SSSD / sssd

Clone

#735 Possible NULL-dereference in lookup_netgr_step
Closed: Fixed None Opened 13 years ago by sgallagh.

Closed: Fixed
Reopen Issue 
  359static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx)
  360{
  361    errno_t ret;
  362    struct sss_domain_info *dom = step_ctx->dctx->domain;
  363    struct getent_ctx *netgr;
  364    struct sysdb_ctx *sysdb;
  365
  366    /* Check each domain for this netgroup name */
At conditional (1): "dom" taking the false branch.
Comparing "dom" to null implies that "dom" might be null.
  367    while (dom) {
  368        /* if it is a domainless search, skip domains that require fully
  369         * qualified names instead */
  370        while (dom && step_ctx->check_next && dom->fqnames) {
  371            dom = dom->next;
  372        }
...
  484    }
  485
  486    /* If we've gotten here, then no domain contained this netgroup */
At conditional (2): "2 <= debug_level" taking the true branch.
At conditional (3): "debug_timestamps" taking the false branch.
  487    DEBUG(2, ("No matching domain found for [%s], fail!\n",
  488              step_ctx->name));
  489
  490    netgr = talloc_zero(step_ctx->nctx, struct getent_ctx);
At conditional (4): "netgr == NULL" taking the false branch.
  491    if (netgr == NULL) {
  492        DEBUG(1, ("talloc_zero failed, ignored.\n"));
  493    } else {
  494        netgr->ready = true;
  495        netgr->entries = NULL;
  496
  497        ret = set_netgroup_entry(step_ctx->nctx, step_ctx->name, netgr);
At conditional (5): "ret != 0" taking the true branch.
  498        if (ret != EOK) {
At conditional (6): "1 <= debug_level" taking the true branch.
At conditional (7): "debug_timestamps" taking the false branch.
  499            DEBUG(1, ("set_netgroup_entry failed, ignored.\n"));
  500        }
Dereferencing null variable "dom".
  501        set_netgr_lifetime(dom->entry_cache_timeout, step_ctx, netgr);
  502    }
  503
  504    return ENOENT;
  505}

In this (unlikely) case, we should probably just set the default timeout, since we don't have a domain to use.

Fixed by 5dca772

resolution: => fixed
status: new => closed

Fields changed

rhbz: => 0

Metadata Update from @sgallagh:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.5.0
7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1777

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata
None
None
None
major
defect
SSSD
1.4.1
None
0
None
0
None
None
None
Coverity
10068
None
None
None
None
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.