mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
Uninitialized pointer read in ipa-rmkeytab
Fix "--realm" parameter processing in ipa-rmkeytab. Also make sure that memory allocated in this process is also freed. https://fedorahosted.org/freeipa/ticket/711
This commit is contained in:
parent
6503813608
commit
e2d4e9477e
@ -148,8 +148,8 @@ main(int argc, const char **argv)
|
|||||||
krb5_error_code krberr;
|
krb5_error_code krberr;
|
||||||
krb5_keytab ktid;
|
krb5_keytab ktid;
|
||||||
krb5_kt_cursor cursor;
|
krb5_kt_cursor cursor;
|
||||||
char * ktname;
|
char * ktname = NULL;
|
||||||
char * atrealm;
|
char * atrealm = NULL;
|
||||||
poptContext pc;
|
poptContext pc;
|
||||||
static const char *keytab = NULL;
|
static const char *keytab = NULL;
|
||||||
static const char *principal = NULL;
|
static const char *principal = NULL;
|
||||||
@ -201,14 +201,20 @@ main(int argc, const char **argv)
|
|||||||
* the string we pass in looks like a realm.
|
* the string we pass in looks like a realm.
|
||||||
*/
|
*/
|
||||||
if (realm) {
|
if (realm) {
|
||||||
if (realm[0] != '@')
|
if (realm[0] != '@') {
|
||||||
ret = asprintf(&atrealm, "@%s", realm);
|
ret = asprintf(&atrealm, "@%s", realm);
|
||||||
if (ret == -1) {
|
if (ret == -1) {
|
||||||
rval = 2;
|
rval = 2;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
else
|
} else {
|
||||||
atrealm = strcpy(atrealm, realm);
|
atrealm = strdup(realm);
|
||||||
|
|
||||||
|
if (NULL == atrealm) {
|
||||||
|
rval = 2;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
krberr = krb5_kt_resolve(context, ktname, &ktid);
|
krberr = krb5_kt_resolve(context, ktname, &ktid);
|
||||||
@ -247,5 +253,8 @@ cleanup:
|
|||||||
|
|
||||||
poptFreeContext(pc);
|
poptFreeContext(pc);
|
||||||
|
|
||||||
|
free(atrealm);
|
||||||
|
free(ktname);
|
||||||
|
|
||||||
return rval;
|
return rval;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user