SSSD / sssd

Clone

#1411 Uninitialized value in krb5_child-test if ccname is specified
Closed: Fixed None Opened 11 years ago by sgallagh.

Closed: Fixed
Reopen Issue 
192static struct krb5child_req *
193create_dummy_req(TALLOC_CTX *mem_ctx, const char *user,
194                 const char *password, const char *realm,
195                 const char *ccname, const char *ccname_template,
196                 int timeout)
197{
198    enum sss_krb5_cc_type cc_be;
199    struct krb5child_req *kr;
200    struct passwd *pwd;
CID 12785: Uninitialized scalar variable (UNINIT)Declaring variable "private" without initializer.
201    bool private;
202    errno_t ret;
203    const char *tmpl;
204
205    /* The top level child request */
206    kr = talloc_zero(mem_ctx, struct krb5child_req);
At conditional (1): "!kr" taking the false branch.
207    if (!kr) return NULL;
208
209    pwd = getpwnam(user);
At conditional (2): "!pwd" taking the false branch.
210    if (!pwd) {
211        DEBUG(SSSDBG_FATAL_FAILURE,
212              ("Cannot get info on user [%s]\n", user));
213        goto fail;
214    }
215
216    kr->uid = pwd->pw_uid;
217    kr->gid = pwd->pw_gid;
218
219    /* The Kerberos context */
220    kr->krb5_ctx = create_dummy_krb5_ctx(kr, realm);
221    /* PAM Data structure */
222    kr->pd = create_dummy_pam_data(kr, user, password);
223
224    ret = krb5_get_simple_upn(kr, kr->krb5_ctx, kr->pd->user, &kr->upn);
At conditional (3): "ret != 0" taking the false branch.
225    if (ret != EOK) {
226        DEBUG(SSSDBG_OP_FAILURE, ("krb5_get_simple_upn failed.\n"));
227        goto fail;
228    }
229
230    /* Override options with what was provided by the user */
At conditional (4): "ccname_template" taking the true branch.
231    if (ccname_template) {
232        ret = dp_opt_set_string(kr->krb5_ctx->opts, KRB5_CCNAME_TMPL,
233                                ccname_template);
At conditional (5): "ret != 0" taking the false branch.
234        if (ret != EOK) goto fail;
235        tmpl = ccname_template;
236    } else {
237        tmpl = dp_opt_get_cstring(kr->krb5_ctx->opts, KRB5_CCNAME_TMPL);
238    }
239
At conditional (6): "timeout" taking the true branch.
240    if (timeout) {
CID 12780: Unchecked return value (CHECKED_RETURN) [select defect]
241        dp_opt_set_int(kr->krb5_ctx->opts, KRB5_AUTH_TIMEOUT, timeout);
242    }
243
At conditional (7): "!ccname" taking the false branch.
244    if (!ccname) {
245        kr->ccname = expand_ccname_template(kr, kr,
246                                        dp_opt_get_cstring(kr->krb5_ctx->opts,
247                                                           KRB5_CCNAME_TMPL),
248                                            true, true, &private);
249        if (!kr->ccname) goto fail;
250
251        DEBUG(SSSDBG_FUNC_DATA, ("ccname [%s] uid [%llu] gid [%llu]\n",
252              kr->ccname, kr->uid, kr->gid));
253    } else {
254        kr->ccname = talloc_strdup(kr, ccname);
255    }
At conditional (8): "!kr->ccname" taking the false branch.
256    if (!kr->ccname) goto fail;
257
258    cc_be = sss_krb5_get_type(kr->ccname);
259    switch (cc_be) {
At conditional (9): switch case value "SSS_KRB5_TYPE_FILE" taking the true branch.
260    case SSS_KRB5_TYPE_FILE:
261        kr->krb5_ctx->cc_be = &file_cc;
262        break;
263#ifdef HAVE_KRB5_DIRCACHE
264    case SSS_KRB5_TYPE_DIR:
265        kr->krb5_ctx->cc_be = &dir_cc;
266        break;
267#endif /* HAVE_KRB5_DIRCACHE */
268    default:
269        if (tmpl[0] != '/') {
270            DEBUG(SSSDBG_OP_FAILURE, ("Unkown ccname database\n"));
271            ret = EINVAL;
272            goto fail;
273        }
274        DEBUG(SSSDBG_CONF_SETTINGS, ("The ccname template was "
275              "missing an explicit type, but looks like an absolute "
276              "path specifier. Assuming FILE:\n"));
277        kr->krb5_ctx->cc_be = &file_cc;
278        break;
279    }
At conditional (10): "debug_level & __debug_macro_newlevel" taking the true branch.
At conditional (11): "debug_timestamps" taking the true branch.
At conditional (12): "debug_microseconds" taking the true branch.
280    DEBUG(SSSDBG_FUNC_DATA, ("ccname [%s] uid [%llu] gid [%llu]\n",
281            kr->ccname, kr->uid, kr->gid));
282
Using uninitialized value "private" when calling "*kr->krb5_ctx->cc_be->create".
283    ret = kr->krb5_ctx->cc_be->create(kr->ccname,
284                                      kr->krb5_ctx->illegal_path_re,
285                                      kr->uid, kr->gid, private);
286    if (ret != EOK) {
287        DEBUG(SSSDBG_OP_FAILURE, ("create_ccache_dir failed.\n"));
288        goto fail;
289    }
290
291    return kr;
292
293fail:
294    talloc_free(kr);
295    return NULL;
296}

Fields changed

coverity: => 12785
keywords: => Coverity

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.9.0
priority: major => trivial

Fields changed

rhbz: => 0

Fields changed

owner: jhrozek => mzidek
status: new => assigned

Fields changed

patch: 0 => 1

master: 068144e

resolution: => fixed
status: assigned => closed

Metadata Update from @sgallagh:
- Issue assigned to mzidek
- Issue set to the milestone: SSSD 1.9.0
7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2453

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata
None
None
None
trivial
defect
Kerberos Provider
master
None
0
1
0
None
None
None
Coverity
12785
None
None
None
None
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.