You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
2.5 KiB
84 lines
2.5 KiB
From 5703f2a26b0a183079beb7f1b176a3c24ede7309 Mon Sep 17 00:00:00 2001
|
|
From: Rob Crittenden <rcritten@redhat.com>
|
|
Date: Wed, 15 May 2024 14:17:46 -0400
|
|
Subject: [PATCH] Fix some issues uncovered by a static analyzer
|
|
|
|
A few possible overruns and a memory leak.
|
|
|
|
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
|
---
|
|
lib/common.c | 13 +++++++------
|
|
saslauthd/auth_krb5.c | 1 +
|
|
saslauthd/testsaslauthd.c | 6 +++---
|
|
3 files changed, 11 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/lib/common.c b/lib/common.c
|
|
index 6c5496a2..b9c8bf50 100644
|
|
--- a/lib/common.c
|
|
+++ b/lib/common.c
|
|
@@ -2395,18 +2395,19 @@ int _sasl_ipfromstring(const char *addr,
|
|
|
|
/* Parse the address */
|
|
for (i = 0; addr[i] != '\0' && addr[i] != ';'; i++) {
|
|
- if (i >= NI_MAXHOST)
|
|
+ if (i >= NI_MAXHOST - 1)
|
|
return SASL_BADPARAM;
|
|
hbuf[i] = addr[i];
|
|
}
|
|
hbuf[i] = '\0';
|
|
|
|
- if (addr[i] == ';')
|
|
+ if (addr[i] == ';') {
|
|
i++;
|
|
- /* XXX: Do we need this check? */
|
|
- for (j = i; addr[j] != '\0'; j++)
|
|
- if (!isdigit((int)(addr[j])))
|
|
- return SASL_BADPARAM;
|
|
+ /* XXX: Do we need this check? */
|
|
+ for (j = i; addr[j] != '\0'; j++)
|
|
+ if (!isdigit((int)(addr[j])))
|
|
+ return SASL_BADPARAM;
|
|
+ }
|
|
|
|
memset(&hints, 0, sizeof(hints));
|
|
hints.ai_family = PF_UNSPEC;
|
|
diff --git a/saslauthd/auth_krb5.c b/saslauthd/auth_krb5.c
|
|
index c7cceeec..7750b55e 100644
|
|
--- a/saslauthd/auth_krb5.c
|
|
+++ b/saslauthd/auth_krb5.c
|
|
@@ -203,6 +203,7 @@ auth_krb5 (
|
|
|
|
if (form_principal_name(user, service, realm, principalbuf, sizeof (principalbuf))) {
|
|
syslog(LOG_ERR, "auth_krb5: form_principal_name");
|
|
+ krb5_free_context(context);
|
|
return strdup("NO saslauthd principal name error");
|
|
}
|
|
|
|
diff --git a/saslauthd/testsaslauthd.c b/saslauthd/testsaslauthd.c
|
|
index 8a0e4d9c..9267c43d 100644
|
|
--- a/saslauthd/testsaslauthd.c
|
|
+++ b/saslauthd/testsaslauthd.c
|
|
@@ -70,8 +70,8 @@ int flags = LOG_USE_STDERR;
|
|
*/
|
|
int retry_read(int fd, void *inbuf, unsigned nbyte)
|
|
{
|
|
- int n;
|
|
- int nread = 0;
|
|
+ ssize_t n;
|
|
+ size_t nread = 0;
|
|
char *buf = (char *)inbuf;
|
|
|
|
if (nbyte == 0) return 0;
|
|
@@ -233,7 +233,7 @@ static int saslauthd_verify_password(const char *saslauthd_path,
|
|
return -1;
|
|
}
|
|
|
|
- count = (int)sizeof(response) < count ? sizeof(response) : count;
|
|
+ count = (int)sizeof(response) <= count ? sizeof(response) - 1: count;
|
|
if (retry_read(s, response, count) < count) {
|
|
close(s);
|
|
fprintf(stderr,"read failed\n");
|
|
--
|
|
2.45.0
|
|
|