IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix issues found by Coverity.

Browse Source 
tickets 1166, 1167, 1168, 1169
This commit is contained in:
Jan Cholasta 2011-04-29 13:15:39 +02:00 committed by Rob Crittenden
parent d3f74d2b7c
commit 16d1db4996
6 changed files with 63 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
daemons/ipa-slapi-plugins/ipa-enrollment/ipa_enrollment.c
View File

@ -155,7 +155,7 @@ ipa_join(Slapi_PBlock *pb)
errMesg = "Kerberos realm is not set.\n"; errMesg = "Kerberos realm is not set.\n";
LOG_FATAL("%s", errMesg); LOG_FATAL("%s", errMesg);
rc = LDAP_OPERATIONS_ERROR; rc = LDAP_OPERATIONS_ERROR;
goto done; goto free_and_return;
} }
/* Get Bind DN */ /* Get Bind DN */
@ -234,7 +234,11 @@ ipa_join(Slapi_PBlock *pb)
*/ */
is_root = slapi_dn_isroot(bindDN); is_root = slapi_dn_isroot(bindDN);
slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root); if (slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root)) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
/* In order to perform the access control check, /* In order to perform the access control check,
* we need to select a backend (even though * we need to select a backend (even though
@ -242,7 +246,11 @@ ipa_join(Slapi_PBlock *pb)
*/ */
sdn = slapi_sdn_new_dn_byval(bindDN); sdn = slapi_sdn_new_dn_byval(bindDN);
be = slapi_be_select(sdn); be = slapi_be_select(sdn);
slapi_pblock_set(pb, SLAPI_BACKEND, be); if (slapi_pblock_set(pb, SLAPI_BACKEND, be)) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
/* Access Strategy: /* Access Strategy:
* If the user has WRITE-ONLY access, a new keytab is set on the entry. * If the user has WRITE-ONLY access, a new keytab is set on the entry.

32
daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
View File

@ -265,7 +265,11 @@ parse_req_done:
"using the bind DN instead.\n"); "using the bind DN instead.\n");
} }
slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn ); if (slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn )) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
/* Now we have the DN, look for the entry */ /* Now we have the DN, look for the entry */
ret = ipapwd_getEntry(dn, &targetEntry, attrlist); ret = ipapwd_getEntry(dn, &targetEntry, attrlist);
@ -292,7 +296,11 @@ parse_req_done:
*/ */
is_root = slapi_dn_isroot(bindDN); is_root = slapi_dn_isroot(bindDN);
slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root); if (slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root)) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
/* In order to perform the access control check, we need to select a /* In order to perform the access control check, we need to select a
* backend (even though we don't actually need it otherwise). * backend (even though we don't actually need it otherwise).
@ -306,7 +314,11 @@ parse_req_done:
rc = LDAP_OPERATIONS_ERROR; rc = LDAP_OPERATIONS_ERROR;
goto free_and_return; goto free_and_return;
} }
slapi_pblock_set(pb, SLAPI_BACKEND, be); if (slapi_pblock_set(pb, SLAPI_BACKEND, be)) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
} }
ret = slapi_access_allowed( pb, targetEntry, "krbPrincipalKey", NULL, SLAPI_ACL_WRITE ); ret = slapi_access_allowed( pb, targetEntry, "krbPrincipalKey", NULL, SLAPI_ACL_WRITE );
@ -613,13 +625,21 @@ static int ipapwd_setkeytab(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg)
*/ */
is_root = slapi_dn_isroot(bindDN); is_root = slapi_dn_isroot(bindDN);
slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root); if (slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root)) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
/* In order to perform the access control check, /* In order to perform the access control check,
* we need to select a backend (even though * we need to select a backend (even though
* we don't actually need it otherwise). * we don't actually need it otherwise).
*/ */
slapi_pblock_set(pb, SLAPI_BACKEND, be); if (slapi_pblock_set(pb, SLAPI_BACKEND, be)) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
goto free_and_return;
}
/* Access Strategy: /* Access Strategy:
* If the user has WRITE-ONLY access, a new keytab is set on the entry. * If the user has WRITE-ONLY access, a new keytab is set on the entry.
@ -869,7 +889,7 @@ static int ipapwd_setkeytab(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg)
slapi_mods_free(&smods); slapi_mods_free(&smods);
goto free_and_return; goto free_and_return;
} }
evals[0] = slapi_value_new_string(bindDN); evals[0] = slapi_value_new_string(bindDN);
slapi_mods_add_mod_values(smods, LDAP_MOD_ADD, "enrolledBy", evals); slapi_mods_add_mod_values(smods, LDAP_MOD_ADD, "enrolledBy", evals);
} else { } else {

