git: 593699ac6446 - stable/12 - heimdal: Add missing iprop error checks.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 01 Dec 2022 14:26:11 UTC
The branch stable/12 has been updated by cy:
URL: https://cgit.FreeBSD.org/src/commit/?id=593699ac64463aafd30d16ed206b230c4ba0dafc
commit 593699ac64463aafd30d16ed206b230c4ba0dafc
Author: Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2022-11-26 18:19:55 +0000
Commit: Cy Schubert <cy@FreeBSD.org>
CommitDate: 2022-12-01 14:25:53 +0000
heimdal: Add missing iprop error checks.
Inspired by upstream 9d6dd21256f87988605fa75172be9cc92535064c.
Obtained from: Heimdal 9d6dd21256f87988605fa75172be9cc92535064c
(cherry picked from commit 5040a7a9aa67861a095bae6edfbc67572cd24457)
---
crypto/heimdal/lib/kadm5/iprop-log.c | 48 ++++++++++++++++++++++--------------
1 file changed, 30 insertions(+), 18 deletions(-)
diff --git a/crypto/heimdal/lib/kadm5/iprop-log.c b/crypto/heimdal/lib/kadm5/iprop-log.c
index b201de66d1f6..7e4e1a55ea9a 100644
--- a/crypto/heimdal/lib/kadm5/iprop-log.c
+++ b/crypto/heimdal/lib/kadm5/iprop-log.c
@@ -134,21 +134,29 @@ print_entry(kadm5_server_context *server_context,
op_names[op], ver, t, len);
switch(op) {
case kadm_delete:
- krb5_ret_principal(sp, &source);
- krb5_unparse_name(scontext, source, &name1);
+ ret = krb5_unparse_name(scontext, source, &name1);
+ if (ret == 0)
+ ret = krb5_ret_principal(sp, &source);
+ if (ret)
+ krb5_err(scontext, 1, ret, "Failed to read a delete record");
printf(" %s\n", name1);
free(name1);
krb5_free_principal(scontext, source);
break;
case kadm_rename:
ret = krb5_data_alloc(&data, len);
+ if (ret == 0)
+ krb5_ret_principal(sp, &source);
+ if (ret == 0 && krb5_storage_read(sp, data.data, data.length))
+ ret = errno;
+ if (ret == 0)
+ ret = hdb_value2entry(scontext, &data, &ent);
+ if (ret == 0)
+ ret = krb5_unparse_name(scontext, source, &name1);
+ if (ret == 0)
+ ret = krb5_unparse_name(scontext, ent.principal, &name2);
if (ret)
krb5_err (scontext, 1, ret, "kadm_rename: data alloc: %d", len);
- krb5_ret_principal(sp, &source);
- krb5_storage_read(sp, data.data, data.length);
- hdb_value2entry(scontext, &data, &ent);
- krb5_unparse_name(scontext, source, &name1);
- krb5_unparse_name(scontext, ent.principal, &name2);
printf(" %s -> %s\n", name1, name2);
free(name1);
free(name2);
@@ -157,26 +165,30 @@ print_entry(kadm5_server_context *server_context,
break;
case kadm_create:
ret = krb5_data_alloc(&data, len);
+ if (ret == 0 && krb5_storage_read(sp, data.data, data.length))
+ ret = errno;
+ if (ret == 0)
+ ret = hdb_value2entry(scontext, &data, &ent);
if (ret)
krb5_err (scontext, 1, ret, "kadm_create: data alloc: %d", len);
- krb5_storage_read(sp, data.data, data.length);
- ret = hdb_value2entry(scontext, &data, &ent);
- if(ret)
- abort();
mask = ~0;
goto foo;
case kadm_modify:
ret = krb5_data_alloc(&data, len);
+ if (ret == 0)
+ ret = krb5_ret_int32(sp, &mask);
+ if (ret == 0 && krb5_storage_read(sp, data.data, data.length))
+ ret = errno;
+ if (ret == 0)
+ ret = hdb_value2entry(scontext, &data, &ent);
if (ret)
krb5_err (scontext, 1, ret, "kadm_modify: data alloc: %d", len);
- krb5_ret_int32(sp, &mask);
- krb5_storage_read(sp, data.data, data.length);
- ret = hdb_value2entry(scontext, &data, &ent);
- if(ret)
- abort();
foo:
if(ent.principal /* mask & KADM5_PRINCIPAL */) {
- krb5_unparse_name(scontext, ent.principal, &name1);
+ ret = krb5_unparse_name(scontext, ent.principal, &name1);
+ if (ret)
+ krb5_err(scontext, 1, ret,
+ "Failed to process a create or modify record");
printf(" principal = %s\n", name1);
free(name1);
}
@@ -260,7 +272,7 @@ print_entry(kadm5_server_context *server_context,
case kadm_nop :
break;
default:
- abort();
+ krb5_errx(scontext, 1, "Unknown record type");
}
krb5_storage_seek(sp, end, SEEK_SET);
}