|
 |
e3ffab |
From 211bc475034488f20bfe74fe158bb8b7720fd534 Mon Sep 17 00:00:00 2001
|
|
|
e3ffab |
From: Jan Cholasta <jcholast@redhat.com>
|
|
|
e3ffab |
Date: Wed, 5 Nov 2014 08:59:08 +0000
|
|
|
e3ffab |
Subject: [PATCH] Fix memory leaks in ipa-join
|
|
|
e3ffab |
|
|
|
e3ffab |
Also remove dead code in ipa-join and add initializer to a variable in
|
|
|
e3ffab |
ipa-getkeytab to prevent false positives in static code analysis.
|
|
|
e3ffab |
|
|
|
e3ffab |
https://fedorahosted.org/freeipa/ticket/4651
|
|
|
e3ffab |
|
|
|
e3ffab |
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
e3ffab |
---
|
|
|
e3ffab |
ipa-client/ipa-getkeytab.c | 2 +-
|
|
|
e3ffab |
ipa-client/ipa-join.c | 18 ++++++++----------
|
|
|
e3ffab |
2 files changed, 9 insertions(+), 11 deletions(-)
|
|
|
e3ffab |
|
|
|
e3ffab |
diff --git a/ipa-client/ipa-getkeytab.c b/ipa-client/ipa-getkeytab.c
|
|
|
e3ffab |
index 7861e4e508ce956a92d80d2e91294215854a2a32..bb43c333dca6560807a120103a1cb535fa87b76a 100644
|
|
|
e3ffab |
--- a/ipa-client/ipa-getkeytab.c
|
|
|
e3ffab |
+++ b/ipa-client/ipa-getkeytab.c
|
|
|
e3ffab |
@@ -794,7 +794,7 @@ int main(int argc, const char *argv[])
|
|
|
e3ffab |
char *password = NULL;
|
|
|
e3ffab |
krb5_context krbctx;
|
|
|
e3ffab |
krb5_ccache ccache;
|
|
|
e3ffab |
- krb5_principal uprinc;
|
|
|
e3ffab |
+ krb5_principal uprinc = NULL;
|
|
|
e3ffab |
krb5_principal sprinc;
|
|
|
e3ffab |
krb5_error_code krberr;
|
|
|
e3ffab |
struct keys_container keys = { 0 };
|
|
|
e3ffab |
diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c
|
|
|
e3ffab |
index df33d3b08cf69a37ae9de76266a071825a95871f..46f64572dcaeb3be61dadf87a07520ad21fb4f47 100644
|
|
|
e3ffab |
--- a/ipa-client/ipa-join.c
|
|
|
e3ffab |
+++ b/ipa-client/ipa-join.c
|
|
|
e3ffab |
@@ -463,14 +463,12 @@ static int
|
|
|
e3ffab |
join_ldap(const char *ipaserver, char *hostname, char ** binddn, const char *bindpw, const char *basedn, const char **princ, const char **subject, int quiet)
|
|
|
e3ffab |
{
|
|
|
e3ffab |
LDAP *ld;
|
|
|
e3ffab |
- char *filter = NULL;
|
|
|
e3ffab |
int rval = 0;
|
|
|
e3ffab |
char *oidresult = NULL;
|
|
|
e3ffab |
struct berval valrequest;
|
|
|
e3ffab |
struct berval *valresult = NULL;
|
|
|
e3ffab |
int rc, ret;
|
|
|
e3ffab |
char *ldap_base = NULL;
|
|
|
e3ffab |
- char *search_base = NULL;
|
|
|
e3ffab |
|
|
|
e3ffab |
*binddn = NULL;
|
|
|
e3ffab |
*princ = NULL;
|
|
|
e3ffab |
@@ -542,16 +540,12 @@ join_ldap(const char *ipaserver, char *hostname, char ** binddn, const char *bin
|
|
|
e3ffab |
*princ = strdup(valresult->bv_val);
|
|
|
e3ffab |
|
|
|
e3ffab |
ldap_done:
|
|
|
e3ffab |
-
|
|
|
e3ffab |
- free(filter);
|
|
|
e3ffab |
- free(search_base);
|
|
|
e3ffab |
- free(ldap_base);
|
|
|
e3ffab |
-
|
|
|
e3ffab |
if (ld != NULL) {
|
|
|
e3ffab |
ldap_unbind_ext(ld, NULL, NULL);
|
|
|
e3ffab |
}
|
|
|
e3ffab |
|
|
|
e3ffab |
done:
|
|
|
e3ffab |
+ free(ldap_base);
|
|
|
e3ffab |
if (valresult) ber_bvfree(valresult);
|
|
|
e3ffab |
if (oidresult) free(oidresult);
|
|
|
e3ffab |
return rval;
|
|
|
e3ffab |
@@ -815,7 +809,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
|
|
|
e3ffab |
if (!quiet)
|
|
|
e3ffab |
fprintf(stderr, _("Error parsing \"%1$s\": %2$s.\n"),
|
|
|
e3ffab |
principal, error_message(krberr));
|
|
|
e3ffab |
- return krberr;
|
|
|
e3ffab |
+ rval = 4;
|
|
|
e3ffab |
+ goto cleanup;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
strcpy(tgs, KRB5_TGS_NAME);
|
|
|
e3ffab |
snprintf(tgs + strlen(tgs), sizeof(tgs) - strlen(tgs), "/%.*s",
|
|
|
e3ffab |
@@ -833,7 +828,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
|
|
|
e3ffab |
if (!quiet)
|
|
|
e3ffab |
fprintf(stderr, _("Error obtaining initial credentials: %s.\n"),
|
|
|
e3ffab |
error_message(krberr));
|
|
|
e3ffab |
- return krberr;
|
|
|
e3ffab |
+ rval = 19;
|
|
|
e3ffab |
+ goto cleanup;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
|
|
|
e3ffab |
krberr = krb5_cc_resolve(krbctx, "MEMORY:ipa-join", &ccache);
|
|
|
e3ffab |
@@ -852,7 +848,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int
|
|
|
e3ffab |
fprintf(stderr,
|
|
|
e3ffab |
_("Error storing creds in credential cache: %s.\n"),
|
|
|
e3ffab |
error_message(krberr));
|
|
|
e3ffab |
- return krberr;
|
|
|
e3ffab |
+ rval = 19;
|
|
|
e3ffab |
+ goto cleanup;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
krb5_cc_close(krbctx, ccache);
|
|
|
e3ffab |
ccache = NULL;
|
|
|
e3ffab |
@@ -914,6 +911,7 @@ cleanup:
|
|
|
e3ffab |
|
|
|
e3ffab |
free(user_agent);
|
|
|
e3ffab |
if (keytab) krb5_kt_close(krbctx, keytab);
|
|
|
e3ffab |
+ free(host);
|
|
|
e3ffab |
free((char *)principal);
|
|
|
e3ffab |
free((char *)ipaserver);
|
|
|
e3ffab |
if (princ) krb5_free_principal(krbctx, princ);
|
|
|
e3ffab |
--
|
|
|
e3ffab |
2.1.0
|
|
|
e3ffab |
|