diff options
author | Simo Sorce <simo@redhat.com> | 2013-04-03 09:57:24 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2013-04-03 16:39:11 -0400 |
commit | 2a7d19056d58344496fb24d90d0d02915ea83798 (patch) | |
tree | 17b620234f72e9497d0e131a083d2e059ec12425 | |
parent | b5fd9388baba101a3ae7b8a2f88164af2083a0a7 (diff) | |
download | gss-proxy-2a7d19056d58344496fb24d90d0d02915ea83798.tar.gz gss-proxy-2a7d19056d58344496fb24d90d0d02915ea83798.tar.xz gss-proxy-2a7d19056d58344496fb24d90d0d02915ea83798.zip |
Fix resource leaks found by Coverity
Signed-off-by: Simo Sorce <simo@redhat.com>
-rw-r--r-- | proxy/src/client/gpm_import_and_canon_name.c | 26 | ||||
-rw-r--r-- | proxy/src/gp_config.c | 8 | ||||
-rw-r--r-- | proxy/src/gp_export.c | 3 | ||||
-rw-r--r-- | proxy/src/gp_init.c | 7 | ||||
-rw-r--r-- | proxy/src/gp_proxy.h | 2 | ||||
-rw-r--r-- | proxy/src/gp_rpc_acquire_cred.c | 1 | ||||
-rw-r--r-- | proxy/src/gp_workers.c | 3 | ||||
-rw-r--r-- | proxy/src/gssproxy.c | 2 | ||||
-rw-r--r-- | proxy/src/mechglue/gpp_acquire_cred.c | 4 | ||||
-rw-r--r-- | proxy/src/mechglue/gpp_context.c | 37 | ||||
-rw-r--r-- | proxy/src/mechglue/gpp_creds.c | 1 | ||||
-rw-r--r-- | proxy/src/mechglue/gpp_init_sec_context.c | 4 |
12 files changed, 61 insertions, 37 deletions
diff --git a/proxy/src/client/gpm_import_and_canon_name.c b/proxy/src/client/gpm_import_and_canon_name.c index daeb660..ebc987f 100644 --- a/proxy/src/client/gpm_import_and_canon_name.c +++ b/proxy/src/client/gpm_import_and_canon_name.c @@ -106,6 +106,7 @@ OM_uint32 gpm_import_name(OM_uint32 *minor_status, gssx_name **output_name) { gssx_name *name; + uint32_t maj, min; int ret; if (!minor_status) { @@ -122,25 +123,34 @@ OM_uint32 gpm_import_name(OM_uint32 *minor_status, /* ignore call_ctx for now */ + maj = GSS_S_FAILURE; + name = calloc(1, sizeof(gssx_name)); if (!name) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; + ret = ENOMEM; + goto done; } ret = gp_conv_buffer_to_gssx(input_name_buffer, &name->display_name); if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; + goto done; } + ret = gp_conv_oid_to_gssx(input_name_type, &name->name_type); if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; + goto done; } - *output_name = name; - return GSS_S_COMPLETE; + maj = GSS_S_COMPLETE; + +done: + *minor_status = ret; + if (maj == GSS_S_COMPLETE) { + *output_name = name; + } else { + (void)gpm_release_name(&min, &name); + } + return maj; } OM_uint32 gpm_export_name(OM_uint32 *minor_status, diff --git a/proxy/src/gp_config.c b/proxy/src/gp_config.c index e5878c0..0db3472 100644 --- a/proxy/src/gp_config.c +++ b/proxy/src/gp_config.c @@ -329,8 +329,7 @@ struct gp_config *read_config(char *config_file, int opt_daemonize) done: if (ret) { - free_config(cfg); - cfg = NULL; + free_config(&cfg); } return cfg; @@ -341,8 +340,9 @@ struct gp_creds_handle *gp_service_get_creds_handle(struct gp_service *svc) return svc->creds_handle; } -void free_config(struct gp_config *config) +void free_config(struct gp_config **cfg) { + struct gp_config *config = *cfg; uint32_t i; if (!config) { @@ -357,4 +357,6 @@ void free_config(struct gp_config *config) } free(config->svcs); + free(config); + *cfg = NULL; } diff --git a/proxy/src/gp_export.c b/proxy/src/gp_export.c index 2cb7ab7..56aaf57 100644 --- a/proxy/src/gp_export.c +++ b/proxy/src/gp_export.c @@ -861,6 +861,8 @@ uint32_t gp_export_creds_to_gssx_options(uint32_t *min, int type, ret_maj = GSS_S_FAILURE; goto done; } + *opt_array = opta; + opta[num].option.octet_string_val = strdup(LINUX_CREDS_V1); if (!opta[num].option.octet_string_val) { ret_min = ENOMEM; @@ -873,7 +875,6 @@ uint32_t gp_export_creds_to_gssx_options(uint32_t *min, int type, num++; *opt_num = num; - *opt_array = opta; ret_min = 0; ret_maj = GSS_S_COMPLETE; diff --git a/proxy/src/gp_init.c b/proxy/src/gp_init.c index f25adc4..6c17058 100644 --- a/proxy/src/gp_init.c +++ b/proxy/src/gp_init.c @@ -168,7 +168,6 @@ void init_proc_nfsd(struct gp_config *cfg) GPDEBUG("Failed to write to %s: %d (%s)\n", LINUX_PROC_USE_GSS_PROXY_FILE, ret, strerror(ret)); - return; } ret = close(fd); @@ -177,7 +176,6 @@ void init_proc_nfsd(struct gp_config *cfg) GPDEBUG("Failed to close %s: %d (%s)\n", LINUX_PROC_USE_GSS_PROXY_FILE, ret, strerror(ret)); - return; } } @@ -198,10 +196,8 @@ void write_pid(void) } ret = fprintf(f, "%d\n", pid); - if (ret < 0) { + if (ret <= 0) { GPDEBUG("Failed to write pid to %s\n", GP_PID_FILE); - fclose(f); - return; } ret = fclose(f); @@ -209,6 +205,5 @@ void write_pid(void) ret = errno; GPDEBUG("Failed to close %s: %d (%s)\n", GP_PID_FILE, ret, strerror(ret)); - return; } } diff --git a/proxy/src/gp_proxy.h b/proxy/src/gp_proxy.h index 25f8a43..f8b9771 100644 --- a/proxy/src/gp_proxy.h +++ b/proxy/src/gp_proxy.h @@ -81,7 +81,7 @@ struct gp_conn; /* from gp_config.c */ struct gp_config *read_config(char *config_file, int opt_daemonize); struct gp_creds_handle *gp_service_get_creds_handle(struct gp_service *svc); -void free_config(struct gp_config *config); +void free_config(struct gp_config **config); /* from gp_init.c */ void init_server(bool daemonize); diff --git a/proxy/src/gp_rpc_acquire_cred.c b/proxy/src/gp_rpc_acquire_cred.c index 5c34732..3dffc8c 100644 --- a/proxy/src/gp_rpc_acquire_cred.c +++ b/proxy/src/gp_rpc_acquire_cred.c @@ -183,5 +183,6 @@ done: gss_release_cred(&ret_min, &out_cred); gss_release_oid_set(&ret_min, &use_mechs); + gss_release_oid_set(&ret_min, &desired_mechs); return ret; } diff --git a/proxy/src/gp_workers.c b/proxy/src/gp_workers.c index 095dbac..6d650c6 100644 --- a/proxy/src/gp_workers.c +++ b/proxy/src/gp_workers.c @@ -121,14 +121,17 @@ int gp_workers_init(struct gssproxy_ctx *gpctx) t->pool = w; ret = pthread_cond_init(&t->cond_wakeup, NULL); if (ret) { + free(t); goto done; } ret = pthread_mutex_init(&t->cond_mutex, NULL); if (ret) { + free(t); goto done; } ret = pthread_create(&t->tid, &attr, gp_worker_main, t); if (ret) { + free(t); goto done; } LIST_ADD(w->free_list, t); diff --git a/proxy/src/gssproxy.c b/proxy/src/gssproxy.c index 4dd0094..8c143e5 100644 --- a/proxy/src/gssproxy.c +++ b/proxy/src/gssproxy.c @@ -134,7 +134,7 @@ int main(int argc, const char *argv[]) poptFreeContext(pc); - free_config(gpctx->config); + free_config(&gpctx->config); return 0; } diff --git a/proxy/src/mechglue/gpp_acquire_cred.c b/proxy/src/mechglue/gpp_acquire_cred.c index 85d4608..b3a46ec 100644 --- a/proxy/src/mechglue/gpp_acquire_cred.c +++ b/proxy/src/mechglue/gpp_acquire_cred.c @@ -284,7 +284,9 @@ OM_uint32 gssi_acquire_cred_with_password(OM_uint32 *minor_status, * the use of the interposer */ special_mechs = gpp_special_available_mechs(desired_mechs); if (special_mechs == GSS_C_NO_OID_SET) { - return GSS_S_FAILURE; + min = EINVAL; + maj = GSS_S_FAILURE; + goto done; } if (name && name->remote && !name->local) { diff --git a/proxy/src/mechglue/gpp_context.c b/proxy/src/mechglue/gpp_context.c index cb3b172..90dc897 100644 --- a/proxy/src/mechglue/gpp_context.c +++ b/proxy/src/mechglue/gpp_context.c @@ -224,8 +224,8 @@ OM_uint32 gssi_inquire_context(OM_uint32 *minor_status, if (ctx_handle->local) { maj = gss_inquire_context(&min, ctx_handle->local, - src_name ? &s_name->local : NULL, - src_name ? &t_name->local : NULL, + s_name ? &s_name->local : NULL, + s_name ? &t_name->local : NULL, lifetime_rec, &mech_oid, ctx_flags, @@ -234,8 +234,8 @@ OM_uint32 gssi_inquire_context(OM_uint32 *minor_status, } else { maj = gpm_inquire_context(&min, ctx_handle->remote, - src_name ? &s_name->remote : NULL, - src_name ? &t_name->remote : NULL, + s_name ? &s_name->remote : NULL, + s_name ? &t_name->remote : NULL, lifetime_rec, &mech_oid, ctx_flags, @@ -247,16 +247,11 @@ OM_uint32 gssi_inquire_context(OM_uint32 *minor_status, goto done; } - if (mech_type) { - *mech_type = mech_oid; - } - - if (src_name) { + if (s_name) { maj = gpp_copy_oid(&min, mech_oid, &s_name->mech_type); if (maj != GSS_S_COMPLETE) { goto done; } - *src_name = (gss_name_t)s_name; } if (t_name) { @@ -264,12 +259,22 @@ OM_uint32 gssi_inquire_context(OM_uint32 *minor_status, if (maj != GSS_S_COMPLETE) { goto done; } - *targ_name = (gss_name_t)t_name; } done: *minor_status = gpp_map_error(min); - if (maj != GSS_S_COMPLETE) { + if (maj == GSS_S_COMPLETE) { + if (mech_type) { + *mech_type = mech_oid; + } + if (src_name) { + *src_name = (gss_name_t)s_name; + } + if (targ_name) { + *targ_name = (gss_name_t)t_name; + } + } else { + (void)gss_release_oid(&min, &mech_oid); (void)gssi_release_name(&min, (gss_name_t *)&s_name); (void)gssi_release_name(&min, (gss_name_t *)&t_name); } @@ -331,14 +336,16 @@ OM_uint32 gssi_set_sec_context_option(OM_uint32 *minor_status, maj = gpp_remote_to_local_ctx(&min, &ctx->remote, &ctx->local); if (maj != GSS_S_COMPLETE) { *minor_status = gpp_map_error(min); - return maj; + goto done; } } maj = gss_set_sec_context_option(minor_status, &ctx->local, desired_object, value); - if (maj == GSS_S_COMPLETE) { - *context_handle = (gss_ctx_id_t)ctx; +done: + *context_handle = (gss_ctx_id_t)ctx; + if (maj != GSS_S_COMPLETE) { + (void)gssi_delete_sec_context(&min, context_handle, NULL); } return maj; } diff --git a/proxy/src/mechglue/gpp_creds.c b/proxy/src/mechglue/gpp_creds.c index d9c18fe..aaaf577 100644 --- a/proxy/src/mechglue/gpp_creds.c +++ b/proxy/src/mechglue/gpp_creds.c @@ -447,6 +447,7 @@ OM_uint32 gssi_release_cred(OM_uint32 *minor_status, } } + free(cred); *cred_handle = GSS_C_NO_CREDENTIAL; return rmaj; } diff --git a/proxy/src/mechglue/gpp_init_sec_context.c b/proxy/src/mechglue/gpp_init_sec_context.c index 1b233a7..e70e8fc 100644 --- a/proxy/src/mechglue/gpp_init_sec_context.c +++ b/proxy/src/mechglue/gpp_init_sec_context.c @@ -206,10 +206,12 @@ done: } if (maj != GSS_S_COMPLETE && maj != GSS_S_CONTINUE_NEEDED) { free(ctx_handle); - free(cred_handle); *minor_status = gpp_map_error(min); } else { *context_handle = (gss_ctx_id_t)ctx_handle; } + if (claimant_cred_handle == GSS_C_NO_CREDENTIAL) { + free(cred_handle); + } return maj; } |