From 59d100702e148ac61600327f6ad5048097b6e887 Mon Sep 17 00:00:00 2001 From: Zhanna Tsitkov Date: Fri, 30 Jan 2009 20:40:46 +0000 Subject: [PATCH] Changed the name match_config_pattern to krb5_match_config_pattern. Check strdup return code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21838 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/adm_proto.h | 2 +- src/kdc/do_tgs_req.c | 8 +-- src/kdc/main.c | 76 ++++++++++++++++++++++----- src/lib/kadm5/alt_prof.c | 6 +-- src/lib/kadm5/srv/libkadm5srv.exports | 2 +- 5 files changed, 71 insertions(+), 23 deletions(-) diff --git a/src/include/adm_proto.h b/src/include/adm_proto.h index 9028da1a4..47d500d0d 100644 --- a/src/include/adm_proto.h +++ b/src/include/adm_proto.h @@ -97,7 +97,7 @@ krb5_error_code krb5_read_realm_params (krb5_context, krb5_realm_params **); krb5_error_code krb5_free_realm_params (krb5_context, krb5_realm_params *); -krb5_boolean match_config_pattern(const char *, const char *); +krb5_boolean krb5_match_config_pattern(const char *, const char *); /* str_conv.c */ krb5_error_code diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c index 958f212b2..084300256 100644 --- a/src/kdc/do_tgs_req.c +++ b/src/kdc/do_tgs_req.c @@ -1082,11 +1082,11 @@ prep_reprocess_req(krb5_kdc_req *request, krb5_principal *krbtgt_princ) if ((krb5_princ_type(kdc_context, request->server) == KRB5_NT_SRV_HST || (krb5_princ_type(kdc_context, request->server) == KRB5_NT_UNKNOWN && kdc_active_realm->realm_host_based_services != NULL && - (match_config_pattern(kdc_active_realm->realm_host_based_services, comp1_str) == TRUE || - match_config_pattern(kdc_active_realm->realm_host_based_services, "*") == TRUE))) && + (krb5_match_config_pattern(kdc_active_realm->realm_host_based_services, comp1_str) == TRUE || + krb5_match_config_pattern(kdc_active_realm->realm_host_based_services, "*") == TRUE))) && (kdc_active_realm->realm_no_host_referral == NULL || - (match_config_pattern(kdc_active_realm->realm_no_host_referral, "*") == FALSE && - match_config_pattern(kdc_active_realm->realm_no_host_referral, comp1_str) == FALSE))) { + (krb5_match_config_pattern(kdc_active_realm->realm_no_host_referral, "*") == FALSE && + krb5_match_config_pattern(kdc_active_realm->realm_no_host_referral, comp1_str) == FALSE))) { for (len=0; len < comp2->length; len++) { if (comp2->data[len] == '.') break; diff --git a/src/kdc/main.c b/src/kdc/main.c index b908d594b..b9334680b 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -173,13 +173,17 @@ handle_referral_params(krb5_realm_params *rparams, { krb5_error_code retval = 0; - if (no_refrls && match_config_pattern(no_refrls, "*") == TRUE) + if (no_refrls && krb5_match_config_pattern(no_refrls, "*") == TRUE) { rdp->realm_no_host_referral = strdup("*"); - else { + if (!rdp->realm_no_host_referral) + retval = ENOMEM; + } else { if (rparams && rparams->realm_no_host_referral) { - if (match_config_pattern(rparams->realm_no_host_referral, "*") == TRUE) + if (krb5_match_config_pattern(rparams->realm_no_host_referral, "*") == TRUE) { rdp->realm_no_host_referral = strdup("*"); - else if (no_refrls && (asprintf(&(rdp->realm_no_host_referral), "%s%s%s%s%s", + if (!rdp->realm_no_host_referral) + retval = ENOMEM; + } else if (no_refrls && (asprintf(&(rdp->realm_no_host_referral), "%s%s%s%s%s", " ", no_refrls," ",rparams->realm_no_host_referral, " ") < 0)) retval = ENOMEM; else if (asprintf(&(rdp->realm_no_host_referral),"%s%s%s", " ", @@ -191,18 +195,22 @@ handle_referral_params(krb5_realm_params *rparams, rdp->realm_no_host_referral = NULL; } - if (rdp->realm_no_host_referral && match_config_pattern(rdp->realm_no_host_referral, "*") == TRUE) { + if (rdp->realm_no_host_referral && krb5_match_config_pattern(rdp->realm_no_host_referral, "*") == TRUE) { rdp->realm_host_based_services = NULL; return 0; } - if (host_based_srvcs && (match_config_pattern(host_based_srvcs, "*") == TRUE)) + if (host_based_srvcs && (krb5_match_config_pattern(host_based_srvcs, "*") == TRUE)) { rdp->realm_host_based_services = strdup("*"); - else { + if (!rdp->realm_host_based_services) + retval = ENOMEM; + } else { if (rparams && rparams->realm_host_based_services) { - if (match_config_pattern(rparams->realm_host_based_services, "*") == TRUE) + if (krb5_match_config_pattern(rparams->realm_host_based_services, "*") == TRUE) { rdp->realm_host_based_services = strdup("*"); - else if (host_based_srvcs && asprintf(&(rdp->realm_host_based_services), "%s%s%s%s%s", + if (!rdp->realm_host_based_services) + retval = ENOMEM; + } else if (host_based_srvcs && asprintf(&(rdp->realm_host_based_services), "%s%s%s%s%s", " ", host_based_srvcs," ",rparams->realm_host_based_services, " ") < 0) retval = ENOMEM; else if (asprintf(&(rdp->realm_host_based_services),"%s%s%s", " ", @@ -257,8 +265,13 @@ init_realm(char *progname, kdc_realm_t *rdp, char *realm, } /* Handle profile file name */ - if (rparams && rparams->realm_profile) + if (rparams && rparams->realm_profile) { rdp->realm_profile = strdup(rparams->realm_profile); + if (!rdp->realm_profile) { + kret = ENOMEM; + goto whoops; + } + } /* Handle master key name */ if (rparams && rparams->realm_mkey_name) @@ -266,20 +279,35 @@ init_realm(char *progname, kdc_realm_t *rdp, char *realm, else rdp->realm_mpname = (def_mpname) ? strdup(def_mpname) : strdup(KRB5_KDB_M_NAME); + if (!rdp->realm_mpname) { + kret = ENOMEM; + goto whoops; + } /* Handle KDC ports */ if (rparams && rparams->realm_kdc_ports) rdp->realm_ports = strdup(rparams->realm_kdc_ports); else rdp->realm_ports = strdup(def_udp_ports); + if (!rdp->realm_ports) { + kret = ENOMEM; + goto whoops; + } if (rparams && rparams->realm_kdc_tcp_ports) rdp->realm_tcp_ports = strdup(rparams->realm_kdc_tcp_ports); else rdp->realm_tcp_ports = strdup(def_tcp_ports); - + if (!rdp->realm_tcp_ports) { + kret = ENOMEM; + goto whoops; + } /* Handle stash file */ if (rparams && rparams->realm_stash_file) { rdp->realm_stash = strdup(rparams->realm_stash_file); + if (!rdp->realm_stash) { + kret = ENOMEM; + goto whoops; + } manual = FALSE; } else manual = def_manual; @@ -519,7 +547,7 @@ initialize_realms(krb5_context kcontext, int argc, char **argv) hierarchy[1] = "no_host_referral"; if (krb5_aprof_get_string_all(aprof, hierarchy, &no_refrls)) no_refrls = 0; - if (!no_refrls || match_config_pattern(no_refrls, "*") == FALSE) { + if (!no_refrls || krb5_match_config_pattern(no_refrls, "*") == FALSE) { hierarchy[1] = "host_based_services"; if (krb5_aprof_get_string_all(aprof, hierarchy, &host_based_srvcs)) host_based_srvcs = 0; @@ -530,10 +558,22 @@ initialize_realms(krb5_context kcontext, int argc, char **argv) krb5_aprof_finish(aprof); } - if (default_udp_ports == 0) + if (default_udp_ports == 0) { default_udp_ports = strdup(DEFAULT_KDC_UDP_PORTLIST); - if (default_tcp_ports == 0) + if (default_udp_ports == 0) { + fprintf(stderr," KDC cannot initialize. Not enough memory\n"); + exit(1); + } + } + if (default_tcp_ports == 0) { default_tcp_ports = strdup(DEFAULT_KDC_TCP_PORTLIST); + default_tcp_ports = strdup(DEFAULT_KDC_TCP_PORTLIST); + if (default_tcp_ports == 0) { + fprintf(stderr," KDC cannot initialize. Not enough memory\n"); + exit(1); + } + } + /* * Loop through the option list. Each time we encounter a realm name, * use the previously scanned options to fill in for defaults. @@ -629,6 +669,10 @@ initialize_realms(krb5_context kcontext, int argc, char **argv) if (default_udp_ports) free(default_udp_ports); default_udp_ports = strdup(optarg); + if (!default_udp_ports) { + fprintf(stderr," KDC cannot initialize. Not enough memory\n"); + exit(1); + } #if 0 /* not yet */ if (default_tcp_ports) free(default_tcp_ports); @@ -693,6 +737,10 @@ initialize_realms(krb5_context kcontext, int argc, char **argv) free(db_args); if (db_name) free(db_name); + if (host_based_srvcs) + free(host_based_srvcs); + if (no_refrls) + free(no_refrls); return; } diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c index 7fb35a5c8..ae9d84c7f 100644 --- a/src/lib/kadm5/alt_prof.c +++ b/src/lib/kadm5/alt_prof.c @@ -39,7 +39,7 @@ #include #include -krb5_boolean match_config_pattern(const char *, const char*); +krb5_boolean krb5_match_config_pattern(const char *, const char*); static krb5_key_salt_tuple *copy_key_salt_tuple(ksalt, len) krb5_key_salt_tuple *ksalt; krb5_int32 len; @@ -1035,7 +1035,7 @@ krb5_read_realm_params(kcontext, realm, rparamp) else no_refrls = 0; - if (!no_refrls || match_config_pattern(no_refrls, "*") == FALSE) { + if (!no_refrls || krb5_match_config_pattern(no_refrls, "*") == FALSE) { hierarchy[2] = "host_based_services"; if (!krb5_aprof_get_string_all(aprofile, hierarchy, &host_based_srvcs)) rparams->realm_host_based_services = host_based_srvcs; @@ -1124,7 +1124,7 @@ krb5_free_realm_params(kcontext, rparams) * In conf file the values are separates by commas or whitespaces. */ krb5_boolean -match_config_pattern(const char *string, const char *pattern) +krb5_match_config_pattern(const char *string, const char *pattern) { const char *ptr; char next = '\0'; diff --git a/src/lib/kadm5/srv/libkadm5srv.exports b/src/lib/kadm5/srv/libkadm5srv.exports index 46a73ef9d..a02577667 100644 --- a/src/lib/kadm5/srv/libkadm5srv.exports +++ b/src/lib/kadm5/srv/libkadm5srv.exports @@ -84,7 +84,7 @@ krb5_klog_syslog krb5_read_realm_params krb5_string_to_flags krb5_string_to_keysalts -match_config_pattern +krb5_match_config_pattern master_db master_keyblock master_princ -- 2.26.2