From 974287895ec5dbb377a65a83c050f088df79ffb7 Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Tue, 11 Jan 2011 11:48:22 +0100 Subject: Unchecked return values in ipa-join krb5_get_default_realm() and asprintf() return values were ignored. This could lead to unhandled error issues or memory access issues. This patch adds return value checks to all such functions. As a consequence, one new return value has been added to man page. https://fedorahosted.org/freeipa/ticket/720 --- ipa-client/ipa-join.c | 70 ++++++++++++++++++++++++++++++++++++++++------- ipa-client/man/ipa-join.1 | 2 ++ 2 files changed, 62 insertions(+), 10 deletions(-) (limited to 'ipa-client') diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c index 921a41237..fa2e11d7c 100644 --- a/ipa-client/ipa-join.c +++ b/ipa-client/ipa-join.c @@ -401,8 +401,24 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha goto done; } /* Search for the entry. */ - asprintf(&filter, "(fqdn=%s)", hostname); - asprintf(&search_base, "cn=computers,cn=accounts,%s", ldap_base); + ret = asprintf(&filter, "(fqdn=%s)", hostname); + if (ret == -1) + { + if (!quiet) + fprintf(stderr, _("Out of memory!\n")); + rval = 3; + goto done; + } + + ret = asprintf(&search_base, "cn=computers,cn=accounts,%s", ldap_base); + if (ret == -1) + { + if (!quiet) + fprintf(stderr, _("Out of memory!\n")); + rval = 3; + goto done; + } + if (debug) { fprintf(stderr, _("Searching with %s in %s\n"), filter, search_base); } @@ -512,6 +528,7 @@ join_krb5(const char *ipaserver, char *hostname, const char **hostdn, const char const char *krblastpwdchange = NULL; char * url = NULL; int rval = 0; + int ret; *hostdn = NULL; *subject = NULL; @@ -527,10 +544,18 @@ join_krb5(const char *ipaserver, char *hostname, const char **hostdn, const char xmlrpc_client_setup_global_const(&env); #if 1 - asprintf(&url, "https://%s:443/ipa/xml", ipaserver); + ret = asprintf(&url, "https://%s:443/ipa/xml", ipaserver); #else - asprintf(&url, "http://%s:8888/", ipaserver); + ret = asprintf(&url, "http://%s:8888/", ipaserver); #endif + if (ret == -1) + { + if (!quiet) + fprintf(stderr, _("Out of memory!\n")); + rval = 3; + goto cleanup; + } + serverInfoP = xmlrpc_server_info_new(&env, url); argArrayP = xmlrpc_array_new(&env); @@ -631,6 +656,7 @@ static int unenroll_host(const char *server, const char *hostname, const char *ktname, int quiet) { int rval = 0; + int ret; char *ipaserver = NULL; char *host = NULL; struct utsname uinfo; @@ -696,11 +722,28 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int if (!quiet) fprintf(stderr, _("Error resolving keytab: %s.\n"), error_message(krberr)); - rval = 7; - goto cleanup; + rval = 7; + goto cleanup; + } + + krberr = krb5_get_default_realm(krbctx, &realm); + if (krberr != 0) { + if (!quiet) + fprintf(stderr, _("Error getting default Kerberos realm: %s.\n"), + error_message(krberr)); + rval = 21; + goto cleanup; } - krb5_get_default_realm(krbctx, &realm); - asprintf(&principal, "host/%s@%s", host, realm); + + ret = asprintf(&principal, "host/%s@%s", host, realm); + if (ret == -1) + { + if (!quiet) + fprintf(stderr, _("Out of memory!\n")); + rval = 3; + goto cleanup; + } + krberr = krb5_parse_name(krbctx, principal, &princ); if (krberr != 0) { if (!quiet) @@ -757,10 +800,17 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int xmlrpc_client_setup_global_const(&env); #if 1 - asprintf(&url, "https://%s:443/ipa/xml", ipaserver); + ret = asprintf(&url, "https://%s:443/ipa/xml", ipaserver); #else - asprintf(&url, "http://%s:8888/", ipaserver); + ret = asprintf(&url, "http://%s:8888/", ipaserver); #endif + if (ret == -1) + { + if (!quiet) + fprintf(stderr, _("Out of memory!\n")); + rval = 3; + goto cleanup; + } serverInfoP = xmlrpc_server_info_new(&env, url); argArrayP = xmlrpc_array_new(&env); diff --git a/ipa-client/man/ipa-join.1 b/ipa-client/man/ipa-join.1 index 6eb93f361..47d5966db 100644 --- a/ipa-client/man/ipa-join.1 +++ b/ipa-client/man/ipa-join.1 @@ -121,3 +121,5 @@ The exit status is 0 on success, nonzero on error. 19 Unable to generate Kerberos credentials cache 20 Unenrollment result not in XML\-RPC response + +21 Failed to get default Kerberos realm -- cgit