5
daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
View File

@ -766,7 +766,10 @@ done:
/* put back a, possibly modified, set of mods */ /* put back a, possibly modified, set of mods */
if (smods) { if (smods) {
mods = slapi_mods_get_ldapmods_passout(smods); mods = slapi_mods_get_ldapmods_passout(smods);
slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods); if (slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods)) {
LOG_FATAL("slapi_pblock_set failed!\n");
rc = LDAP_OPERATIONS_ERROR;
}
slapi_mods_free(&smods); slapi_mods_free(&smods);
} }

17
daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c
View File

@ -277,7 +277,7 @@ ipauuid_internal_preop_init(Slapi_PBlock *pb)
(void *) ipauuid_add_pre_op) != 0) { (void *) ipauuid_add_pre_op) != 0) {
status = EFAIL; status = EFAIL;
} }
return status; return status;
} }
@ -1111,8 +1111,14 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
slapi_entry_set_sdn(e, sdn); slapi_entry_set_sdn(e, sdn);
/* reset the target DN since we've changed it. */ /* reset the target DN since we've changed it. */
slapi_pblock_set(pb, SLAPI_ADD_TARGET, if (slapi_pblock_set(pb, SLAPI_ADD_TARGET,
(char*)slapi_sdn_get_ndn(slapi_entry_get_sdn_const(e))); (char*)slapi_sdn_get_ndn(slapi_entry_get_sdn_const(e)))) {
LOG_FATAL("slapi_block_set failed!\n");
ret = LDAP_OPERATIONS_ERROR;
slapi_rdn_free(&rdn);
slapi_sdn_free(&sdn);
goto done;
}
} }
slapi_rdn_free(&rdn); slapi_rdn_free(&rdn);
slapi_sdn_free(&sdn); slapi_sdn_free(&sdn);
@ -1164,7 +1170,10 @@ done:
if (smods != NULL) { if (smods != NULL) {
/* Put the updated mods back into place. */ /* Put the updated mods back into place. */
mods = slapi_mods_get_ldapmods_passout(smods); mods = slapi_mods_get_ldapmods_passout(smods);
slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods); if (slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods)) {
LOG_FATAL("slapi_pblock_set failed!\n");
ret = LDAP_OPERATIONS_ERROR;
}
slapi_mods_free(&smods); slapi_mods_free(&smods);
} }

4
ipa-client/config.c
View File

@ -64,6 +64,10 @@ read_config_file(const char *filename)
} }
left = st.st_size; left = st.st_size;
data = malloc(st.st_size + 1); data = malloc(st.st_size + 1);
if (data == NULL) {
fprintf(stderr, _("out of memory\n"));
return NULL;
}
dest = data; dest = data;
while (left != 0) { while (left != 0) {
ssize_t res; ssize_t res;

6
ipa-client/ipa-join.c
View File

@ -139,6 +139,10 @@ callRPC(xmlrpc_env * const envP,
XMLRPC_ASSERT(xmlrpc_value_type(paramArrayP) == XMLRPC_TYPE_ARRAY); XMLRPC_ASSERT(xmlrpc_value_type(paramArrayP) == XMLRPC_TYPE_ARRAY);
curlXportParmsP = malloc(sizeof(*curlXportParmsP)); curlXportParmsP = malloc(sizeof(*curlXportParmsP));
if (curlXportParmsP == NULL) {
xmlrpc_env_set_fault(envP, XMLRPC_INTERNAL_ERROR, _("Out of memory!"));
return;
}
memset(curlXportParmsP, 0, sizeof(*curlXportParmsP)); memset(curlXportParmsP, 0, sizeof(*curlXportParmsP));
/* Have curl do SSL certificate validation */ /* Have curl do SSL certificate validation */
@ -930,7 +934,7 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
rval = 5; rval = 5;
goto cleanup; goto cleanup;
} }
krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc); krberr = krb5_cc_get_principal(krbctx, ccache, &uprinc);
if (krberr) { if (krberr) {
fprintf(stderr, _("Unable to join host: Kerberos User Principal " fprintf(stderr, _("Unable to join host: Kerberos User Principal "