diff options
| author | Tom Yu <tlyu@mit.edu> | 2007-01-09 19:45:25 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2007-01-09 19:45:25 +0000 |
| commit | 8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f (patch) | |
| tree | f6272083f3a3644e2c9410792cc20d40da1a70b5 /src | |
| parent | 80f701fb42806dc549cf86a83b3aadbdd07d4c6b (diff) | |
| download | krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.tar.gz krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.tar.xz krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.zip | |
MITKRB5-SA-2006-003: mechglue argument handling too lax
Fix mechglue argument checks so that output pointers are always
initialized regardless of whether the other arguments fail to validate
for some reason. This avoids freeing of uninitialized pointers.
Initialize the gss_buffer_descs in ovsec_kadmd.c.
ticket: new
target_version: 1.6
tags: pullup
component: krb5-libs
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19043 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
25 files changed, 832 insertions, 277 deletions
diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c index 48fc38daae..afae95a120 100644 --- a/src/kadmin/server/ovsec_kadmd.c +++ b/src/kadmin/server/ovsec_kadmd.c @@ -993,6 +993,11 @@ void log_badverf(gss_name_t client_name, gss_name_t server_name, int i; const char *procname; + client.length = 0; + client.value = NULL; + server.length = 0; + server.value = NULL; + (void) gss_display_name(&minor, client_name, &client, &gss_type); (void) gss_display_name(&minor, server_name, &server, &gss_type); if (client.value == NULL) diff --git a/src/lib/gssapi/mechglue/g_accept_sec_context.c b/src/lib/gssapi/mechglue/g_accept_sec_context.c index 23ec2869d6..0e8506a49d 100644 --- a/src/lib/gssapi/mechglue/g_accept_sec_context.c +++ b/src/lib/gssapi/mechglue/g_accept_sec_context.c @@ -33,6 +33,58 @@ #include <string.h> #include <errno.h> +static OM_uint32 +val_acc_sec_ctx_args( + OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + gss_cred_id_t verifier_cred_handle, + gss_buffer_t input_token_buffer, + gss_channel_bindings_t input_chan_bindings, + gss_name_t *src_name, + gss_OID *mech_type, + gss_buffer_t output_token, + OM_uint32 *ret_flags, + OM_uint32 *time_rec, + gss_cred_id_t *d_cred) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (src_name != NULL) + *src_name = GSS_C_NO_NAME; + + if (mech_type != NULL) + *mech_type = GSS_C_NO_OID; + + if (output_token != GSS_C_NO_BUFFER) { + output_token->length = 0; + output_token->value = NULL; + } + + if (d_cred != NULL) + *d_cred = GSS_C_NO_CREDENTIAL; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (input_token_buffer == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_READ); + + if (output_token == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_accept_sec_context (minor_status, context_handle, @@ -69,26 +121,21 @@ gss_cred_id_t * d_cred; gss_OID_desc token_mech_type_desc; gss_OID token_mech_type = &token_mech_type_desc; gss_mechanism mech; - - /* check parameters first */ - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (context_handle == NULL || output_token == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - - /* clear optional fields */ - output_token->value = NULL; - output_token->length = 0; - if (src_name) - *src_name = NULL; - if (mech_type) - *mech_type = NULL; + status = val_acc_sec_ctx_args(minor_status, + context_handle, + verifier_cred_handle, + input_token_buffer, + input_chan_bindings, + src_name, + mech_type, + output_token, + ret_flags, + time_rec, + d_cred); + if (status != GSS_S_COMPLETE) + return (status); - if (d_cred) - *d_cred = NULL; /* * if context_handle is GSS_C_NO_CONTEXT, allocate a union context * descriptor to hold the mech type information as well as the diff --git a/src/lib/gssapi/mechglue/g_acquire_cred.c b/src/lib/gssapi/mechglue/g_acquire_cred.c index d13650c827..bd5bef8ea8 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred.c @@ -71,6 +71,43 @@ create_actual_mechs(mechs_array, count) return actual_mechs; } +static OM_uint32 +val_acq_cred_args( + OM_uint32 *minor_status, + gss_name_t desired_name, + OM_uint32 time_req, + gss_OID_set desired_mechs, + int cred_usage, + gss_cred_id_t *output_cred_handle, + gss_OID_set *actual_mechs, + OM_uint32 *time_rec) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (output_cred_handle != NULL) + *output_cred_handle = GSS_C_NO_CREDENTIAL; + + if (actual_mechs != NULL) + *actual_mechs = GSS_C_NULL_OID_SET; + + if (time_rec != NULL) + *time_rec = 0; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (output_cred_handle == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + