From bff738a25d0479ea297b1dae594a62e63d66eb8d Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Thu, 12 Sep 2019 10:15:52 -0400 Subject: [PATCH] Static analyzer appeasement --- ...ull-check-in-krb5_gss_duplicate_name.patch | 28 +++++++++++++++ ...arent-forward-null-in-clnttcp_create.patch | 34 +++++++++++++++++++ krb5.spec | 7 +++- 3 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 Remove-null-check-in-krb5_gss_duplicate_name.patch create mode 100644 Squash-apparent-forward-null-in-clnttcp_create.patch diff --git a/Remove-null-check-in-krb5_gss_duplicate_name.patch b/Remove-null-check-in-krb5_gss_duplicate_name.patch new file mode 100644 index 0000000..685261a --- /dev/null +++ b/Remove-null-check-in-krb5_gss_duplicate_name.patch @@ -0,0 +1,28 @@ +From 7016aa77499732446d7bc838b95810c8cdf5b15b Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 30 Aug 2019 11:19:52 -0400 +Subject: [PATCH] Remove null check in krb5_gss_duplicate_name() + +Within the krb5 mechanism, we require minor_status to be writable +without checking. Remove the null check in krb5_gss_duplicate_name() +to squash a forward-null defect. + +(cherry picked from commit 9fd7bc179f0bd74fc83c1edf0247dcfd87fc73e6) +--- + src/lib/gssapi/krb5/duplicate_name.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/lib/gssapi/krb5/duplicate_name.c b/src/lib/gssapi/krb5/duplicate_name.c +index b88d97d9d..ea53e9c0d 100644 +--- a/src/lib/gssapi/krb5/duplicate_name.c ++++ b/src/lib/gssapi/krb5/duplicate_name.c +@@ -34,8 +34,7 @@ krb5_gss_duplicate_name(OM_uint32 *minor_status, const gss_name_t input_name, + krb5_error_code code; + krb5_gss_name_t princ, outprinc; + +- if (minor_status) +- *minor_status = 0; ++ *minor_status = 0; + + code = krb5_gss_init_context(&context); + if (code) { diff --git a/Squash-apparent-forward-null-in-clnttcp_create.patch b/Squash-apparent-forward-null-in-clnttcp_create.patch new file mode 100644 index 0000000..084d23a --- /dev/null +++ b/Squash-apparent-forward-null-in-clnttcp_create.patch @@ -0,0 +1,34 @@ +From e2087bcf8a10fa0ecc4f0663e8df9b7ef5752805 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 30 Aug 2019 11:16:58 -0400 +Subject: [PATCH] Squash apparent forward-null in clnttcp_create() + +clnttcp_create() only allows raddr to be NULL if *sockp is set. +Static analyzers cannot know this, so can report a forward null +defect. Add an raddr check before calling connect() to squash the +defect. + +[ghudson@mit.edu: rewrote commit message] + +(cherry picked from commit b2f688eedd4bcca525201ef9485749a8c20b808a) +--- + src/lib/rpc/clnt_tcp.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/lib/rpc/clnt_tcp.c b/src/lib/rpc/clnt_tcp.c +index 87761906c..dbd62d0a7 100644 +--- a/src/lib/rpc/clnt_tcp.c ++++ b/src/lib/rpc/clnt_tcp.c +@@ -168,9 +168,9 @@ clnttcp_create( + if (*sockp < 0) { + *sockp = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + (void)bindresvport_sa(*sockp, NULL); +- if ((*sockp < 0) +- || (connect(*sockp, (struct sockaddr *)raddr, +- sizeof(*raddr)) < 0)) { ++ if (*sockp < 0 || raddr == NULL || ++ connect(*sockp, (struct sockaddr *)raddr, ++ sizeof(*raddr)) < 0) { + rpc_createerr.cf_stat = RPC_SYSTEMERROR; + rpc_createerr.cf_error.re_errno = errno; + (void)closesocket(*sockp); diff --git a/krb5.spec b/krb5.spec index 9c36a6e..0042a61 100644 --- a/krb5.spec +++ b/krb5.spec @@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.17 # for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces) -Release: 43%{?dist} +Release: 44%{?dist} # lookaside-cached sources; two downloads and a build artifact Source0: https://web.mit.edu/kerberos/dist/krb5/1.17/krb5-%{version}%{prerelease}.tar.gz @@ -121,6 +121,8 @@ Patch159: Initialize-life-rlife-in-kdcpolicy-interface.patch Patch160: Fix-KCM-client-time-offset-propagation.patch Patch161: krb5-1.17post5-FIPS-with-PRNG-and-RADIUS-without-SPA.patch Patch162: Simplify-krb5_dbe_def_search_enctype.patch +Patch163: Squash-apparent-forward-null-in-clnttcp_create.patch +Patch164: Remove-null-check-in-krb5_gss_duplicate_name.patch License: MIT URL: https://web.mit.edu/kerberos/www/ @@ -727,6 +729,9 @@ exit 0 %{_libdir}/libkadm5srv_mit.so.* %changelog +* Thu Sep 12 2019 Robbie Harwood - 1.17-44 +- Static analyzer appeasement + * Tue Aug 27 2019 Robbie Harwood - 1.17-43 - Simplify krb5_dbe_def_search_enctype()