From 71ca378e4b7fb64f77bbf58ba15f4665072163bd Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Sat, 29 Mar 2008 01:08:31 +0000 Subject: [PATCH] Coverity CID 228: Possible use of uninitialized variable time_req in gss_add_cred if cred_usage has an invalid value. (Also flagged by GCC.) Changed validation routines for gss_add_cred, gss_acquire_cred, and gss_store_cred to check the cred_usage value. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20295 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/mechglue/g_acquire_cred.c | 21 ++++++++++++++++++++- src/lib/gssapi/mechglue/g_store_cred.c | 10 ++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/src/lib/gssapi/mechglue/g_acquire_cred.c b/src/lib/gssapi/mechglue/g_acquire_cred.c index 6d63e5b8f..fbe66681f 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred.c @@ -105,6 +105,16 @@ val_acq_cred_args( if (output_cred_handle == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); + if (cred_usage != GSS_C_ACCEPT + && cred_usage != GSS_C_INITIATE + && cred_usage != GSS_C_BOTH) { + if (minor_status) { + *minor_status = EINVAL; + map_errcode(minor_status); + } + return GSS_S_FAILURE; + } + return (GSS_S_COMPLETE); } @@ -281,9 +291,18 @@ val_add_cred_args( if (input_cred_handle == GSS_C_NO_CREDENTIAL && output_cred_handle == NULL) - return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED); + if (cred_usage != GSS_C_ACCEPT + && cred_usage != GSS_C_INITIATE + && cred_usage != GSS_C_BOTH) { + if (minor_status) { + *minor_status = EINVAL; + map_errcode(minor_status); + } + return GSS_S_FAILURE; + } + return (GSS_S_COMPLETE); } diff --git a/src/lib/gssapi/mechglue/g_store_cred.c b/src/lib/gssapi/mechglue/g_store_cred.c index b02f7069a..d9a7d9adc 100644 --- a/src/lib/gssapi/mechglue/g_store_cred.c +++ b/src/lib/gssapi/mechglue/g_store_cred.c @@ -39,6 +39,16 @@ val_store_cred_args( if (input_cred_handle == GSS_C_NO_CREDENTIAL) return (GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CRED); + if (cred_usage != GSS_C_ACCEPT + && cred_usage != GSS_C_INITIATE + && cred_usage != GSS_C_BOTH) { + if (minor_status) { + *minor_status = EINVAL; + map_errcode(minor_status); + } + return GSS_S_FAILURE; + } + return (GSS_S_COMPLETE); } -- 2.26.2