summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2011-02-15 14:16:13 +0100
committerStephen Gallagher <sgallagh@redhat.com>2011-07-05 13:41:13 -0400
commit24d319721a43101d996034442137bae37b007fd3 (patch)
tree729dad1b10775b4405a4039a1a8c582d9c4d8a39
parent90f5a8a2bffb96c03097e7134388f63a72decdb5 (diff)
downloadsssd_unused-24d319721a43101d996034442137bae37b007fd3.tar.gz
sssd_unused-24d319721a43101d996034442137bae37b007fd3.tar.xz
sssd_unused-24d319721a43101d996034442137bae37b007fd3.zip
Fix unchecked return values of pam_add_responsesssd-1_5_11
https://fedorahosted.org/sssd/ticket/798
-rw-r--r--src/providers/dp_auth_util.c5
-rw-r--r--src/providers/ldap/ldap_auth.c9
-rw-r--r--src/responder/pam/pamsrv_cmd.c16
3 files changed, 23 insertions, 7 deletions
diff --git a/src/providers/dp_auth_util.c b/src/providers/dp_auth_util.c
index f8730cf9..7c3541b0 100644
--- a/src/providers/dp_auth_util.c
+++ b/src/providers/dp_auth_util.c
@@ -255,7 +255,10 @@ bool dp_unpack_pam_response(DBusMessage *msg, struct pam_data *pd, DBusError *db
dbus_message_iter_recurse(&struct_iter, &sub_iter);
dbus_message_iter_get_fixed_array(&sub_iter, &data, &len);
- pam_add_response(pd, type, len, data);
+ if (pam_add_response(pd, type, len, data) != EOK) {
+ DEBUG(1, ("pam_add_response failed.\n"));
+ return false;
+ }
dbus_message_iter_next(&array_iter);
}
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index 6970d7f6..5857e537 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -206,6 +206,7 @@ static errno_t check_pwexpire_ldap(struct pam_data *pd,
if (ppolicy->grace > 0 || ppolicy->expire > 0) {
uint32_t *data;
uint32_t *ptr;
+ int ret;
data = talloc_size(pd, 2* sizeof(uint32_t));
if (data == NULL) {
@@ -224,8 +225,12 @@ static errno_t check_pwexpire_ldap(struct pam_data *pd,
*ptr = ppolicy->expire;
}
- pam_add_response(pd, SSS_PAM_USER_INFO, 2* sizeof(uint32_t),
- (uint8_t*)data);
+ ret = pam_add_response(pd, SSS_PAM_USER_INFO, 2* sizeof(uint32_t),
+ (uint8_t*)data);
+ if (ret != EOK) {
+ DEBUG(1, ("pam_add_response failed.\n"));
+ return ret;
+ }
}
*result = SDAP_AUTH_SUCCESS;
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 8035a687..3c9d7600 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -500,8 +500,12 @@ static void pam_reply(struct pam_auth_req *preq)
DEBUG(5, ("Password change not possible while offline.\n"));
pd->pam_status = PAM_AUTHTOK_ERR;
user_info_type = SSS_PAM_USER_INFO_OFFLINE_CHPASS;
- pam_add_response(pd, SSS_PAM_USER_INFO, sizeof(uint32_t),
- (const uint8_t *) &user_info_type);
+ ret = pam_add_response(pd, SSS_PAM_USER_INFO, sizeof(uint32_t),
+ (const uint8_t *) &user_info_type);
+ if (ret != EOK) {
+ DEBUG(1, ("pam_add_response failed.\n"));
+ goto done;
+ }
break;
/* TODO: we need the pam session cookie here to make sure that cached
* authentication was successful */
@@ -565,8 +569,12 @@ static void pam_reply(struct pam_auth_req *preq)
}
if (pd->domain != NULL) {
- pam_add_response(pd, SSS_PAM_DOMAIN_NAME, strlen(pd->domain)+1,
- (uint8_t *) pd->domain);
+ ret = pam_add_response(pd, SSS_PAM_DOMAIN_NAME, strlen(pd->domain)+1,
+ (uint8_t *) pd->domain);
+ if (ret != EOK) {
+ DEBUG(1, ("pam_add_response failed.\n"));
+ goto done;
+ }
}
resp_c = 0;