diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2008-03-29 01:08:31 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2008-03-29 01:08:31 +0000 |
| commit | 71ca378e4b7fb64f77bbf58ba15f4665072163bd (patch) | |
| tree | 68100281c2e466be22ec4ab5e741f58158f46704 /src/lib/gssapi | |
| parent | cb44e7b91175854d3ca668ec043a48f02b2c37e8 (diff) | |
| download | krb5-71ca378e4b7fb64f77bbf58ba15f4665072163bd.tar.gz krb5-71ca378e4b7fb64f77bbf58ba15f4665072163bd.tar.xz krb5-71ca378e4b7fb64f77bbf58ba15f4665072163bd.zip | |
Coverity CID 228: Possible use of uninitialized variable time_req in
gss_add_cred if cred_usage has an invalid value. (Also flagged by
GCC.)
Changed validation routines for gss_add_cred, gss_acquire_cred, and
gss_store_cred to check the cred_usage value.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20295 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
| -rw-r--r-- | src/lib/gssapi/mechglue/g_acquire_cred.c | 21 | ||||
| -rw-r--r-- | src/lib/gssapi/mechglue/g_store_cred.c | 10 |
2 files changed, 30 insertions, 1 deletions
diff --git a/src/lib/gssapi/mechglue/g_acquire_cred.c b/src/lib/gssapi/mechglue/g_acquire_cred.c index 6d63e5b8f2..fbe66681f4 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred.c @@ -105,6 +105,16 @@ val_acq_cred_args( if (output_cred_handle == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); + if (cred_usage != GSS_C_ACCEPT + && cred_usage != GSS_C_INITIATE + && cred_usage != GSS_C_BOTH) { + if (minor_status) { + *minor_status = EINVAL; + map_errcode(minor_status); + } + return GSS_S_FAILURE; + } + return (GSS_S_COMPLETE); } @@ -281,9 +291,18 @@ val_add_cred_args( if (input_cred_handle == GSS_C_NO_CREDENTIAL && output_cred_handle == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED); + if (cred_usage != GSS_C_ACCEPT + && cred_usage != GSS_C_INITIATE + && cred_usage != GSS_C_BOTH) { + if (minor_status) { + *minor_status = EINVAL; + map_errcode(minor_status); + } + return GSS_S_FAILURE; + } + return (GSS_S_COMPLETE); } diff --git a/src/lib/gssapi/mechglue/g_store_cred.c b/src/lib/gssapi/mechglue/g_store_cred.c index b02f7069ad..d9a7d9adcf 100644 --- a/src/lib/gssapi/mechglue/g_store_cred.c +++ b/src/lib/gssapi/mechglue/g_store_cred.c @@ -39,6 +39,16 @@ val_store_cred_args( if (input_cred_handle == GSS_C_NO_CREDENTIAL) return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CRED); + if (cred_usage != GSS_C_ACCEPT + && cred_usage != GSS_C_INITIATE + && cred_usage != GSS_C_BOTH) { + if (minor_status) { + *minor_status = EINVAL; + map_errcode(minor_status); + } + return GSS_S_FAILURE; + } + return (GSS_S_COMPLETE); } |