rpms/krb5
6
0
Fork 0
Code Issues Pull Requests Releases Activity
da5db561e5
krb5/Fix-minor-static-analysis-defects.patch
DistroBaker da5db561e5 Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/krb5.git#b783a5421cf5820f19f2e3aeb999ad24de39747e
2020-11-24 18:42:16 +00:00

107 lines
4.4 KiB
Diff
Raw Blame History

From a33dc1cfb0ebecb67cc7f38258303492a552cb73 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Thu, 15 Oct 2020 18:15:29 -0400
Subject: [PATCH] Fix minor static analysis defects
Remove an unused variable in krb5_ldap_create(). Handle the return
value from krb5_dbe_get_string() in the certauth test plugin module.
Handle the return value from k5_expand_path_tokens() in
k5_rc_default(). Remove dead assignments in
krb5_get_credentials_for_user() and kg_accept_krb5().
[ghudson@mit.edu: squashed and edited commit message; simplified
k5_rc_default() change]
(cherry picked from commit b27461141810fddd299764928649148c5d0e99f3)
---
src/lib/gssapi/krb5/accept_sec_context.c | 4 +---
src/lib/krb5/krb/s4u_creds.c | 1 -
src/lib/krb5/rcache/rc_base.c | 2 ++
src/plugins/certauth/test/main.c | 3 +++
src/plugins/kdb/ldap/libkdb_ldap/ldap_create.c | 4 ----
5 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index 3d5b84b15..e2c5e2b59 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -671,7 +671,7 @@ kg_accept_krb5(minor_status, context_handle,
krb5_auth_context auth_context = NULL;
krb5_ticket * ticket = NULL;
const gss_OID_desc *mech_used = NULL;
- OM_uint32 major_status = GSS_S_FAILURE;
+ OM_uint32 major_status;
OM_uint32 tmp_minor_status;
krb5_error krb_error_data;
krb5_data scratch;
@@ -878,8 +878,6 @@ kg_accept_krb5(minor_status, context_handle,
if (major_status != GSS_S_COMPLETE)
goto fail;
- major_status = GSS_S_FAILURE;
-
if (exts->iakerb.conv && !exts->iakerb.verified) {
major_status = GSS_S_BAD_SIG;
goto fail;
diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c
index d8f486dc6..35a8843e5 100644
--- a/src/lib/krb5/krb/s4u_creds.c
+++ b/src/lib/krb5/krb/s4u_creds.c
@@ -714,7 +714,6 @@ krb5_get_credentials_for_user(krb5_context context, krb5_flags options,
} else if (code != KRB5_CC_NOTFOUND && code != KRB5_CC_NOT_KTYPE) {
goto cleanup;
}
- code = 0;
}
/* Note the authdata we asked for in the output creds. */
diff --git a/src/lib/krb5/rcache/rc_base.c b/src/lib/krb5/rcache/rc_base.c
index 5f456d1f3..f9a482318 100644
--- a/src/lib/krb5/rcache/rc_base.c
+++ b/src/lib/krb5/rcache/rc_base.c
@@ -56,6 +56,8 @@ k5_rc_default(krb5_context context, krb5_rcache *rc_out)
&profstr) == 0 && profstr != NULL) {
ret = k5_expand_path_tokens(context, profstr, &rcname);
profile_release_string(profstr);
+ if (ret)
+ return ret;
ret = k5_rc_resolve(context, rcname, rc_out);
free(rcname);
return ret;
diff --git a/src/plugins/certauth/test/main.c b/src/plugins/certauth/test/main.c
index d4633b8cd..7e7a3ef4c 100644
--- a/src/plugins/certauth/test/main.c
+++ b/src/plugins/certauth/test/main.c
@@ -171,6 +171,9 @@ test2_authorize(krb5_context context, krb5_certauth_moddata moddata,
ret = krb5_dbe_get_string(context, (krb5_db_entry *)db_entry, "hwauth",
&strval);
+ if (ret)
+ goto cleanup;
+
ret = (strval != NULL) ? KRB5_CERTAUTH_HWAUTH : 0;
krb5_dbe_free_string(context, strval);
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_create.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_create.c
index 5b57c799a..2d6605666 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_create.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_create.c
@@ -55,7 +55,6 @@ krb5_ldap_create(krb5_context context, char *conf_section, char **db_args)
krb5_error_code status = 0;
krb5_ldap_realm_params *rparams = NULL;
krb5_ldap_context *ldap_context=NULL;
- krb5_boolean realm_obj_created = FALSE;
int mask = 0;
/* Clear the global error string */
@@ -109,9 +108,6 @@ krb5_ldap_create(krb5_context context, char *conf_section, char **db_args)
if ((status = krb5_ldap_create_realm(context, rparams, mask)))
goto cleanup;
- /* We just created the Realm container. Here starts our transaction tracking */
- realm_obj_created = TRUE;
-
/* verify realm object */
if ((status = krb5_ldap_read_realm_params(context,
rparams->realm_name,
Reference in New Issue View Git Blame Copy Permalink