#2112 Coverity reported potential NULL dereference
Closed: Fixed None Opened 10 years ago by jhrozek.

Coverity reported the following path in krb5_child.c:

 944     principal = kr->creds ? kr->creds->client : kr->princ;
 945     
 946     /* If kr->ccname is cache collection (DIR:/...), we want to work
 947      * directly with file ccache (DIR::/...), but cache collection
 948      * should be returned back to back end.
 949      */
 950     cc_name = sss_get_ccache_name_for_principal(kr->pd, kr->ctx, principal,
 951                                                 kr->ccname);
 952     if (cc_name == NULL) {
 953         cc_name = kr->ccname;
 954     }
 955 
 956     /* Use the updated principal in the creds in case canonicalized */
 957     kerr = create_ccache(cc_name, kr->creds);
 958     if (kerr != 0) {
 959         KRB5_CHILD_DEBUG(SSSDBG_CRIT_FAILURE, kerr);
 960         goto done; 
 961     }

Line 944 checks kr->creds for being non-NULL, but then we pass kr->creds to create_ccache.


Fields changed

owner: somebody => lslebodn

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.11.2
rhbz: => 0

Fields changed

patch: 0 => 1
status: new => assigned

resolution: => fixed
status: assigned => closed

Fields changed

changelog: => N/A just a bugfix

Metadata Update from @jhrozek:
- Issue assigned to lslebodn
- Issue set to the milestone: SSSD 1.11.2

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3154

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata