Re: [SSSD] [PATCHES] Fixes for issues in SSH-related code found by coverity

Jan Zelený Fri, 09 Mar 2012 01:29:44 -0800

> On 7.3.2012 17:25, Jan Zelený wrote:
> >> On Wed, 2012-03-07 at 16:23 +0100, Jan Cholasta wrote:
> >>> On 7.3.2012 14:22, Jan Zelený wrote:
> >>>> Please check the umask mode, that's the only thing I'm not sure about.
> >>> 
> >>> The file mode is changed after the file is created using fchmod(), so
> >>> no umask is necessary. I did not use umask in the first place because
> >>> according to mkstemp man page:
> >>> 
> >>> "The file is created with permissions 0600, that is, read plus write
> >>> for owner only. (In glibc versions 2.06 and earlier, the file is
> >>> created with permissions 0666, that is, read and write for all
> >>> users.)"
> >>> 
> >>> If you really want to use umask, use umask mode 0133 instead of 0122.
> >> 
> >> Please use umask. This may be the case with glibc, but we can't
> >> guarantee that behavior on other libc implementations (which would
> >> hinder porting efforts).
> > 
> > Corrected patch attached.
> > 
> > Jan
> 
> NACK. The fchmod has to stay, otherwise the file will be unreadable for
> users other than root (because 0600 & ~0133 == 0600, but we need 0644).


Thanks, I thought that the umask will actually do this. I'm sending another 
round of patches.

Thanks
Jan

From ad5f313ef3783b77ac55f8f410d6f8213da54713 Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzel...@redhat.com>
Date: Wed, 7 Mar 2012 07:35:26 -0500
Subject: [PATCH 1/4] Fixed uninitialized pointer in SSH known host proxy

---
 src/sss_client/ssh/sss_ssh_knownhostsproxy.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/sss_client/ssh/sss_ssh_knownhostsproxy.c b/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
index 9dae3cb6c7089d57416835b066f302729f639173..280532b6e7cf75356abd2585692601062d53b26f 100644
--- a/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
+++ b/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
@@ -199,7 +199,7 @@ connect_proxy_command(char **args)
 
 int main(int argc, const char **argv)
 {
-    TALLOC_CTX *mem_ctx;
+    TALLOC_CTX *mem_ctx = NULL;
     int pc_debug = SSSDBG_DEFAULT;
     const char *pc_port = "22";
     const char *pc_domain = NULL;
-- 
1.7.6.4

From 8ad7b265fa252790a52d143084908becdfafccfd Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzel...@redhat.com>
Date: Wed, 7 Mar 2012 07:36:31 -0500
Subject: [PATCH 2/4] Fixed uninitialized pointer in SSH authorized keys
 client

---
 src/sss_client/ssh/sss_ssh_authorizedkeys.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/sss_client/ssh/sss_ssh_authorizedkeys.c b/src/sss_client/ssh/sss_ssh_authorizedkeys.c
index de9454221bf45b7a24491e81821aa4b52938d9e2..174cb531eb75b86f237e1fe5f7985071afd10359 100644
--- a/src/sss_client/ssh/sss_ssh_authorizedkeys.c
+++ b/src/sss_client/ssh/sss_ssh_authorizedkeys.c
@@ -30,7 +30,7 @@
 
 int main(int argc, const char **argv)
 {
-    TALLOC_CTX *mem_ctx;
+    TALLOC_CTX *mem_ctx = NULL;
     int pc_debug = SSSDBG_DEFAULT;
     const char *pc_domain = NULL;
     const char *pc_user = NULL;
-- 
1.7.6.4

From b6a0ab7e731abe027e4038ff5a04131d3fbb0334 Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzel...@redhat.com>
Date: Wed, 7 Mar 2012 07:54:49 -0500
Subject: [PATCH 3/4] Add umask before mkstemp() call in SSH responder

---
 src/responder/ssh/sshsrv_cmd.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index 77ffd80c12cdca81dbce828438d620c357f3deda..0a892a42a760bf3f4c1408bcd1c92523c5c4f501 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -481,6 +481,7 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx)
     int fd = -1;
     char *filename, *pubkey, *line;
     ssize_t wret;
+    mode_t old_mask;
 
     tmp_ctx = talloc_new(NULL);
     if (!tmp_ctx) {
@@ -494,7 +495,9 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx)
         goto done;
     }
 
+    old_mask = umask(0133);
     fd = mkstemp(filename);
+    umask(old_mask)
     if (fd == -1) {
         filename = NULL;
         ret = errno;
-- 
1.7.6.4

From af590841ad88a80e5190fa9183b28123cf51032b Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzel...@redhat.com>
Date: Wed, 7 Mar 2012 07:59:52 -0500
Subject: [PATCH 4/4] Fixed resource leak in ssh client code

---
 src/sss_client/ssh/sss_ssh_client.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/src/sss_client/ssh/sss_ssh_client.c b/src/sss_client/ssh/sss_ssh_client.c
index 82507787d474efbf8187623e892d390c6565606c..41b20e76cbe569adaa4517d85d4bbb2422bf4508 100644
--- a/src/sss_client/ssh/sss_ssh_client.c
+++ b/src/sss_client/ssh/sss_ssh_client.c
@@ -227,6 +227,7 @@ sss_ssh_get_ent(TALLOC_CTX *mem_ctx,
 
 done:
     talloc_free(tmp_ctx);
+    free(rep);
 
     return ret;
 }
-- 
1.7.6.4

signature.asc
Description: This is a digitally signed message part.

_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel

Re: [SSSD] [PATCHES] Fixes for issues in SSH-related code found by coverity

Reply via email to