These are actual issues. Most are resource leaks. And one is a bad sizeof() computation that will cause us later to overwrite out of bound memory, so potentially a segfault.
Simo. -- Simo Sorce * Red Hat, Inc * New York
>From dff903a1f3a15516c36f40d4dffeaf751dba6423 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 13:21:59 -0400 Subject: [PATCH 1/9] Fix CID 11019: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb.c | 13 +++++++------ 1 files changed, 7 insertions(+), 6 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb.c b/daemons/ipa-kdb/ipa_kdb.c index 6a6c2063902f8b2a76d97f3510f09333c5af168d..481b1f392766498c5d7c6333fe73bafefde87dae 100644 --- a/daemons/ipa-kdb/ipa_kdb.c +++ b/daemons/ipa-kdb/ipa_kdb.c @@ -263,6 +263,13 @@ int ipadb_get_connection(struct ipadb_context *ipactx) done: ldap_msgfree(res); + + ldap_value_free_len(vals); + for (i = 0; i < c && cvals[i]; i++) { + free(cvals[i]); + } + free(cvals); + if (ret) { if (ipactx->lcontext) { ldap_unbind_ext_s(ipactx->lcontext, NULL, NULL); @@ -274,12 +281,6 @@ done: return EIO; } - ldap_value_free_len(vals); - for (i = 0; i < c; i++) { - free(cvals[i]); - } - free(cvals); - return 0; } -- 1.7.6.4
>From d83e698e2f998767cec8c2505dff666fdddd9c51 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 13:26:45 -0400 Subject: [PATCH 2/9] Fix CID 11020: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb_passwords.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_passwords.c b/daemons/ipa-kdb/ipa_kdb_passwords.c index 93e9e206081af412a472ab0c7624611a628a15b7..0bb7fa72496789241e27ecc852a1c6ede7f8e40a 100644 --- a/daemons/ipa-kdb/ipa_kdb_passwords.c +++ b/daemons/ipa-kdb/ipa_kdb_passwords.c @@ -203,6 +203,7 @@ krb5_error_code ipadb_change_pwd(krb5_context context, ret = asprintf(&ied->pw_policy_dn, "cn=global_policy,%s", ipactx->realm_base); if (ret == -1) { + free(ied); return ENOMEM; } db_entry->e_data = (krb5_octet *)ied; -- 1.7.6.4
>From bd68245ff2ea1a1a039dda19bb04c308500ac57d Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 13:40:46 -0400 Subject: [PATCH 3/9] Fix CID 11021: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- util/ipa_pwd.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/util/ipa_pwd.c b/util/ipa_pwd.c index c41617533ec25e8e656e9bb7a69d5b8b5dd8b5f7..fda6cb34ef24059362207325db61aedb62d7b665 100644 --- a/util/ipa_pwd.c +++ b/util/ipa_pwd.c @@ -560,7 +560,7 @@ int ipapwd_generate_new_history(char *password, unsigned char *hash = NULL; unsigned int hash_len; char *new_element; - char **ordered; + char **ordered = NULL; int c, i, n; int len; int ret; @@ -626,9 +626,11 @@ int ipapwd_generate_new_history(char *password, *new_pwd_history = ordered; *new_pwd_hlen = n; + ordered = NULL; ret = IPAPWD_POLICY_OK; done: + free(ordered); free(hash); return ret; } -- 1.7.6.4
>From 44c5f0588cbce8ee38b14e17fe0a07fe33cdfb0f Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 13:45:06 -0400 Subject: [PATCH 4/9] Fix CID 11022: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb_principals.c | 7 +++++++ 1 files changed, 7 insertions(+), 0 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c index fdd834f355fd9e056058fa205b217e9e1f142e51..117eea86952ee4662930b80ba5e54c75aa587faf 100644 --- a/daemons/ipa-kdb/ipa_kdb_principals.c +++ b/daemons/ipa-kdb/ipa_kdb_principals.c @@ -1571,6 +1571,7 @@ static krb5_error_code ipadb_entry_to_mods(krb5_context kcontext, char **new_history; int nh_len; int ret; + int i; ied = (struct ipadb_e_data *)entry->e_data; if (ied->magic != IPA_E_DATA_MAGIC) { @@ -1619,6 +1620,12 @@ static krb5_error_code ipadb_entry_to_mods(krb5_context kcontext, kerr = ipadb_get_ldap_mod_str_list(imods, "passwordHistory", new_history, nh_len, mod_op); + + for (i = 0; i < nh_len; i++) { + free(new_history[i]); + } + free(new_history); + if (kerr) { goto done; } -- 1.7.6.4
