Fix PW_TYPE_FILE_INPUT handling in cf_item_parse
This fixes the following Coverity issues:
Error: DEADCODE (CWE-561):
freeradius-server-3.0.4/src/main/conffile.c:1002: assignment: Assigning: "type" &= "255".
freeradius-server-3.0.4/src/main/conffile.c:1041: between: When switching on "type", the value of "type" must be between 0 and 255.
freeradius-server-3.0.4/src/main/conffile.c:1167: dead_error_condition: The switch value "type" cannot be "16385".
freeradius-server-3.0.4/src/main/conffile.c:1167: dead_error_line: Execution cannot reach this statement: "case 16385:".
Error: DEADCODE (CWE-561):
freeradius-server-3.0.4/src/main/conffile.c:1002: assignment: Assigning: "type" &= "255".
freeradius-server-3.0.4/src/main/conffile.c:1041: between: When switching on "type", the value of "type" must be between 0 and 255.
freeradius-server-3.0.4/src/main/conffile.c:1168: dead_error_condition: The switch value "type" cannot be "32769".
freeradius-server-3.0.4/src/main/conffile.c:1168: dead_error_begin: Execution cannot reach this statement: "case 32769:".
Resolves: Bug#1120234
This commit is contained in:
Nikolai Kondrashov
parent
2c2e39afa9
commit
12ea0067d5
85
freeradius-fix-checks-for-PW_TYPE_FILE_INPUT.patch
Normal file
85
freeradius-fix-checks-for-PW_TYPE_FILE_INPUT.patch
Normal file
@ -0,0 +1,85 @@
|
||||
From bae8305c7c1f35f853d9ffe520983c90f2a927a8 Mon Sep 17 00:00:00 2001
|
||||
From: "Alan T. DeKok" <aland@freeradius.org>
|
||||
Date: Sun, 5 Oct 2014 17:31:34 -0400
|
||||
Subject: [PATCH 1/1] Fix checks for PW_TYPE_FILE_INPUT
|
||||
|
||||
---
|
||||
src/main/conffile.c | 45 +++++++--------------------------------------
|
||||
1 file changed, 7 insertions(+), 38 deletions(-)
|
||||
|
||||
diff --git a/src/main/conffile.c b/src/main/conffile.c
|
||||
index 37c8aba..a221dcd 100644
|
||||
--- a/src/main/conffile.c
|
||||
+++ b/src/main/conffile.c
|
||||
@@ -985,7 +985,7 @@ static inline int fr_item_validate_ipaddr(CONF_SECTION *cs, char const *name, PW
|
||||
int cf_item_parse(CONF_SECTION *cs, char const *name, int type, void *data, char const *dflt)
|
||||
{
|
||||
int rcode;
|
||||
- bool deprecated, required, attribute, secret;
|
||||
+ bool deprecated, required, attribute, secret, input;
|
||||
char **q;
|
||||
char const *value;
|
||||
CONF_PAIR const *cp = NULL;
|
||||
@@ -998,6 +998,7 @@ int cf_item_parse(CONF_SECTION *cs, char const *name, int type, void *data, char
|
||||
required = (type & PW_TYPE_REQUIRED);
|
||||
attribute = (type & PW_TYPE_ATTRIBUTE);
|
||||
secret = (type & PW_TYPE_SECRET);
|
||||
+ input = (type == PW_TYPE_FILE_INPUT); /* check, not and */
|
||||
|
||||
type &= 0xff; /* normal types are small */
|
||||
rcode = 0;
|
||||
@@ -1157,46 +1158,14 @@ int cf_item_parse(CONF_SECTION *cs, char const *name, int type, void *data, char
|
||||
cs->depth, parse_spaces, name, value ? value : "(null)");
|
||||
}
|
||||
*q = value ? talloc_typed_strdup(cs, value) : NULL;
|
||||
- break;
|
||||
-
|
||||
- /*
|
||||
- * This is the same as PW_TYPE_STRING,
|
||||
- * except that we also "stat" the file, and
|
||||
- * cache the result.
|
||||
- */
|
||||
- case PW_TYPE_FILE_INPUT:
|
||||
- case PW_TYPE_FILE_OUTPUT:
|
||||
- q = (char **) data;
|
||||
- if (*q != NULL) {
|
||||
- free(*q);
|
||||
- }
|
||||
-
|
||||
- /*
|
||||
- * Expand variables which haven't already been
|
||||
- * expanded automagically when the configuration
|
||||
- * file was read.
|
||||
- */
|
||||
- if ((value == dflt) && cs) {
|
||||
- int lineno = 0;
|
||||
-
|
||||
- value = cf_expand_variables("?",
|
||||
- &lineno,
|
||||
- cs, buffer, sizeof(buffer),
|
||||
- value);
|
||||
- if (!value) return -1;
|
||||
- }
|
||||
-
|
||||
- if (required && (!value || !*value)) goto is_required;
|
||||
-
|
||||
- cf_log_info(cs, "%.*s\t%s = \"%s\"",
|
||||
- cs->depth, parse_spaces, name, value);
|
||||
- *q = value ? talloc_typed_strdup(cs, value) : NULL;
|
||||
|
||||
/*
|
||||
- * If the filename exists and we're supposed to
|
||||
- * read it, check it.
|
||||
+ * If there's data AND it's an input file, check
|
||||
+ * that we can read it. This check allows errors
|
||||
+ * to be caught as early as possible, during
|
||||
+ * server startup.
|
||||
*/
|
||||
- if (*q && (type == PW_TYPE_FILE_INPUT)) {
|
||||
+ if (*q && input) {
|
||||
struct stat buf;
|
||||
|
||||
if (stat(*q, &buf) < 0) {
|
||||
--
|
||||
2.1.1
|
||||
|
||||
@ -40,6 +40,7 @@ Patch16: freeradius-connection-fall-through-to-global-module-triggers.patch
|
||||
Patch17: freeradius-ignore-SIGTERM-when-firing-stop-and-signal.term.patch
|
||||
Patch18: freeradius-raddb-update-triggers-in-trigger.conf.patch
|
||||
Patch19: freeradius-make-grp-tallo-c-too.patch
|
||||
Patch20: freeradius-fix-checks-for-PW_TYPE_FILE_INPUT.patch
|
||||
|
||||
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
|
||||
|
||||
@ -215,6 +216,7 @@ This plugin provides the unixODBC support for the FreeRADIUS server project.
|
||||
%patch17 -p1
|
||||
%patch18 -p1
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
|
||||
%build
|
||||
# Force compile/link options, extra security for network facing daemon
|
||||
|
||||
Loading…
Reference in New Issue
Block a user