diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2016-04-13 17:29:57 +0200 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-04-18 18:17:51 +0200 |
commit | e547eb597ade731f49b679ce264bbfd907363ff8 (patch) | |
tree | 90d3e3125490980a9e67df1daf758026ad063906 | |
parent | aeb3cef10158a1c621d58c6d982e53569e40c6c0 (diff) | |
download | sssd-e547eb597ade731f49b679ce264bbfd907363ff8.tar.gz sssd-e547eb597ade731f49b679ce264bbfd907363ff8.tar.xz sssd-e547eb597ade731f49b679ce264bbfd907363ff8.zip |
IPA_SUDO: Prevent dereference of NULL pointer
Error: NULL_RETURNS (CWE-476): [#def31]
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:964:
returned_null: "ipa_sudo_conv_lookup" returns null.
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:149:9:
return_null: Explicitly returning null.
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:964:
var_assigned: Assigning: "cmdgroup" = null return value
from "ipa_sudo_conv_lookup".
sssd-1.13.4/src/providers/ipa/ipa_sudo_conversion.c:966:
dereference: Dereferencing a null pointer "cmdgroup".
# 964| cmdgroup = ipa_sudo_conv_lookup(conv->cmdgroups, listitem->dn);
# 965|
# 966|-> ret = add_strings_lists(mem_ctx, values, cmdgroup->expanded,
# 967| false, discard_const(&values));
# 968| if (ret != EOK) {
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
-rw-r--r-- | src/providers/ipa/ipa_sudo_conversion.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/providers/ipa/ipa_sudo_conversion.c b/src/providers/ipa/ipa_sudo_conversion.c index 278fee600..1286bf351 100644 --- a/src/providers/ipa/ipa_sudo_conversion.c +++ b/src/providers/ipa/ipa_sudo_conversion.c @@ -962,6 +962,11 @@ combine_cmdgroups(TALLOC_CTX *mem_ctx, DLIST_FOR_EACH(listitem, list) { cmdgroup = ipa_sudo_conv_lookup(conv->cmdgroups, listitem->dn); + if (cmdgroup == NULL) { + DEBUG(SSSDBG_MINOR_FAILURE, + "ipa_sudo_conv_lookup failed for DN:%s\n", listitem->dn); + continue; + } ret = add_strings_lists(mem_ctx, values, cmdgroup->expanded, false, discard_const(&values)); |