
516        switch (base->scope) {
517        case LDAP_SCOPE_BASE:
518            /* dn > base? */
519            if (len_diff != 0) {
520                continue;
521            }
522            break;
At conditional (12): switch case value "1" taking the true branch.
523        case LDAP_SCOPE_ONELEVEL:
At conditional (13): "len_diff == 0" taking the false branch.
524            if (len_diff == 0) {
525                /* Base object doesn't belong to scope=one
526                 * search */
527                continue;
528            }
529
530            comma_found = false;
At conditional (14): "j < len_diff - 1" taking the true branch.
531            for (j = 0; j < len_diff - 1; j++) { /* ignore comma before base */
At conditional (15): "dn[j] == 92" taking the false branch.
532                if (dn[j] == '\\') {
533                    backslash_found = true;
At conditional (16): "dn[j] == 44" taking the true branch.
Using uninitialized value "backslash_found".
534                } else if (dn[j] == ',' && !backslash_found) {
535                    comma_found = true;
536                    break;
537                } else {
538                    backslash_found = false;
539                }
540            }

backslash_found needs to be initialized to false.

Fields changed

owner: pbrezina@redhat.com => pbrezina
status: new => assigned

Fields changed

patch: 0 => 1

Fixed by: 273e5d2

blockedby: =>
blocking: =>
resolution: => fixed
status: assigned => closed

Fields changed

rhbz: => 0

Metadata Update from @sgallagh:
- Issue assigned to pbrezina
- Issue set to the milestone: SSSD 1.7.0

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2154

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata