diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2011-04-29 13:15:39 +0200 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-05-09 16:23:40 -0400 |
| commit | 16d1db499676ec7070becbb73fdf73d1af5645b3 (patch) | |
| tree | d245a2a26d393cdc6e9087e6134d070b46539f94 /daemons/ipa-slapi-plugins/ipa-pwd-extop | |
| parent | d3f74d2b7cee01001e6ede2ba59dcb34522b59cf (diff) | |
| download | freeipa-16d1db499676ec7070becbb73fdf73d1af5645b3.tar.gz freeipa-16d1db499676ec7070becbb73fdf73d1af5645b3.tar.xz freeipa-16d1db499676ec7070becbb73fdf73d1af5645b3.zip | |
Fix issues found by Coverity.
tickets 1166, 1167, 1168, 1169
Diffstat (limited to 'daemons/ipa-slapi-plugins/ipa-pwd-extop')
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 32 | ||||
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c | 5 |
2 files changed, 30 insertions, 7 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 9a1ca2b3f..f1da29321 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -265,7 +265,11 @@ parse_req_done: "using the bind DN instead.\n"); } - slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn ); + if (slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn )) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } /* Now we have the DN, look for the entry */ ret = ipapwd_getEntry(dn, &targetEntry, attrlist); @@ -292,7 +296,11 @@ parse_req_done: */ is_root = slapi_dn_isroot(bindDN); - slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root); + if (slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root)) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } /* In order to perform the access control check, we need to select a * backend (even though we don't actually need it otherwise). @@ -306,7 +314,11 @@ parse_req_done: rc = LDAP_OPERATIONS_ERROR; goto free_and_return; } - slapi_pblock_set(pb, SLAPI_BACKEND, be); + if (slapi_pblock_set(pb, SLAPI_BACKEND, be)) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } } ret = slapi_access_allowed( pb, targetEntry, "krbPrincipalKey", NULL, SLAPI_ACL_WRITE ); @@ -613,13 +625,21 @@ static int ipapwd_setkeytab(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg) */ is_root = slapi_dn_isroot(bindDN); - slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root); + if (slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &is_root)) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } /* In order to perform the access control check, * we need to select a backend (even though * we don't actually need it otherwise). */ - slapi_pblock_set(pb, SLAPI_BACKEND, be); + if (slapi_pblock_set(pb, SLAPI_BACKEND, be)) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } /* Access Strategy: * If the user has WRITE-ONLY access, a new keytab is set on the entry. @@ -869,7 +889,7 @@ static int ipapwd_setkeytab(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg) slapi_mods_free(&smods); goto free_and_return; } - + evals[0] = slapi_value_new_string(bindDN); slapi_mods_add_mod_values(smods, LDAP_MOD_ADD, "enrolledBy", evals); } else { diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c index fc0a68418..2b1c7d1e3 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c @@ -766,7 +766,10 @@ done: /* put back a, possibly modified, set of mods */ if (smods) { mods = slapi_mods_get_ldapmods_passout(smods); - slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods); + if (slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods)) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + } slapi_mods_free(&smods); } |