rpms/freeradius
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix PW_TYPE_FILE_INPUT handling in cf_item_parse

Browse Source 
This fixes the following Coverity issues:

    Error: DEADCODE (CWE-561):
    freeradius-server-3.0.4/src/main/conffile.c:1002: assignment: Assigning: "type" &= "255".
    freeradius-server-3.0.4/src/main/conffile.c:1041: between: When switching on "type", the value of "type" must be between 0 and 255.
    freeradius-server-3.0.4/src/main/conffile.c:1167: dead_error_condition: The switch value "type" cannot be "16385".
    freeradius-server-3.0.4/src/main/conffile.c:1167: dead_error_line: Execution cannot reach this statement: "case 16385:".

    Error: DEADCODE (CWE-561):
    freeradius-server-3.0.4/src/main/conffile.c:1002: assignment: Assigning: "type" &= "255".
    freeradius-server-3.0.4/src/main/conffile.c:1041: between: When switching on "type", the value of "type" must be between 0 and 255.
    freeradius-server-3.0.4/src/main/conffile.c:1168: dead_error_condition: The switch value "type" cannot be "32769".
    freeradius-server-3.0.4/src/main/conffile.c:1168: dead_error_begin: Execution cannot reach this statement: "case 32769:".

Resolves: Bug#1120234
This commit is contained in:
Nikolai Kondrashov 2014-10-30 16:02:05 +02:00
parent 2c2e39afa9
commit 12ea0067d5
2 changed files with 87 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
freeradius-fix-checks-for-PW_TYPE_FILE_INPUT.patch Normal file
View File

@ -0,0 +1,85 @@
From bae8305c7c1f35f853d9ffe520983c90f2a927a8 Mon Sep 17 00:00:00 2001
From: "Alan T. DeKok" <aland@freeradius.org>
Date: Sun, 5 Oct 2014 17:31:34 -0400
Subject: [PATCH 1/1] Fix checks for PW_TYPE_FILE_INPUT
---
src/main/conffile.c | 45 +++++++--------------------------------------
1 file changed, 7 insertions(+), 38 deletions(-)
diff --git a/src/main/conffile.c b/src/main/conffile.c
index 37c8aba..a221dcd 100644
--- a/src/main/conffile.c
+++ b/src/main/conffile.c
@@ -985,7 +985,7 @@ static inline int fr_item_validate_ipaddr(CONF_SECTION *cs, char const *name, PW
int cf_item_parse(CONF_SECTION *cs, char const *name, int type, void *data, char const *dflt)
{
int rcode;
- bool deprecated, required, attribute, secret;
+ bool deprecated, required, attribute, secret, input;
char **q;
char const *value;
CONF_PAIR const *cp = NULL;
@@ -998,6 +998,7 @@ int cf_item_parse(CONF_SECTION *cs, char const *name, int type, void *data, char
required = (type & PW_TYPE_REQUIRED);
attribute = (type & PW_TYPE_ATTRIBUTE);
secret = (type & PW_TYPE_SECRET);
+ input = (type == PW_TYPE_FILE_INPUT); /* check, not and */
type &= 0xff; /* normal types are small */
rcode = 0;
@@ -1157,46 +1158,14 @@ int cf_item_parse(CONF_SECTION *cs, char const *name, int type, void *data, char
cs->depth, parse_spaces, name, value ? value : "(null)");
}
*q = value ? talloc_typed_strdup(cs, value) : NULL;
- break;
-
- /*
- * This is the same as PW_TYPE_STRING,
- * except that we also "stat" the file, and
- * cache the result.
- */
- case PW_TYPE_FILE_INPUT:
- case PW_TYPE_FILE_OUTPUT:
- q = (char **) data;
- if (*q != NULL) {
- free(*q);
- }
-
- /*
- * Expand variables which haven't already been
- * expanded automagically when the configuration
- * file was read.
- */
- if ((value == dflt) && cs) {
- int lineno = 0;
-
- value = cf_expand_variables("?",
- &lineno,
- cs, buffer, sizeof(buffer),
- value);
- if (!value) return -1;
- }
-
- if (required && (!value || !*value)) goto is_required;
-
- cf_log_info(cs, "%.*s\t%s = \"%s\"",
- cs->depth, parse_spaces, name, value);
- *q = value ? talloc_typed_strdup(cs, value) : NULL;
/*
- * If the filename exists and we're supposed to
- * read it, check it.
+ * If there's data AND it's an input file, check
+ * that we can read it. This check allows errors
+ * to be caught as early as possible, during
+ * server startup.
*/
- if (*q && (type == PW_TYPE_FILE_INPUT)) {
+ if (*q && input) {
struct stat buf;
if (stat(*q, &buf) < 0) {
--
2.1.1

2
freeradius.spec
View File

@ -40,6 +40,7 @@ Patch16: freeradius-connection-fall-through-to-global-module-triggers.patch
Patch17: freeradius-ignore-SIGTERM-when-firing-stop-and-signal.term.patch Patch17: freeradius-ignore-SIGTERM-when-firing-stop-and-signal.term.patch
Patch18: freeradius-raddb-update-triggers-in-trigger.conf.patch Patch18: freeradius-raddb-update-triggers-in-trigger.conf.patch
Patch19: freeradius-make-grp-tallo-c-too.patch Patch19: freeradius-make-grp-tallo-c-too.patch
Patch20: freeradius-fix-checks-for-PW_TYPE_FILE_INPUT.patch
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}} %global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
@ -215,6 +216,7 @@ This plugin provides the unixODBC support for the FreeRADIUS server project.
%patch17 -p1 %patch17 -p1
%patch18 -p1 %patch18 -p1
%patch19 -p1 %patch19 -p1
%patch20 -p1
%build %build
# Force compile/link options, extra security for network facing daemon # Force compile/link options, extra security for network facing daemon