freeipa-3.3.90GIT8e98690/daemons/ipa-slapi-plugins/ipa-pwd-extop/syncreq.c
56bool sync_request_handle(Slapi_ComponentId *plugin_id, Slapi_PBlock *pb, 57 const char *user_dn) 58{ 59 struct otptoken **tokens = NULL; 60 LDAPControl **controls = NULL; 61 BerElement *ber = NULL; 62 char *token_dn = NULL; 63 int second = 0; 64 int first = 0; 65 1. Condition slapi_pblock_get(pb, 51, &controls) != 0, taking false branch 66 if (slapi_pblock_get(pb, SLAPI_REQCONTROLS, &controls) != 0) 67 return false; 68 2. Condition controls == NULL, taking false branch 3. Condition controls[0] == NULL, taking false branch 69 if (controls == NULL || controls[0] == NULL) 70 return false; 71 4. Condition controls[i] != NULL, taking true branch 7. Condition controls[i] != NULL, taking true branch 10. Condition controls[i] != NULL, taking true branch 72 for (int i = 0; controls[i] != NULL; i++) { 5. Condition strcmp(controls[i]->ldctl_oid, "2.16.840.1.113730.3.8.10.6") != 0, taking true branch 8. Condition strcmp(controls[i]->ldctl_oid, "2.16.840.1.113730.3.8.10.6") != 0, taking true branch 11. Condition strcmp(controls[i]->ldctl_oid, "2.16.840.1.113730.3.8.10.6") != 0, taking false branch 73 if (strcmp(controls[i]->ldctl_oid, OTP_SYNC_REQUEST_OID) != 0) 6. Continuing loop 9. Continuing loop 74 continue; 75 76 /* Decode the request. */ 77 ber = ber_init(&controls[i]->ldctl_value); 12. Condition ber == NULL, taking false branch 78 if (ber == NULL) 79 return false; 80 81 /* Decode the token codes. */ 13. Condition ber_scanf(ber, "{ii", &first, &second) == 18446744073709551615UL /* (ber_tag_t)-1 */, taking false branch 82 if (ber_scanf(ber, "{ii", &first, &second) == LBER_ERROR) { 83 ber_free(ber, 1); 84 return false; 85 } 86 87 /* Decode the optional token DN. */ CID 12448 (#1 of 1): Unchecked return value (CHECKED_RETURN) 14. check_return: Calling ber_scanf without checking return value (as is done elsewhere 32 out of 34 times). 88 ber_scanf(ber, "a", &token_dn); 89 if (ber_scanf(ber, "}") == LBER_ERROR) { 90 ber_free(ber, 1); 91 return false; 92 } 93 ber_free(ber, 1);
daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c
99static inline int 100send_error(Slapi_PBlock *pb, int rc, char *errstr) 101{ 102 slapi_send_ldap_result(pb, rc, NULL, errstr, 0, NULL); CID 12449 (#1 of 1): Unchecked return value (CHECKED_RETURN) 1. check_return: Calling slapi_pblock_set without checking return value (as is done elsewhere 118 out of 129 times). 103 slapi_pblock_set(pb, SLAPI_RESULT_CODE, &rc); 104 return rc; 105}
freeipa-3.3.90GIT8e98690/daemons/ipa-kdb/ipa_kdb_principals.c
1871static krb5_error_code ipadb_modify_principal(krb5_context kcontext, 1872 krb5_db_entry *entry) 1873{ 1874 struct ipadb_context *ipactx; 1875 krb5_error_code kerr; 1. assign_zero: Assigning: principal = NULL. 1876 char *principal = NULL; 1877 LDAPMessage *res = NULL; 1878 LDAPMessage *lentry; 1879 struct ipadb_mods *imods = NULL; 1880 char *dn = NULL; 1881 struct ipadb_e_data *ied; 1882 1883 ipactx = ipadb_get_context(kcontext); 2. Condition !ipactx, taking false branch 1884 if (!ipactx) { 1885 return KRB5_KDB_DBNOTINITED; 1886 } 1887 1888 ied = (struct ipadb_e_data *)entry->e_data; 3. Condition !ied, taking false branch 4. Condition !ied->entry_dn, taking false branch 1889 if (!ied || !ied->entry_dn) { 1890 kerr = krb5_unparse_name(kcontext, entry->princ, &principal); 1891 if (kerr != 0) { 1892 goto done; 1893 } 1894 1895 kerr = ipadb_fetch_principals(ipactx, 0, principal, &res); 1896 if (kerr != 0) { 1897 goto done; 1898 } 1899 1900 /* FIXME: no alias allowed for now, should we allow modifies 1901 * by alias name ? */ 1902 kerr = ipadb_find_principal(kcontext, 0, res, &principal, &lentry); 1903 if (kerr != 0) { 1904 goto done; 1905 } 1906 1907 dn = ldap_get_dn(ipactx->lcontext, lentry); 1908 if (!dn) { 1909 kerr = KRB5_KDB_INTERNAL_ERROR; 1910 goto done; 1911 } 1912 } 1913 1914 kerr = new_ipadb_mods(&imods); 5. Condition kerr, taking false branch 1915 if (kerr) { 1916 goto done; 1917 } 1918 CID 12453 (#1 of 1): Explicit null dereferenced (FORWARD_NULL) 6. var_deref_model: Passing null pointer principal to ipadb_entry_to_mods, which dereferences it. [show details] 1919 kerr = ipadb_entry_to_mods(kcontext, imods, 1920 entry, principal, LDAP_MOD_REPLACE);
Moving stabilization tickets that do not affect FreeIPA 4.0 release usability in any significant way to 4.0.1 stabilization milestone.
Unchecked return value (12448) Already marked as a 'Intentional' in Coverity.
Unchecked return value (12449) Already marked as a 'Intentional' in Coverity.
Explicit NULL dereferenced (12453) Already marked as a 'False Positive' in Coverity.
Metadata Update from @mkosek: - Issue assigned to dkupka - Issue set to the milestone: FreeIPA 4.0.1
Login to comment on this ticket.