diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2015-01-28 16:28:50 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2015-01-30 11:02:16 +0100 |
commit | 782ad366390e1672ebe3584b2c88f58d757e38b3 (patch) | |
tree | 59994e44570a1a250dc30c0659d822b071f00be4 /daemons | |
parent | d0fbfaf58289271aba3ac570076fc75b1acdd5f3 (diff) | |
download | freeipa-782ad366390e1672ebe3584b2c88f58d757e38b3.tar.gz freeipa-782ad366390e1672ebe3584b2c88f58d757e38b3.tar.xz freeipa-782ad366390e1672ebe3584b2c88f58d757e38b3.zip |
OTP: emit a log message when LDAP entry for config record is not found
This patch proposes a fix to the following defect found by covscan of FreeIPA
master code:
"""
Error: CHECKED_RETURN (CWE-252):
/daemons/ipa-slapi-plugins/libotp/otp_config.c:239: check_return: Calling
"slapi_search_internal_get_entry" without checking return value (as is done
elsewhere 14 out of 16 times).
/daemons/ipa-slapi-plugins/ipa-enrollment/ipa_enrollment.c:402:
example_checked: Example 1: "slapi_search_internal_get_entry(sdn, NULL,
&config_entry, ipaenrollment_plugin_id)" has its value checked in "(rc =
slapi_search_internal_get_entry(sdn, NULL, &config_entry,
ipaenrollment_plugin_id)) != 0".
/daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:207: example_assign:
Example 2: Assigning: "ret" = return value from
"slapi_search_internal_get_entry(sdn, NULL, &config_entry, getPluginID())".
/daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:212: example_checked:
Example 2 (cont.): "ret" has its value checked in "ret".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:651: example_assign: Example
3: Assigning: "search_result" = return value from
"slapi_search_internal_get_entry(sdn, attrlist, e2, ipapwd_plugin_id)".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:653: example_checked:
Example 3 (cont.): "search_result" has its value checked in "search_result !=
0". /daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1035: example_assign:
Example 4: Assigning: "ret" = return value from
"slapi_search_internal_get_entry(tmp_dn, NULL, &pwdop->pwdata.target,
ipapwd_plugin_id)".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1039:
example_checked: Example 4 (cont.): "ret" has its value checked in "ret != 0".
/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:817: example_assign: Example 5:
Assigning: "ret" = return value from "slapi_search_internal_get_entry(tmp_dn,
NULL, &e, getPluginID())".
/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:820: example_checked: Example 5
(cont.): "ret" has its value checked in "ret == 10".
"""
The patch is a part of series related to
https://fedorahosted.org/freeipa/ticket/4795
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'daemons')
-rw-r--r-- | daemons/ipa-slapi-plugins/libotp/Makefile.am | 4 | ||||
-rw-r--r-- | daemons/ipa-slapi-plugins/libotp/otp_config.c | 11 |
2 files changed, 13 insertions, 2 deletions
diff --git a/daemons/ipa-slapi-plugins/libotp/Makefile.am b/daemons/ipa-slapi-plugins/libotp/Makefile.am index 4428f6bdc..71b9c19f4 100644 --- a/daemons/ipa-slapi-plugins/libotp/Makefile.am +++ b/daemons/ipa-slapi-plugins/libotp/Makefile.am @@ -1,5 +1,7 @@ MAINTAINERCLEANFILES = *~ Makefile.in -AM_CPPFLAGS = -I/usr/include/dirsrv +PLUGIN_COMMON_DIR = ../common +AM_CPPFLAGS = -I/usr/include/dirsrv \ + -I$(PLUGIN_COMMON_DIR) noinst_LTLIBRARIES = libhotp.la libotp.la libhotp_la_SOURCES = hotp.c hotp.h diff --git a/daemons/ipa-slapi-plugins/libotp/otp_config.c b/daemons/ipa-slapi-plugins/libotp/otp_config.c index ac2cfc72a..685b2d9d2 100644 --- a/daemons/ipa-slapi-plugins/libotp/otp_config.c +++ b/daemons/ipa-slapi-plugins/libotp/otp_config.c @@ -38,6 +38,7 @@ * END COPYRIGHT BLOCK **/ #include "otp_config.h" +#include "util.h" #include <pratom.h> #include <plstr.h> @@ -214,6 +215,7 @@ struct otp_config *otp_config_init(Slapi_ComponentId *plugin_id) struct otp_config *cfg = NULL; void *node = NULL; + int search_result = 0; cfg = (typeof(cfg)) slapi_ch_calloc(1, sizeof(*cfg)); cfg->plugin_id = plugin_id; @@ -236,7 +238,14 @@ struct otp_config *otp_config_init(Slapi_ComponentId *plugin_id) cfg->records = rec; /* Load the specified entry. */ - slapi_search_internal_get_entry(rec->sdn, NULL, &entry, plugin_id); + search_result = slapi_search_internal_get_entry(rec->sdn, + NULL, &entry, plugin_id); + if (search_result != LDAP_SUCCESS) { + LOG_TRACE("File '%s' line %d: Unable to access LDAP entry " + "'%s'. Perhaps it doesn't exist? " + "Error code: %d\n", __FILE__, __LINE__, + slapi_sdn_get_dn(rec->sdn), search_result); + } update(cfg, rec->sdn, entry); slapi_entry_free(entry); } |