diff options
| author | Martin Babinsky <mbabinsk@redhat.com> | 2015-01-28 16:26:14 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2015-01-30 11:02:16 +0100 |
| commit | d800ac867baf7335e0c4b55b945b4c06d4c0567e (patch) | |
| tree | e818697e8ba4bbdc7c14ae0a044619b097ddc00f /daemons | |
| parent | 13fb2b90672764bc549bb10b3749ec1369053caf (diff) | |
| download | freeipa-d800ac867baf7335e0c4b55b945b4c06d4c0567e.tar.gz freeipa-d800ac867baf7335e0c4b55b945b4c06d4c0567e.tar.xz freeipa-d800ac867baf7335e0c4b55b945b4c06d4c0567e.zip | |
OTP: failed search for the user of last token emits an error message
This patch fixes the following defect reported by covscan:
"""
Error: CHECKED_RETURN (CWE-252):
/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c:119:
check_return: Calling "slapi_search_internal_get_entry" without checking
return value (as is done elsewhere 14 out of 16 times).
/daemons/ipa-slapi-plugins/ipa-enrollment/ipa_enrollment.c:402:
example_checked: Example 1: "slapi_search_internal_get_entry(sdn, NULL,
&config_entry, ipaenrollment_plugin_id)" has its value checked in "(rc =
slapi_search_internal_get_entry(sdn, NULL, &config_entry,
ipaenrollment_plugin_id)) != 0".
/daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:207:
example_assign: Example 2: Assigning: "ret" = return value from
"slapi_search_internal_get_entry(sdn, NULL, &config_entry, getPluginID())".
/daemons/ipa-slapi-plugins/ipa-lockout/ipa_lockout.c:212:
example_checked: Example 2 (cont.): "ret" has its value checked in "ret".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:651:
example_assign: Example 3: Assigning: "search_result" = return value from
"slapi_search_internal_get_entry(sdn, attrlist, e2, ipapwd_plugin_id)".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c:653:
example_checked: Example 3 (cont.): "search_result" has its value checked in
"search_result != 0".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1035:
example_assign: Example 4: Assigning: "ret" = return value from
"slapi_search_internal_get_entry(tmp_dn, NULL, &pwdop->pwdata.target,
ipapwd_plugin_id)".
/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c:1039:
example_checked: Example 4 (cont.): "ret" has its value checked in "ret != 0".
/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:817:
example_assign: Example 5: Assigning: "ret" = return value from
"slapi_search_internal_get_entry(tmp_dn, NULL, &e, getPluginID())".
/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c:820:
example_checked: Example 5 (cont.): "ret" has its value checked in "ret ==
10".
"""
this patch is a part of a series related to
https://fedorahosted.org/freeipa/ticket/4795
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'daemons')
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c b/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c index 233813745..a085a3a32 100644 --- a/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c +++ b/daemons/ipa-slapi-plugins/ipa-otp-lasttoken/ipa_otp_lasttoken.c @@ -111,13 +111,19 @@ static bool is_pwd_enabled(const char *user_dn) Slapi_Entry *entry = NULL; uint32_t authtypes; Slapi_DN *sdn; + int search_result = 0; sdn = slapi_sdn_new_dn_byval(user_dn); if (sdn == NULL) return false; - slapi_search_internal_get_entry(sdn, attrs, &entry, - otp_config_plugin_id(otp_config)); + search_result = slapi_search_internal_get_entry(sdn, attrs, &entry, + otp_config_plugin_id(otp_config)); + if (search_result != LDAP_SUCCESS) { + LOG_TRACE("File '%s' line %d: Unable to access LDAP entry '%s'. " + "Perhaps it doesn't exist? Error code: %d\n", __FILE__, + __LINE__, slapi_sdn_get_dn(sdn), search_result); + } slapi_sdn_free(&sdn); if (entry == NULL) return false; |