freeipa

Clone
Source Code
GIT

#2035 Fix coverity bugs in client tools
Closed: Fixed None Opened 11 years ago by mkosek.

Closed: Fixed
Reopen Issue

Discovered by Coverity scan

Bugs:

ipa-client/config.c

 46read_config_file(const char *filename)
 47{
 48    int fd;
 49    struct stat st;
 50    char *data, *dest;
 51    size_t left;
 52
CID 11090: Resource leak (RESOURCE_LEAK)
Calling opening function "open".
Assigning: "fd" = handle returned from "open(filename, 0)".
 53    fd = open(filename, O_RDONLY);
At conditional (1): "fd == -1" taking the false branch.
 54    if (fd == -1) {
 55        fprintf(stderr, _("cannot open configuration file %s\n"), filename);
 56        return NULL;
 57    }
 58
 59    /* stat() the file so we know the size and can pre-allocate the right
 60     * amount of memory. */
At conditional (2): "fstat(fd, &st) == -1" taking the true branch.
Variable "fd" is not closed or saved in function "fstat".
 61    if (fstat(fd, &st) == -1) {
 62        fprintf(stderr, _("cannot stat() configuration file %s\n"), filename);
Handle variable "fd" going out of scope leaks the handle.
 63        return NULL;
 64    }
 65    left = st.st_size;
 66    data = malloc(st.st_size + 1);
 67    if (data == NULL) {
 68        fprintf(stderr, _("out of memory\n"));
Handle variable "fd" going out of scope leaks the handle.
 69        return NULL;
 70    }

ipa-client/ipa-getkeytab.c

68static int ldap_sasl_interact(LDAP *ld, unsigned flags, void *priv_data, void *sit)
 69{
 70        sasl_interact_t *in = NULL;
 71        int ret = LDAP_OTHER;
 72        krb5_principal princ = (krb5_principal)priv_data;
 73        krb5_context krbctx;
 74        char *outname = NULL;
 75        krb5_error_code krberr;
 76
At conditional (1): "!ld" taking the false branch.
 77        if (!ld) return LDAP_PARAM_ERROR;
 78
At conditional (2): "in" taking the true branch.
At conditional (3): "in->id != 0UL" taking the true branch.
At conditional (6): "in" taking the true branch.
At conditional (7): "in->id != 0UL" taking the true branch.
 79        for (in = sit; in && in->id != SASL_CB_LIST_END; in++) {
 80                switch(in->id) {
At conditional (4): switch case value "16385UL" taking the true branch.
At conditional (8): switch case value "16385UL" taking the true branch.
 81                case SASL_CB_USER:
 82                        krberr = krb5_init_context(&krbctx);
 83
At conditional (5): "krberr" taking the true branch.
At conditional (9): "krberr" taking the false branch.
 84                        if (krberr) {
 85                                fprintf(stderr, _("Kerberos context initialization failed\n"));
 86                                in->result = NULL;
 87                                in->len = 0;
 88                                ret = LDAP_LOCAL_ERROR;
 89                                break;
 90                        }
 91
CID 11018: Unchecked return value (CHECKED_RETURN)
Calling function "krb5_unparse_name" without checking return value (as is done elsewhere 6 out of 7 times).
No check of the return value of "krb5_unparse_name(krbctx, princ, &outname)".
 92                        krb5_unparse_name(krbctx, princ, &outname);
 93
 94                        in->result = outname;

Patch ''freeipa-mkosek-162-fix-coverity-issues-in-client-cli-tools.patch'' sent for review
freeipa-mkosek-162-fix-coverity-issues-in-client-cli-tools.patch

master: 216505d

Metadata Update from @mkosek:
- Issue assigned to mkosek
- Issue set to the milestone: FreeIPA 3.0 Core Effort - 2011/11
6 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
IPA
None
1
None
None
None
None
0
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.