#1863 Dereference after a NULL check in krb5_child.c
Closed: Invalid None Opened 7 years ago by jhrozek.

Found by Coverity:

1135    /* Use the updated principal in the creds in case canonicalized */

23. Condition "kr->creds", taking false branch

24. var_compare_op: Comparing "kr->creds" to null implies that "kr->creds" might be null.
1136    kerr = create_ccache(kr->uid, kr->gid, kr->ctx,
1137                         kr->creds ? kr->creds->client : kr->princ,
1138                         kr->ccname, kr->creds);

25. Condition "kerr != 0", taking false branch
1139    if (kerr != 0) {
1140        KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
1141        goto done;
1142    }
1143

CID 10022 (#1 of 1): Dereference after null check (FORWARD_NULL)26. var_deref_model: Passing "kr" to function "add_ticket_times_and_upn_to_response(struct krb5_req *)", which dereferences null "kr->creds". [show details]
1144    kerr = add_ticket_times_and_upn_to_response(kr);
1145    if (kerr != 0) {
1146        DEBUG(1, ("add_ticket_times_and_upn_to_response failed.\n"));
1147    }

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.10.0
rhbz: => 0

Fields changed

owner: somebody => okos

This was a false-positive, coverity suspected that kr->creds might be NULL because of the check in create_ccache call, but the function itself then creates kr->creds. The only reason for the null check is to determine, if we have the creds yet, or we're creating them from principal.

resolution: => invalid
status: new => closed

Metadata Update from @jhrozek:
- Issue assigned to okos
- Issue set to the milestone: SSSD 1.10.0

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2905

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata