mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
OTP: failed search for the user of last token emits an error message
This patch fixes the following defect reported by covscan: """ Error: CHECKED_RETURN (CWE-252): /daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c:119: check_return: Calling "slapi_search_internal_get_entry" without checking return value (as is done elsewhere 14 out of 16 times). /daemons/ipa-slapi-plugins/ipa-enrollment/ipa_enrollment.c:402: example_checked: Example 1: "slapi_search_internal_get_entry(sdn, NULL, &config_entry, ipaenrollment_plugin_id)" has its value checked in "(rc = slapi_search_internal_get_entry(sdn, NULL, &config_entry, ipaenrollment_plugin_id)) != 0". /daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:207: example_assign: Example 2: Assigning: "ret" = return value from "slapi_search_internal_get_entry(sdn, NULL, &config_entry, getPluginID())". /daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:212: example_checked: Example 2 (cont.): "ret" has its value checked in "ret". /daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:651: example_assign: Example 3: Assigning: "search_result" = return value from "slapi_search_internal_get_entry(sdn, attrlist, e2, ipapwd_plugin_id)". /daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:653: example_checked: Example 3 (cont.): "search_result" has its value checked in "search_result != 0". /daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1035: example_assign: Example 4: Assigning: "ret" = return value from "slapi_search_internal_get_entry(tmp_dn, NULL, &pwdop->pwdata.target, ipapwd_plugin_id)". /daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1039: example_checked: Example 4 (cont.): "ret" has its value checked in "ret != 0". /daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:817: example_assign: Example 5: Assigning: "ret" = return value from "slapi_search_internal_get_entry(tmp_dn, NULL, &e, getPluginID())". /daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:820: example_checked: Example 5 (cont.): "ret" has its value checked in "ret == 10". """ this patch is a part of a series related to https://fedorahosted.org/freeipa/ticket/4795 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
parent
b0a8623a8f
commit
8242660cba
@ -111,13 +111,19 @@ static bool is_pwd_enabled(const char *user_dn)
|
||||
Slapi_Entry *entry = NULL;
|
||||
uint32_t authtypes;
|
||||
Slapi_DN *sdn;
|
||||
int search_result = 0;
|
||||
|
||||
sdn = slapi_sdn_new_dn_byval(user_dn);
|
||||
if (sdn == NULL)
|
||||
return false;
|
||||
|
||||
slapi_search_internal_get_entry(sdn, attrs, &entry,
|
||||
otp_config_plugin_id(otp_config));
|
||||
search_result = slapi_search_internal_get_entry(sdn, attrs, &entry,
|
||||
otp_config_plugin_id(otp_config));
|
||||
if (search_result != LDAP_SUCCESS) {
|
||||
LOG_TRACE("File '%s' line %d: Unable to access LDAP entry '%s'. "
|
||||
"Perhaps it doesn't exist? Error code: %d\n", __FILE__,
|
||||
__LINE__, slapi_sdn_get_dn(sdn), search_result);
|
||||
}
|
||||
slapi_sdn_free(&sdn);
|
||||
if (entry == NULL)
|
||||
return false;
|
||||
|
Loading…
Reference in New Issue
Block a user