diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-04-08 15:32:31 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-04-08 15:32:31 -0400 |
| commit | 31124ffb81e8c0935403a9fdc169dead5ecaa777 (patch) | |
| tree | 837d49e7ef8de324f8ad288ab3231ca2acdcdbd7 /src/lib/krb5/ccache | |
| parent | caaf72893a5be61822763eb471f4d573992479ed (diff) | |
| download | krb5-31124ffb81e8c0935403a9fdc169dead5ecaa777.tar.gz krb5-31124ffb81e8c0935403a9fdc169dead5ecaa777.tar.xz krb5-31124ffb81e8c0935403a9fdc169dead5ecaa777.zip | |
Avoid passing null pointers to memcpy/memcmp
By a strict reading of the C standard, memcpy and memcmp have
undefined behavior if their pointer arguments aren't valid object
pointers, even if the length argument is 0. Compilers are becoming
more aggressive about breaking code with undefined behavior, so we
should try to avoid it when possible.
In a krb5_data object, we frequently use NULL as the data value when
the length is 0. Accordingly, we should avoid copying from or
comparing the data field of a length-0 krb5_data object. Add checks
to our wrapper functions (like data_eq and k5_memdup) and to code
which works with possibly-empty krb5_data objects. In a few places,
use wrapper functions to simplify the code rather than adding checks.
Diffstat (limited to 'src/lib/krb5/ccache')
| -rw-r--r-- | src/lib/krb5/ccache/ccfns.c | 19 | ||||
| -rw-r--r-- | src/lib/krb5/ccache/ccselect_k5identity.c | 5 |
2 files changed, 6 insertions, 18 deletions
diff --git a/src/lib/krb5/ccache/ccfns.c b/src/lib/krb5/ccache/ccfns.c index 3154b17c8f..1a0bed0acd 100644 --- a/src/lib/krb5/ccache/ccfns.c +++ b/src/lib/krb5/ccache/ccfns.c @@ -284,15 +284,9 @@ krb5_cc_set_config(krb5_context context, krb5_ccache id, if (data == NULL) { ret = krb5_cc_remove_cred(context, id, 0, &cred); } else { - cred.ticket.data = malloc(data->length); - if (cred.ticket.data == NULL) { - ret = ENOMEM; - krb5_set_error_message(context, ret, "malloc: out of memory"); + ret = krb5int_copy_data_contents(context, data, &cred.ticket); + if (ret) goto out; - } - cred.ticket.length = data->length; - memcpy(cred.ticket.data, data->data, data->length); - ret = krb5_cc_store_cred(context, id, &cred); } out: @@ -319,14 +313,9 @@ krb5_cc_get_config(krb5_context context, krb5_ccache id, if (ret) goto out; - data->data = malloc(cred.ticket.length); - if (data->data == NULL) { - ret = ENOMEM; - krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + ret = krb5int_copy_data_contents(context, &cred.ticket, data); + if (ret) goto out; - } - data->length = cred.ticket.length; - memcpy(data->data, cred.ticket.data, data->length); TRACE_CC_GET_CONFIG(context, id, principal, key, data); diff --git a/src/lib/krb5/ccache/ccselect_k5identity.c b/src/lib/krb5/ccache/ccselect_k5identity.c index adf0fad269..bee5416587 100644 --- a/src/lib/krb5/ccache/ccselect_k5identity.c +++ b/src/lib/krb5/ccache/ccselect_k5identity.c @@ -46,14 +46,13 @@ k5identity_init(krb5_context context, krb5_ccselect_moddata *data_out, static krb5_boolean fnmatch_data(const char *pattern, krb5_data *data, krb5_boolean fold_case) { + krb5_error_code ret; char *str, *p; int res; - str = malloc(data->length + 1); + str = k5memdup0(data->data, data->length, &ret); if (str == NULL) return FALSE; - memcpy(str, data->data, data->length); - str[data->length] = '\0'; if (fold_case) { for (p = str; *p != '\0'; p++) { |