diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2010-07-09 20:29:08 -0500 |
|---|---|---|
| committer | Noriko Hosoi <nhosoi@redhat.com> | 2010-08-20 11:48:52 -0700 |
| commit | 7c9b3a5ac8bf75ed1ac0eed350691d41b9607ff5 (patch) | |
| tree | d06f198f1a46a1b464f4bfc68f8ee1c76e05aedf /ldap/servers/slapd | |
| parent | b89a1eae02412fcc13d8996645865b3359bb07cd (diff) | |
| download | ds-7c9b3a5ac8bf75ed1ac0eed350691d41b9607ff5.tar.gz ds-7c9b3a5ac8bf75ed1ac0eed350691d41b9607ff5.tar.xz ds-7c9b3a5ac8bf75ed1ac0eed350691d41b9607ff5.zip | |
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
description: Catch possible NULL pointer in handle_handshake_done().
Diffstat (limited to 'ldap/servers/slapd')
| -rw-r--r-- | ldap/servers/slapd/auth.c | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/ldap/servers/slapd/auth.c b/ldap/servers/slapd/auth.c index e483f6e9..4b56e5eb 100644 --- a/ldap/servers/slapd/auth.c +++ b/ldap/servers/slapd/auth.c @@ -440,6 +440,7 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData) char* extraErrorMsg = ""; SSLChannelInfo channelInfo; SSLCipherSuiteInfo cipherInfo; + char* subject = NULL; if ( (slapd_ssl_getChannelInfo (prfd, &channelInfo, sizeof(channelInfo))) != SECSuccess ) { PRErrorCode errorCode = PR_GetError(); @@ -447,7 +448,7 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData) "conn=%" NSPRIu64 " SSL failed to obtain channel info; " SLAPI_COMPONENT_NAME_NSPR " error %i (%s)\n", conn->c_connid, errorCode, slapd_pr_strerror(errorCode)); - return; + goto done; } if ( (slapd_ssl_getCipherSuiteInfo (channelInfo.cipherSuite, &cipherInfo, sizeof(cipherInfo)) ) != SECSuccess) { @@ -456,7 +457,7 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData) "conn=%" NSPRIu64 " SSL failed to obtain cipher info; " SLAPI_COMPONENT_NAME_NSPR " error %i (%s)\n", conn->c_connid, errorCode, slapd_pr_strerror(errorCode)); - return; + goto done; } keySize = cipherInfo.effectiveKeyBits; @@ -468,22 +469,26 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData) if ( conn->c_flags & CONN_FLAG_START_TLS ) { if ( cipherInfo.symKeyBits == 0 ) { start_tls_graceful_closure( conn, NULL, 1 ); - slapi_ch_free_string(&cipher); - return ; + goto done; } } if (config_get_SSLclientAuth() == SLAPD_SSLCLIENTAUTH_OFF ) { slapi_log_access (LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " SSL %i-bit %s\n", conn->c_connid, keySize, cipher ? cipher : "NULL" ); - slapi_ch_free_string(&cipher); - return; + goto done; } if (clientCert == NULL) { slapi_log_access (LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " SSL %i-bit %s\n", conn->c_connid, keySize, cipher ? cipher : "NULL" ); } else { - char* subject = subject_of (clientCert); + subject = subject_of (clientCert); + if (!subject) { + slapi_log_access( LDAP_DEBUG_STATS, + "conn=%" NSPRIu64 " SSL %i-bit %s; missing subject\n", + conn->c_connid, keySize, cipher ? cipher : "NULL"); + goto done; + } { char* issuer = issuer_of (clientCert); char sbuf[ BUFSIZ ], ibuf[ BUFSIZ ]; @@ -521,7 +526,6 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData) slapi_ch_free_string(&basedn); slapu_msgfree (internal_ld, chain); } - if (subject) free (subject); } if (clientDN != NULL) { @@ -555,7 +559,8 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData) */ bind_credentials_set( conn, SLAPD_AUTH_SSL, clientDN, SLAPD_AUTH_SSL, clientDN, clientCert , NULL); - +done: + slapi_ch_free_string(&subject); slapi_ch_free_string(&cipher); /* clientDN and clientCert will be freed later */ } |