return (GSS_S_COMPLETE); +} + OM_uint32 KRB5_CALLCONV gss_acquire_cred(minor_status, @@ -101,22 +138,19 @@ OM_uint32 * time_rec; int i; gss_union_cred_t creds; - /* start by checking parameters */ - if (!minor_status) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (!output_cred_handle) - return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED); - - *output_cred_handle = GSS_C_NO_CREDENTIAL; + major = val_acq_cred_args(minor_status, + desired_name, + time_req, + desired_mechs, + cred_usage, + output_cred_handle, + actual_mechs, + time_rec); + if (major != GSS_S_COMPLETE) + return (major); - /* Set output parameters to NULL for now */ - if (actual_mechs) - *actual_mechs = GSS_C_NULL_OID_SET; - - if (time_rec) - *time_rec = 0; + /* Initial value needed below. */ + major = GSS_S_FAILURE; /* * if desired_mechs equals GSS_C_NULL_OID_SET, then pick an @@ -208,6 +242,52 @@ OM_uint32 * time_rec; return (GSS_S_COMPLETE); } +static OM_uint32 +val_add_cred_args( + OM_uint32 *minor_status, + gss_cred_id_t input_cred_handle, + gss_name_t desired_name, + gss_OID desired_mech, + gss_cred_usage_t cred_usage, + OM_uint32 initiator_time_req, + OM_uint32 acceptor_time_req, + gss_cred_id_t *output_cred_handle, + gss_OID_set *actual_mechs, + OM_uint32 *initiator_time_rec, + OM_uint32 *acceptor_time_rec) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (output_cred_handle != NULL) + *output_cred_handle = GSS_C_NO_CREDENTIAL; + + if (actual_mechs != NULL) + *actual_mechs = GSS_C_NO_OID_SET; + + if (acceptor_time_rec != NULL) + *acceptor_time_rec = 0; + + if (initiator_time_rec != NULL) + *initiator_time_rec = 0; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (input_cred_handle == GSS_C_NO_CREDENTIAL && + output_cred_handle == NULL) + + return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED); + + return (GSS_S_COMPLETE); +} + + /* V2 KRB5_CALLCONV */ OM_uint32 KRB5_CALLCONV gss_add_cred(minor_status, input_cred_handle, @@ -238,26 +318,19 @@ gss_add_cred(minor_status, input_cred_handle, gss_OID new_mechs_array = NULL; gss_cred_id_t * new_cred_array = NULL; - /* check input parameters */ - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (input_cred_handle == GSS_C_NO_CREDENTIAL && - output_cred_handle == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED); - - if (output_cred_handle) - *output_cred_handle = GSS_C_NO_CREDENTIAL; - - if (actual_mechs) - *actual_mechs = NULL; - - if (acceptor_time_rec) - *acceptor_time_rec = 0; - - if (initiator_time_rec) - *initiator_time_rec = 0; + status = val_add_cred_args(minor_status, + input_cred_handle, + desired_name, + desired_mech, + cred_usage, + initiator_time_req, + acceptor_time_req, + output_cred_handle, + actual_mechs, + initiator_time_rec, + acceptor_time_rec); + if (status != GSS_S_COMPLETE) + return (status); mech = gssint_get_mechanism(desired_mech); if (!mech) diff --git a/src/lib/gssapi/mechglue/g_canon_name.c b/src/lib/gssapi/mechglue/g_canon_name.c index 20a0e85ca8..676810cb3b 100644 --- a/src/lib/gssapi/mechglue/g_canon_name.c +++ b/src/lib/gssapi/mechglue/g_canon_name.c @@ -25,6 +25,34 @@ #include <string.h> #include <errno.h> +static OM_uint32 +val_canon_name_args( + OM_uint32 *minor_status, + const gss_name_t input_name, + const gss_OID mech_type, + gss_name_t *output_name) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (output_name != NULL) + *output_name = GSS_C_NO_NAME; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (input_name == GSS_C_NO_NAME || mech_type == GSS_C_NULL_OID) + return (GSS_S_CALL_INACCESSIBLE_READ); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_canonicalize_name(minor_status, input_name, @@ -38,17 +66,15 @@ gss_name_t *output_name; gss_union_name_t in_union, out_union = NULL, dest_union = NULL; OM_uint32 major_status = GSS_S_FAILURE; - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - - *minor_status = 0; + major_status = val_canon_name_args(minor_status, + input_name, + mech_type, + output_name); + if (major_status != GSS_S_COMPLETE) + return (major_status); - if (output_name) - *output_name = 0; - - /* check the input parameters */ - if (input_name == NULL || mech_type == GSS_C_NULL_OID) - return (GSS_S_CALL_INACCESSIBLE_READ); + /* Initial value needed below. */ + major_status = GSS_S_FAILURE; in_union = (gss_union_name_t)input_name; /* diff --git a/src/lib/gssapi/mechglue/g_compare_name.c b/src/lib/gssapi/mechglue/g_compare_name.c index 0a6db1c16b..7fb5cc9cfc 100644 --- a/src/lib/gssapi/mechglue/g_compare_name.c +++ b/src/lib/gssapi/mechglue/g_compare_name.c @@ -33,6 +33,31 @@ #endif #include <string.h> +static OM_uint32 +val_comp_name_args( + OM_uint32 *minor_status, + gss_name_t