From 74a826d967fe8c5de1dca12ad21229ff4f76d5c4 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Tue, 27 Aug 2013 11:25:57 -0400
Subject: Don't use pamh before or after it's valid

Don't use the PAM handle before it's initialized or after it's freed
(static analysis).
---
 src/back-sch-pam.c | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

(limited to 'src')

diff --git a/src/back-sch-pam.c b/src/back-sch-pam.c
index ae1ae41..a59e6e3 100644
--- a/src/back-sch-pam.c
+++ b/src/back-sch-pam.c
@@ -156,19 +156,31 @@ map_pam_error(Slapi_PBlock *pb, const char *fn,
 					      "(bind DN \"%s\")",
 					      fn, user, binddn);
 		} else {
-			*errmsg = PR_smprintf("PAM %s error for user \"%s\" "
-					      "(bind DN \"%s\"): %s",
-					      fn, user, binddn, pam_strerror(pamh, rc));
+			if (pamh != NULL) {
+				*errmsg = PR_smprintf("PAM %s error for user \"%s\" "
+						      "(bind DN \"%s\"): %s",
+						      fn, user, binddn, pam_strerror(pamh, rc));
+			} else {
+				*errmsg = PR_smprintf("PAM %s error for user \"%s\" "
+						      "(bind DN \"%s\")",
+						      fn, user, binddn);
+			}
 		}
 	} else {
 		if (rc == PAM_SUCCESS) {
 			*errmsg = PR_smprintf("PAM %s succeeds for user \"%s\" "
 					      "(bind DN \"%s\")",
-					      fn, user, binddn, pam_strerror(pamh, rc));
+					      fn, user, binddn);
 		} else {
-			*errmsg = PR_smprintf("PAM %s error for invalid user "
-					      "(bind DN \"%s\"): %s",
-					      fn, binddn, pam_strerror(pamh, rc));
+			if (pamh != NULL) {
+				*errmsg = PR_smprintf("PAM %s error for invalid user "
+						      "(bind DN \"%s\"): %s",
+						      fn, binddn, pam_strerror(pamh, rc));
+			} else {
+				*errmsg = PR_smprintf("PAM %s error for invalid user "
+						      "(bind DN \"%s\")",
+						      fn, binddn);
+			}
 		}
 	}
 	switch (rc) {
@@ -219,7 +231,7 @@ backend_sch_do_pam_auth(Slapi_PBlock *pb, const char *username)
 	Slapi_DN *bindsdn = NULL;
 	int rc = PAM_SUCCESS;
 	int retcode = LDAP_SUCCESS;
-	pam_handle_t *pamh;
+	pam_handle_t *pamh = NULL;
 	struct conv_data conv_data;
 	struct pam_conv conv;
 	int pw_response_requested = 0;
@@ -264,7 +276,6 @@ backend_sch_do_pam_auth(Slapi_PBlock *pb, const char *username)
 					      pamh, &errmsg, &retcode);
 			}
 		}
-		pam_end(pamh, rc);
 	}
 
 done:
@@ -286,6 +297,9 @@ done:
 			      pw_response_requested != 0,
 			      pamh, &errmsg, &retcode);
 	}
+	if (pamh != NULL) {
+		pam_end(pamh, rc);
+	}
 
 	/* Log the diagnostic information for the administrator. */
 	slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id,
-- 
cgit