>From 5faf3e64d6d418be9daad1a2bb600817f29088dc Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 13:48:32 -0400 Subject: [PATCH 5/9] Fix CID 11023: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb_principals.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c index 117eea86952ee4662930b80ba5e54c75aa587faf..bb1356a01a27a639c15439187ffb8d3537c1fcec 100644 --- a/daemons/ipa-kdb/ipa_kdb_principals.c +++ b/daemons/ipa-kdb/ipa_kdb_principals.c @@ -334,6 +334,7 @@ done: free(keys[i].key_data_contents[0]); free(keys[i].key_data_contents[1]); } + free(keys); *result = NULL; *num = 0; } -- 1.7.6.4
>From 78e2d8cb9495f5037f39f65d47e094b983ea5afd Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 13:55:29 -0400 Subject: [PATCH 6/9] Fix CID 11024: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb_principals.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c index bb1356a01a27a639c15439187ffb8d3537c1fcec..818ef033f5a085c0f60e479021f0964d81487704 100644 --- a/daemons/ipa-kdb/ipa_kdb_principals.c +++ b/daemons/ipa-kdb/ipa_kdb_principals.c @@ -128,6 +128,7 @@ static int ipadb_ldap_attr_to_tl_data(LDAP *lcontext, LDAPMessage *le, done: if (ret) { + free(next); if (*result) { prev = *result; while (prev) { -- 1.7.6.4
>From aee32c27e804f8f86df6c03790d6e10f6b163456 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 13:58:14 -0400 Subject: [PATCH 7/9] Fix CID 11025: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb_principals.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c index 818ef033f5a085c0f60e479021f0964d81487704..33ed7b0e15ff1fa29150d1c2695c5a3b0c4c5f03 100644 --- a/daemons/ipa-kdb/ipa_kdb_principals.c +++ b/daemons/ipa-kdb/ipa_kdb_principals.c @@ -554,6 +554,8 @@ static krb5_error_code ipadb_parse_ldap_entry(krb5_context kcontext, } ied->magic = IPA_E_DATA_MAGIC; + entry->e_data = (krb5_octet *)ied; + /* mark this as an ipa_user if it has the posixaccount objectclass */ ret = ipadb_ldap_attr_has_value(lcontext, lentry, "objectClass", "posixAccount"); @@ -610,8 +612,6 @@ static krb5_error_code ipadb_parse_ldap_entry(krb5_context kcontext, ied->last_pwd_change = restime; } - entry->e_data = (krb5_octet *)ied; - kerr = 0; done: -- 1.7.6.4
>From 1ce25d471862b5a51e30ea989fccd93f6c7cb460 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 14:00:45 -0400 Subject: [PATCH 8/9] Fix CID 11026: Resource leak https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb_pwdpolicy.c | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c index 3dc4c218891e3ab2735eac1dcc721173657827f7..d439feb907eebda70b513ac9ca70f3e259ad3909 100644 --- a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c +++ b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c @@ -52,7 +52,7 @@ krb5_error_code ipadb_get_pwd_policy(krb5_context kcontext, char *name, krb5_error_code kerr; LDAPMessage *res = NULL; LDAPMessage *lentry; - osa_policy_ent_t pentry; + osa_policy_ent_t pentry = NULL; uint32_t result; int ret; @@ -150,6 +150,9 @@ krb5_error_code ipadb_get_pwd_policy(krb5_context kcontext, char *name, *policy = pentry; done: + if (kerr) { + free(pentry); + } free(esc_name); free(src_filter); ldap_msgfree(res); -- 1.7.6.4
>From b419023518f6092e42af269d464c8914fe72f2e2 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Thu, 3 Nov 2011 14:03:35 -0400 Subject: [PATCH 9/9] Fix CID 11027: Wrong sizeof argument https://fedorahosted.org/freeipa/ticket/2037 --- daemons/ipa-kdb/ipa_kdb_pwdpolicy.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c index d439feb907eebda70b513ac9ca70f3e259ad3909..46a0513307c859ff2cfef7ad58442edb1b9cc78d 100644 --- a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c +++ b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c @@ -85,7 +85,7 @@ krb5_error_code ipadb_get_pwd_policy(krb5_context kcontext, char *name, goto done; } - pentry = calloc(1, sizeof(osa_policy_ent_t)); + pentry = calloc(1, sizeof(osa_policy_ent_rec)); if (!pentry) { kerr = ENOMEM; goto done; -- 1.7.6.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