name1, + gss_name_t name2, + int *name_equal) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + /* Validate arguments. */ + + if (name1 == GSS_C_NO_NAME || name2 == GSS_C_NO_NAME) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); + + if (name_equal == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_compare_name (minor_status, name1, @@ -50,15 +75,10 @@ int * name_equal; gss_mechanism mech; gss_name_t internal_name; - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (name1 == 0 || name2 == 0) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); - - if (name_equal == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + major_status = val_comp_name_args(minor_status, + name1, name2, name_equal); + if (major_status != GSS_S_COMPLETE) + return (major_status); union_name1 = (gss_union_name_t) name1; union_name2 = (gss_union_name_t) name2; diff --git a/src/lib/gssapi/mechglue/g_delete_sec_context.c b/src/lib/gssapi/mechglue/g_delete_sec_context.c index 5d1e8626dd..bf2e9010fd 100644 --- a/src/lib/gssapi/mechglue/g_delete_sec_context.c +++ b/src/lib/gssapi/mechglue/g_delete_sec_context.c @@ -32,6 +32,35 @@ #include <stdlib.h> #endif +static OM_uint32 +val_del_sec_ctx_args( + OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + gss_buffer_t output_token) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (output_token != GSS_C_NO_BUFFER) { + output_token->length = 0; + output_token->value = NULL; + } + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) + return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CONTEXT); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_delete_sec_context (minor_status, context_handle, @@ -45,18 +74,10 @@ gss_buffer_t output_token; OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; - - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - if (output_token != GSS_C_NO_BUFFER) { - output_token->length = 0; - output_token->value = NULL; - } - - /* if the context_handle is Null, return NO_CONTEXT error */ - if(context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + status = val_del_sec_ctx_args(minor_status, context_handle, output_token); + if (status != GSS_S_COMPLETE) + return (status); /* * select the approprate underlying mechanism routine and diff --git a/src/lib/gssapi/mechglue/g_dsp_name.c b/src/lib/gssapi/mechglue/g_dsp_name.c index 161b2707e3..7db90584d8 100644 --- a/src/lib/gssapi/mechglue/g_dsp_name.c +++ b/src/lib/gssapi/mechglue/g_dsp_name.c @@ -34,6 +34,42 @@ #endif #include <string.h> +static OM_uint32 +val_dsp_name_args( + OM_uint32 *minor_status, + gss_name_t input_name, + gss_buffer_t output_name_buffer, + gss_OID *output_name_type) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (output_name_buffer != GSS_C_NO_BUFFER) { + output_name_buffer->length = 0; + output_name_buffer->value = NULL; + } + + if (output_name_type != NULL) + *output_name_type = GSS_C_NO_OID; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (output_name_buffer == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (input_name == GSS_C_NO_NAME) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_display_name (minor_status, input_name, @@ -48,19 +84,11 @@ gss_OID * output_name_type; { OM_uint32 major_status; gss_union_name_t union_name; - - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (input_name == 0) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); - - if (output_name_buffer == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - if (output_name_type) - *output_name_type = NULL; + major_status = val_dsp_name_args(minor_status, input_name, + output_name_buffer, output_name_type); + if (major_status != GSS_S_COMPLETE) + return (major_status); union_name = (gss_union_name_t) input_name; diff --git a/src/lib/gssapi/mechglue/g_dsp_status.c b/src/lib/gssapi/mechglue/g_dsp_status.c index 83583035fc..519d4a4a15 100644 --- a/src/lib/gssapi/mechglue/g_dsp_status.c +++ b/src/lib/gssapi/mechglue/g_dsp_status.c @@ -54,18 +54,20 @@ gss_buffer_t status_string; gss_OID mech_type = (gss_OID) req_mech_type; gss_mechanism mech; - /* check the input parameters */ - if (!minor_status) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + if (minor_status != NULL) + *minor_status = 0; + + if (status_string != GSS_C_NO_BUFFER) { + status_string->length = 0; + status_string->value = NULL; + } - *minor_status = 0; + if (minor_status == NULL || + message_context == NULL || + status_string == GSS_C_NO_BUFFER) - if (!message_context || status_string == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); - status_string->length = 0; - status_string->value = NULL; - /* we handle major status codes, and the mechs do the minor */ if (status_type == GSS_C_GSS_CODE) return (displayMajor(status_value, message_context, diff --git a/src/lib/gssapi/mechglue/g_dup_name.c b/src/lib/gssapi/mechglue/g_dup_name.c index 6d15e25bd7..1d37be9e17 100644 --- a/src/lib/gssapi/mechglue/g_dup_name.c +++ b/src/lib/gssapi/mechglue/g_dup_name.c @@ -19,6 +19,37 @@ #include <string.h> #include <errno.h> +static OM_uint32 +val_dup_name_args( + OM_uint32 *minor_status, + const gss_name_t src_name, + gss_name_t *dest_name) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (dest_name != NULL) + *dest_name = GSS_C_NO_NAME; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + /* if output_name is NULL, simply return */ + if (dest_name == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (src_name == GSS_C_NO_NAME) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_duplicate_name(minor_status, src_name, @@ -30,20 +61,9 @@ gss_name_t *dest_name; gss_union_name_t src_union, dest_union; OM_uint32 major_status = GSS_S_FAILURE; - - if (!minor_status) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - - *minor_status = 0; - - /* if output_name is NULL, simply return */ - if (dest_name == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_BAD_NAME); - - *dest_name = 0; - - if (src_name == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ); + major_status = val_dup_name_args(minor_status, src_name, dest_name); + if (major_status != GSS_S_COMPLETE) + return (major_status); src_union = (gss_union_name_t)src_name; diff --git a/src/lib/gssapi/mechglue/g_exp_sec_context.c b/src/lib/gssapi/mechglue/g_exp_sec_context.c index 539920b49b..1490a2b373 100644 --- a/src/lib/gssapi/mechglue/g_exp_sec_context.c +++ b/src/lib/gssapi/mechglue/g_exp_sec_context.c @@ -34,6 +34,38 @@ #endif #include <string.h> +static OM_uint32 +val_exp_sec_ctx_args( + OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + gss_buffer_t interprocess_token) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (interprocess_token != GSS_C_NO_BUFFER) { + interprocess_token->length = 0; + interprocess_token->value = NULL; + } + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + + if (interprocess_token == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_export_sec_context(minor_status, context_handle, @@ -50,16 +82,11 @@ gss_buffer_t interprocess_token; gss_mechanism mech; gss_buffer_desc token; char *buf; - - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); - if (interprocess_token == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ); + status = val_exp_sec_ctx_args(minor_status, + context_handle, interprocess_token); + if (status != GSS_S_COMPLETE) + return (status); /* * select the approprate underlying mechanism routine and diff --git a/src/lib/gssapi/mechglue/g_export_name.c b/src/lib/gssapi/mechglue/g_export_name.c index a6aab3ad94..c845f8caf7 100644 --- a/src/lib/gssapi/mechglue/g_export_name.c +++ b/src/lib/gssapi/mechglue/g_export_name.c @@ -29,19 +29,22 @@ gss_buffer_t exported_name; { gss_union_name_t union_name; + /* Initialize outputs. */ - if (minor_status) + if (minor_status != NULL) *minor_status = 0; - /* check out parameter */ - if (!exported_name) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + if (exported_name != GSS_C_NO_BUFFER) { + exported_name->value = NULL; + exported_name->length = 0; + } + + /* Validate arguments. */ - exported_name->value = NULL; - exported_name->length = 0; + if (minor_status == NULL || exported_name == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_WRITE); - /* check input parameter */ - if (!input_name) + if (input_name == GSS_C_NO_NAME) return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); union_name = (gss_union_name_t)input_name; diff --git a/src/lib/gssapi/mechglue/g_imp_name.c b/src/lib/gssapi/mechglue/g_imp_name.c index a82aaaf5a5..e0370458f7 100644 --- a/src/lib/gssapi/mechglue/g_imp_name.c +++ b/src/lib/gssapi/mechglue/g_imp_name.c @@ -38,6 +38,40 @@ /* local function to import GSS_C_EXPORT_NAME names */ static OM_uint32 importExportName(OM_uint32 *, gss_union_name_t); +static OM_uint32 +val_imp_name_args( + OM_uint32 *minor_status, + gss_buffer_t input_name_buffer, + gss_OID input_name_type, + gss_name_t *output_name) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (output_name != NULL) + *output_name = GSS_C_NO_NAME; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (output_name == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (input_name_buffer == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); + + if (GSS_EMPTY_BUFFER(input_name_buffer)) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_import_name(minor_status, input_name_buffer, @@ -53,22 +87,11 @@ gss_name_t * output_name; gss_union_name_t union_name; OM_uint32 tmp, major_status = GSS_S_FAILURE; - /* check output parameters */ - if (!minor_status) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - - *minor_status = 0; - - if (output_name == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - - *output_name = 0; - - if (input_name_buffer == GSS_C_NO_BUFFER) - return (GSS_S_BAD_NAME); - - if (GSS_EMPTY_BUFFER(input_name_buffer)) - return (GSS_S_BAD_NAME); + major_status = val_imp_name_args(minor_status, + input_name_buffer, input_name_type, + output_name); + if (major_status != GSS_S_COMPLETE) + return (major_status); /* * First create the union name struct that will hold the external diff --git a/src/lib/gssapi/mechglue/g_imp_sec_context.c b/src/lib/gssapi/mechglue/g_imp_sec_context.c index b316f8199d..1dd9542073 100644 --- a/src/lib/gssapi/mechglue/g_imp_sec_context.c +++ b/src/lib/gssapi/mechglue/g_imp_sec_context.c @@ -34,6 +34,38 @@ #endif #include <string.h> +static OM_uint32 +val_imp_sec_ctx_args( + OM_uint32 *minor_status, + gss_buffer_t interprocess_token, + gss_ctx_id_t *context_handle) +{ + + /* Initialize outputs. */ + if (minor_status != NULL) + *minor_status = 0; + + if (context_handle != NULL) + *context_handle = GSS_C_NO_CONTEXT; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (interprocess_token == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_DEFECTIVE_TOKEN); + + if (GSS_EMPTY_BUFFER(interprocess_token)) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_DEFECTIVE_TOKEN); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_import_sec_context(minor_status, interprocess_token, @@ -50,18 +82,13 @@ gss_ctx_id_t * context_handle; gss_union_ctx_id_t ctx; gss_buffer_desc token; gss_mechanism mech; - - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (context_handle == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CONTEXT); - *context_handle = GSS_C_NO_CONTEXT; - if (GSS_EMPTY_BUFFER(interprocess_token)) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_DEFECTIVE_TOKEN); + status = val_imp_sec_ctx_args(minor_status, + interprocess_token, context_handle); + if (status != GSS_S_COMPLETE) + return (status); + /* Initial value needed below. */ status = GSS_S_FAILURE; ctx = (gss_union_ctx_id_t) malloc(sizeof(gss_union_ctx_id_desc)); diff --git a/src/lib/gssapi/mechglue/g_init_sec_context.c b/src/lib/gssapi/mechglue/g_init_sec_context.c index 65c6d05b2d..52f93f124c 100644 --- a/src/lib/gssapi/mechglue/g_init_sec_context.c +++ b/src/lib/gssapi/mechglue/g_init_sec_context.c @@ -33,6 +33,54 @@ #endif #include <string.h> +static OM_uint32 +val_init_sec_ctx_args( + OM_uint32 *minor_status, + gss_cred_id_t claimant_cred_handle, + gss_ctx_id_t *context_handle, + gss_name_t target_name, + gss_OID req_mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + gss_channel_bindings_t input_chan_bindings, + gss_buffer_t input_token, + gss_OID *actual_mech_type, + gss_buffer_t output_token, + OM_uint32 *ret_flags, + OM_uint32 *time_rec) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (actual_mech_type != NULL) + *actual_mech_type = GSS_C_NO_OID; + + if (output_token != GSS_C_NO_BUFFER) { + output_token->length = 0; + output_token->value = NULL; + } + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CONTEXT); + + if (target_name == NULL) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); + + if (output_token == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_init_sec_context (minor_status, claimant_cred_handle, @@ -72,30 +120,21 @@ OM_uint32 * time_rec; gss_mechanism mech; gss_cred_id_t input_cred_handle; - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - output_token->length = 0; - output_token->value = NULL; - - /* clear output values */ - if (actual_mech_type) - *actual_mech_type = NULL; - - if (context_handle == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CONTEXT); - - union_name = (gss_union_name_t) target_name; - - if (target_name == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME); - - if (output_token == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - - output_token->value = NULL; - output_token->length = 0; - + status = val_init_sec_ctx_args(minor_status, + claimant_cred_handle, + context_handle, + target_name, + req_mech_type, + req_flags, + time_req, + input_chan_bindings, + input_token, + actual_mech_type, + output_token, + ret_flags, + time_rec); + if (status != GSS_S_COMPLETE) + return (status); if (req_mech_type) mech_type = (gss_OID)req_mech_type; diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c index 54da8d4df1..0c4513cacd 100644 --- a/src/lib/gssapi/mechglue/g_initialize.c +++ b/src/lib/gssapi/mechglue/g_initialize.c @@ -142,18 +142,21 @@ gss_OID_set *mechSet; int i, j; gss_OID curItem; - if (!minorStatus) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - if (gssint_initialize_library()) - return GSS_S_FAILURE; + /* Initialize outputs. */ - *minorStatus = 0; + if (minorStatus != NULL) + *minorStatus = 0; + if (mechSet != NULL) + *mechSet = GSS_C_NO_OID_SET; - /* check output parameter */ - if (mechSet == NULL) + /* Validate arguments. */ + if (minorStatus == NULL || mechSet == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); + if (gssint_initialize_library()) + return GSS_S_FAILURE; + if (build_mechSet()) return GSS_S_FAILURE; diff --git a/src/lib/gssapi/mechglue/g_inq_context.c b/src/lib/gssapi/mechglue/g_inq_context.c index e717aa3473..aeab57d60b 100644 --- a/src/lib/gssapi/mechglue/g_inq_context.c +++ b/src/lib/gssapi/mechglue/g_inq_context.c @@ -31,6 +31,45 @@ #include <stdlib.h> #endif +static OM_uint32 +val_inq_ctx_args( + OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + gss_name_t *src_name, + gss_name_t *targ_name, + OM_uint32 *lifetime_rec, + gss_OID *mech_type, + OM_uint32 *ctx_flags, + int *locally_initiated, + int *open) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (src_name != NULL) + *src_name = GSS_C_NO_NAME; + + if (targ_name != NULL) + *targ_name = GSS_C_NO_NAME; + + if (mech_type != NULL) + *mech_type = GSS_C_NO_OID; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == GSS_C_NO_CONTEXT) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + + return (GSS_S_COMPLETE); +} + + /* Last argument new for V2 */ OM_uint32 KRB5_CALLCONV gss_inquire_context( @@ -60,26 +99,16 @@ int * open; gss_mechanism mech; OM_uint32 status, temp_minor; gss_name_t localTargName = NULL, localSourceName = NULL; - - if (!minor_status) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - - *minor_status = 0; - - /* if the context_handle is Null, return NO_CONTEXT error */ - if (context_handle == GSS_C_NO_CONTEXT) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); - /* set all output value to NULL */ - if (src_name) - *src_name = NULL; + status = val_inq_ctx_args(minor_status, + context_handle, + src_name, targ_name, + lifetime_rec, + mech_type, ctx_flags, + locally_initiated, open); + if (status != GSS_S_COMPLETE) + return (status); - if (targ_name) - *targ_name = NULL; - - if (mech_type) - *mech_type = NULL; - /* * select the approprate underlying mechanism routine and * call it. diff --git a/src/lib/gssapi/mechglue/g_inq_cred.c b/src/lib/gssapi/mechglue/g_inq_cred.c index c4b59114d3..805579e78a 100644 --- a/src/lib/gssapi/mechglue/g_inq_cred.c +++ b/src/lib/gssapi/mechglue/g_inq_cred.c @@ -55,17 +55,21 @@ gss_OID_set * mechanisms; gss_mechanism mech; gss_name_t internal_name; int i; - - /* check parms and set to defaults */ - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - if (name) - *name = NULL; + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (name != NULL) + *name = GSS_C_NO_NAME; + + if (mechanisms != NULL) + *mechanisms = GSS_C_NO_OID_SET; - if (mechanisms) - *mechanisms = NULL; + /* Validate arguments. */ + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); if (cred_handle == GSS_C_NO_CREDENTIAL) { /* @@ -216,6 +220,14 @@ gss_inquire_cred_by_mech(minor_status, cred_handle, mech_type, name, OM_uint32 status, temp_minor_status; gss_name_t internal_name; + if (minor_status != NULL) + *minor_status = 0; + + if (name != NULL) + *name = GSS_C_NO_NAME; + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); mech = gssint_get_mechanism (mech_type); if (!mech) diff --git a/src/lib/gssapi/mechglue/g_inq_names.c b/src/lib/gssapi/mechglue/g_inq_names.c index 4332e3e0ce..d1ed23152c 100644 --- a/src/lib/gssapi/mechglue/g_inq_names.c +++ b/src/lib/gssapi/mechglue/g_inq_names.c @@ -41,10 +41,19 @@ gss_OID_set * name_types; { OM_uint32 status; gss_mechanism mech; - + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (name_types != NULL) + *name_types = GSS_C_NO_OID_SET; + + /* Validate arguments. */ + if (minor_status == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; if (name_types == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); @@ -72,6 +81,33 @@ gss_OID_set * name_types; return (GSS_S_BAD_MECH); } + +static OM_uint32 +val_inq_mechs4name_args( + OM_uint32 *minor_status, + const gss_name_t input_name, + gss_OID_set *mech_set) +{ + + /* Initialize outputs. */ + if (minor_status != NULL) + *minor_status = 0; + + if (mech_set != NULL) + *mech_set = GSS_C_NO_OID_SET; + + /* Validate arguments.e + */ + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (input_name == GSS_C_NO_NAME) + return (GSS_S_BAD_NAME); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_inquire_mechs_for_name(minor_status, input_name, mech_set) @@ -90,12 +126,9 @@ gss_inquire_mechs_for_name(minor_status, input_name, mech_set) gss_buffer_desc name_buffer; int i; - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (input_name == NULL) - return (GSS_S_BAD_NAME); + status = val_inq_mechs4name_args(minor_status, input_name, mech_set); + if (status != GSS_S_COMPLETE) + return (status); status = gss_create_empty_oid_set(minor_status, mech_set); if (status != GSS_S_COMPLETE) diff --git a/src/lib/gssapi/mechglue/g_process_context.c b/src/lib/gssapi/mechglue/g_process_context.c index beb65a141d..18b12050c4 100644 --- a/src/lib/gssapi/mechglue/g_process_context.c +++ b/src/lib/gssapi/mechglue/g_process_context.c @@ -49,6 +49,9 @@ gss_buffer_t token_buffer; if (context_handle == GSS_C_NO_CONTEXT) return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + if (token_buffer == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_READ); + if (GSS_EMPTY_BUFFER(token_buffer)) return (GSS_S_CALL_INACCESSIBLE_READ); diff --git a/src/lib/gssapi/mechglue/g_seal.c b/src/lib/gssapi/mechglue/g_seal.c index 2b31c370f1..f784be1abd 100644 --- a/src/lib/gssapi/mechglue/g_seal.c +++ b/src/lib/gssapi/mechglue/g_seal.c @@ -28,6 +28,45 @@ #include "mglueP.h" +static OM_uint32 +val_seal_args( + OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + int qop_req, + gss_buffer_t input_message_buffer, + int *conf_state, + gss_buffer_t output_message_buffer) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (output_message_buffer != GSS_C_NO_BUFFER) { + output_message_buffer->length = 0; + output_message_buffer->value = NULL; + } + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == GSS_C_NO_CONTEXT) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + + if (input_message_buffer == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_READ); + + if (output_message_buffer == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_seal (minor_status, context_handle, @@ -51,18 +90,12 @@ gss_buffer_t output_message_buffer; gss_union_ctx_id_t ctx; gss_mechanism mech; - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); - - if (input_message_buffer == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ); - - if (output_message_buffer == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + status = val_seal_args(minor_status, context_handle, + conf_req_flag, qop_req, + input_message_buffer, conf_state, + output_message_buffer); + if (status != GSS_S_COMPLETE) + return (status); /* * select the approprate underlying mechanism routine and diff --git a/src/lib/gssapi/mechglue/g_sign.c b/src/lib/gssapi/mechglue/g_sign.c index 72e0ce742c..c0510afe2f 100644 --- a/src/lib/gssapi/mechglue/g_sign.c +++ b/src/lib/gssapi/mechglue/g_sign.c @@ -28,6 +28,43 @@ #include "mglueP.h" +static OM_uint32 +val_sign_args( + OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int qop_req, + gss_buffer_t message_buffer, + gss_buffer_t msg_token) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (msg_token != GSS_C_NO_BUFFER) { + msg_token->value = NULL; + msg_token->length = 0; + } + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (context_handle == GSS_C_NO_CONTEXT) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); + + if (message_buffer == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_READ); + + if (msg_token == GSS_C_NO_BUFFER) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + return (GSS_S_COMPLETE); +} + + OM_uint32 KRB5_CALLCONV gss_sign (minor_status, context_handle, @@ -46,21 +83,11 @@ gss_buffer_t msg_token; gss_union_ctx_id_t ctx; gss_mechanism mech; - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) - return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); - - if (message_buffer == NULL) - return (GSS_S_CALL_INACCESSIBLE_READ); - - if (msg_token == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE); + status = val_sign_args(minor_status, context_handle, + qop_req, message_buffer, msg_token); + if (status != GSS_S_COMPLETE) + return (status); - msg_token->value = NULL; - msg_token->length = 0; /* * select the approprate underlying mechanism routine and * call it. diff --git a/src/lib/gssapi/mechglue/g_store_cred.c b/src/lib/gssapi/mechglue/g_store_cred.c index 92581be851..5663c28ea6 100644 --- a/src/lib/gssapi/mechglue/g_store_cred.c +++ b/src/lib/gssapi/mechglue/g_store_cred.c @@ -11,6 +11,38 @@ #include <mglueP.h> +static OM_uint32 +val_store_cred_args( + OM_uint32 *minor_status, + const gss_cred_id_t input_cred_handle, + gss_cred_usage_t cred_usage, + const gss_OID desired_mech, + OM_uint32 overwrite_cred, + OM_uint32 default_cred, + gss_OID_set *elements_stored, + gss_cred_usage_t *cred_usage_stored) +{ + + /* Initialize outputs. */ + + if (minor_status != NULL) + *minor_status = 0; + + if (elements_stored != NULL) + *elements_stored = GSS_C_NULL_OID_SET; + + /* Validate arguments. */ + + if (minor_status == NULL) + return (GSS_S_CALL_INACCESSIBLE_WRITE); + + if (input_cred_handle == GSS_C_NO_CREDENTIAL) + return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CRED); + + return (GSS_S_COMPLETE); +} + + OM_uint32 gss_store_cred(minor_status, input_cred_handle, cred_usage, @@ -37,16 +69,19 @@ gss_cred_usage_t *cred_usage_stored; gss_OID dmech; int i; - /* Start by checking parameters */ - if (minor_status == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE|GSS_S_NO_CRED); - *minor_status = 0; - - if (input_cred_handle == GSS_C_NO_CREDENTIAL) - return (GSS_S_CALL_INACCESSIBLE_READ); - - if (elements_stored != NULL) - *elements_stored = GSS_C_NULL_OID_SET; + major_status = val_store_cred_args(minor_status, + input_cred_handle, + cred_usage, + desired_mech, + overwrite_cred, + default_cred, + elements_stored, + cred_usage_stored); + if (major_status != GSS_S_COMPLETE) + return (major_status); + + /* Initial value needed below. */ + major_status = GSS_S_FAILURE; if (cred_usage_stored != NULL) *cred_usage_stored = GSS_C_BOTH; /* there's no GSS_C_NEITHER */ diff --git a/src/lib/gssapi/mechglue/g_unseal.c b/src/lib/gssapi/mechglue/g_unseal.c index 579fd14148..56f5673594 100644 --- a/src/lib/gssapi/mechglue/g_unseal.c +++ b/src/lib/gssapi/mechglue/g_unseal.c @@ -49,22 +49,28 @@ int * qop_state; gss_union_ctx_id_t ctx; gss_mechanism mech; + if (minor_status != NULL) + *minor_status = 0; + + if (output_message_buffer != GSS_C_NO_BUFFER) { + output_message_buffer->length = 0; + output_message_buffer->value = NULL; + } + if (minor_status == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); - *minor_status = 0; if (context_handle == GSS_C_NO_CONTEXT) return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); - if (GSS_EMPTY_BUFFER(input_message_buffer)) + if (input_message_buffer == GSS_C_NO_BUFFER || + GSS_EMPTY_BUFFER(input_message_buffer)) + return (GSS_S_CALL_INACCESSIBLE_READ); - if (output_message_buffer == NULL) + if (output_message_buffer == GSS_C_NO_BUFFER) return (GSS_S_CALL_INACCESSIBLE_WRITE); - output_message_buffer->length = 0; - output_message_buffer->value = NULL; - /* * select the approprate underlying mechanism routine and * call it. diff --git a/src/lib/gssapi/mechglue/g_verify.c b/src/lib/gssapi/mechglue/g_verify.c index e6a01282ab..5f0374643a 100644 --- a/src/lib/gssapi/mechglue/g_verify.c +++ b/src/lib/gssapi/mechglue/g_verify.c @@ -54,7 +54,9 @@ int * qop_state; if (context_handle == GSS_C_NO_CONTEXT) return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT); - if ((message_buffer == NULL) || GSS_EMPTY_BUFFER(token_buffer)) + if ((message_buffer == GSS_C_NO_BUFFER) || + GSS_EMPTY_BUFFER(token_buffer)) + return (GSS_S_CALL_INACCESSIBLE_READ); /* diff --git a/src/lib/gssapi/mechglue/oid_ops.c b/src/lib/gssapi/mechglue/oid_ops.c index ee981a5073..5c2ceb321c 100644 --- a/src/lib/gssapi/mechglue/oid_ops.c +++ b/src/lib/gssapi/mechglue/oid_ops.c @@ -49,7 +49,7 @@ generic_gss_release_oid(minor_status, oid) if (minor_status) *minor_status = 0; - if (*oid == GSS_C_NO_OID) + if (oid == NULL || *oid == GSS_C_NO_OID) return(GSS_S_COMPLETE); /* @@ -227,12 +227,18 @@ generic_gss_oid_to_str(minor_status, oid, oid_str) unsigned char *cp; char *bp; - *minor_status = 0; + if (minor_status != NULL) + *minor_status = 0; + + if (oid_str != GSS_C_NO_BUFFER) { + oid_str->length = 0; + oid_str->value = NULL; + } if (oid == NULL || oid->length == 0 || oid->elements == NULL) return (GSS_S_CALL_INACCESSIBLE_READ); - if (oid_str == NULL) + if (oid_str == GSS_C_NO_BUFFER) return (GSS_S_CALL_INACCESSIBLE_WRITE); /* Decoded according to krb5/gssapi_krb5.c */ @@ -307,7 +313,11 @@ generic_gss_str_to_oid(minor_status, oid_str, oid) int index; unsigned char *op; - *minor_status = 0; + if (minor_status != NULL) + *minor_status = 0; + + if (oid != NULL) + *oid = GSS_C_NO_OID; if (GSS_EMPTY_BUFFER(oid_str)) return (GSS_S_CALL_INACCESSIBLE_READ); @@ -458,17 +468,18 @@ gssint_copy_oid_set( OM_uint32 major = GSS_S_COMPLETE; OM_uint32 index; - if (minor_status) + if (minor_status != NULL) *minor_status = 0; - if (oidset == NULL) + if (new_oidset != NULL) + *new_oidset = GSS_C_NO_OID_SET; + + if (oidset == GSS_C_NO_OID_SET) return (GSS_S_CALL_INACCESSIBLE_READ); if (new_oidset == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); - *new_oidset = NULL; - if ((copy = (gss_OID_set_desc *) calloc(1, sizeof (*copy))) == NULL) { major = GSS_S_FAILURE; goto done; |