Learn more about these different git repos.
Other Git URLs
Found by Coverity:
291 do { 20. Condition "dom_sid->num_auths > 15", taking false branch 21. cond_at_most: Checking "dom_sid->num_auths > 15" implies that the value of "dom_sid->num_auths" may be up to 15 on the false branch. 292 if (dom_sid->num_auths > SID_SUB_AUTHS) { 293 err = IDMAP_SID_INVALID; 294 goto done; 295 } 296 297 r++; 22. Condition "!(*__ctype_b_loc()[(int)*r] & 2048 /* (unsigned short)_ISdigit */)", taking false branch 298 if (!isdigit(*r)) { 299 err = IDMAP_SID_INVALID; 300 goto done; 301 } 302 303 errno = 0; 304 ul = strtoul(r, &end, 10); 23. Condition "*__errno_location() != 0", taking false branch 24. Condition "ul > 4294967295U", taking false branch 25. Condition "end == NULL", taking false branch 26. Condition "*end != 0", taking true branch 27. Condition "*end != '-'", taking false branch 305 if (errno != 0 || ul > UINT32_MAX || end == NULL || 306 (*end != '\0' && *end != '-')) { 307 err = IDMAP_SID_INVALID; 308 goto done; 309 } 310 CID 10028 (#1 of 1): Out-of-bounds write (OVERRUN)28. overrun-local: Overrunning array "dom_sid->sub_auths" of 15 4-byte elements at element index 15 (byte offset 60) using index "dom_sid->num_auths++" (which evaluates to 15). 311 dom_sid->sub_auths[dom_sid->num_auths++] = ul;
Fields changed
owner: somebody => jhrozek patch: 0 => 1 status: new => assigned
milestone: NEEDS_TRIAGE => SSSD 1.10.0 rhbz: => 0
milestone: SSSD 1.10.0 => SSSD 1.10 beta
resolution: => fixed status: assigned => closed
Metadata Update from @jhrozek: - Issue assigned to jhrozek - Issue set to the milestone: SSSD 1.10 beta
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2903
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.