From 1509d1723d39124f840c214327e698aff3b3f683 Mon Sep 17 00:00:00 2001
From: Pavel Březina <pbrezina@redhat.com>
Date: Fri, 9 Mar 2012 14:01:16 +0100
Subject: Potential NULL-dereference in sudosrv_cmd_get_sudorules

https://fedorahosted.org/sssd/ticket/1236
---
 src/responder/sudo/sudosrv_cmd.c | 26 ++++++++++++--------------
 1 file changed, 12 insertions(+), 14 deletions(-)

(limited to 'src/responder')

diff --git a/src/responder/sudo/sudosrv_cmd.c b/src/responder/sudo/sudosrv_cmd.c
index 8920ca28..e3dd3842 100644
--- a/src/responder/sudo/sudosrv_cmd.c
+++ b/src/responder/sudo/sudosrv_cmd.c
@@ -164,8 +164,9 @@ static int sudosrv_cmd_get_sudorules(struct cli_ctx *cli_ctx)
 
     cmd_ctx = talloc_zero(cli_ctx, struct sudo_cmd_ctx);
     if (!cmd_ctx) {
-        ret = ENOMEM;
-        goto done;
+        /* kill the connection here as we have no context for reply */
+        DEBUG(SSSDBG_FATAL_FAILURE, ("Out of memory?\n"));
+        return ENOMEM;
     }
     cmd_ctx->cli_ctx = cli_ctx;
     cmd_ctx->type = SSS_DP_SUDO_USER;
@@ -173,16 +174,14 @@ static int sudosrv_cmd_get_sudorules(struct cli_ctx *cli_ctx)
     /* get responder ctx */
     cmd_ctx->sudo_ctx = talloc_get_type(cli_ctx->rctx->pvt_ctx, struct sudo_ctx);
     if (!cmd_ctx->sudo_ctx) {
-        DEBUG(SSSDBG_FATAL_FAILURE, ("sudo_ctx not set\n"));
-        ret = EFAULT;
-        goto done;
+        DEBUG(SSSDBG_FATAL_FAILURE, ("sudo_ctx not set, killing connection!\n"));
+        return EFAULT;
     }
 
     /* create domain ctx */
     dctx = talloc_zero(cmd_ctx, struct sudo_dom_ctx);
     if (!dctx) {
-        ret = ENOMEM;
-        goto done;
+        return sudosrv_cmd_send_error(cmd_ctx, cmd_ctx, ENOMEM);
     }
     dctx->cmd_ctx = cmd_ctx;
     dctx->orig_username = NULL;
@@ -263,8 +262,9 @@ static int sudosrv_cmd_get_defaults(struct cli_ctx *cli_ctx)
 
     cmd_ctx = talloc_zero(cli_ctx, struct sudo_cmd_ctx);
     if (!cmd_ctx) {
-        ret = ENOMEM;
-        goto done;
+        /* kill the connection here as we have no context for reply */
+        DEBUG(SSSDBG_FATAL_FAILURE, ("Out of memory?\n"));
+        return ENOMEM;
     }
     cmd_ctx->cli_ctx = cli_ctx;
     cmd_ctx->type = SSS_DP_SUDO_DEFAULTS;
@@ -274,16 +274,14 @@ static int sudosrv_cmd_get_defaults(struct cli_ctx *cli_ctx)
     /* get responder ctx */
     cmd_ctx->sudo_ctx = talloc_get_type(cli_ctx->rctx->pvt_ctx, struct sudo_ctx);
     if (!cmd_ctx->sudo_ctx) {
-        DEBUG(SSSDBG_FATAL_FAILURE, ("sudo_ctx not set\n"));
-        ret = EFAULT;
-        goto done;
+        DEBUG(SSSDBG_FATAL_FAILURE, ("sudo_ctx not set, killing connection!\n"));
+        return EFAULT;
     }
 
     /* create domain ctx */
     dctx = talloc_zero(cmd_ctx, struct sudo_dom_ctx);
     if (!dctx) {
-        ret = ENOMEM;
-        goto done;
+        return sudosrv_cmd_send_error(cmd_ctx, cmd_ctx, ENOMEM);
     }
     dctx->cmd_ctx = cmd_ctx;
     dctx->orig_username = NULL;
-- 
cgit