From 211bc475034488f20bfe74fe158bb8b7720fd534 Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Wed, 5 Nov 2014 08:59:08 +0000 Subject: [PATCH] Fix memory leaks in ipa-join Also remove dead code in ipa-join and add initializer to a variable in ipa-getkeytab to prevent false positives in static code analysis. https://fedorahosted.org/freeipa/ticket/4651 Reviewed-By: Alexander Bokovoy --- ipa-client/ipa-getkeytab.c | 2 +- ipa-client/ipa-join.c | 18 ++++++++---------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/ipa-client/ipa-getkeytab.c b/ipa-client/ipa-getkeytab.c index 7861e4e508ce956a92d80d2e91294215854a2a32..bb43c333dca6560807a120103a1cb535fa87b76a 100644 --- a/ipa-client/ipa-getkeytab.c +++ b/ipa-client/ipa-getkeytab.c @@ -794,7 +794,7 @@ int main(int argc, const char *argv[]) char *password = NULL; krb5_context krbctx; krb5_ccache ccache; - krb5_principal uprinc; + krb5_principal uprinc = NULL; krb5_principal sprinc; krb5_error_code krberr; struct keys_container keys = { 0 }; diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c index df33d3b08cf69a37ae9de76266a071825a95871f..46f64572dcaeb3be61dadf87a07520ad21fb4f47 100644 --- a/ipa-client/ipa-join.c +++ b/ipa-client/ipa-join.c @@ -463,14 +463,12 @@ static int join_ldap(const char *ipaserver, char *hostname, char ** binddn, const char *bindpw, const char *basedn, const char **princ, const char **subject, int quiet) { LDAP *ld; - char *filter = NULL; int rval = 0; char *oidresult = NULL; struct berval valrequest; struct berval *valresult = NULL; int rc, ret; char *ldap_base = NULL; - char *search_base = NULL; *binddn = NULL; *princ = NULL; @@ -542,16 +540,12 @@ join_ldap(const char *ipaserver, char *hostname, char ** binddn, const char *bin *princ = strdup(valresult->bv_val); ldap_done: - - free(filter); - free(search_base); - free(ldap_base); - if (ld != NULL) { ldap_unbind_ext(ld, NULL, NULL); } done: + free(ldap_base); if (valresult) ber_bvfree(valresult); if (oidresult) free(oidresult); return rval; @@ -815,7 +809,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int if (!quiet) fprintf(stderr, _("Error parsing \"%1$s\": %2$s.\n"), principal, error_message(krberr)); - return krberr; + rval = 4; + goto cleanup; } strcpy(tgs, KRB5_TGS_NAME); snprintf(tgs + strlen(tgs), sizeof(tgs) - strlen(tgs), "/%.*s", @@ -833,7 +828,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int if (!quiet) fprintf(stderr, _("Error obtaining initial credentials: %s.\n"), error_message(krberr)); - return krberr; + rval = 19; + goto cleanup; } krberr = krb5_cc_resolve(krbctx, "MEMORY:ipa-join", &ccache); @@ -852,7 +848,8 @@ unenroll_host(const char *server, const char *hostname, const char *ktname, int fprintf(stderr, _("Error storing creds in credential cache: %s.\n"), error_message(krberr)); - return krberr; + rval = 19; + goto cleanup; } krb5_cc_close(krbctx, ccache); ccache = NULL; @@ -914,6 +911,7 @@ cleanup: free(user_agent); if (keytab) krb5_kt_close(krbctx, keytab); + free(host); free((char *)principal); free((char *)ipaserver); if (princ) krb5_free_principal(krbctx, princ); -- 2.1.0