From 83731efbbbb03a26a3f2740c79afadca56974ead Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Tue, 10 Feb 2009 02:01:58 +0000 Subject: [PATCH] Adjust the structure of krb5_decode.c functions to initialize output parameters to NULL and not set them to the real values until a successful return is guaranteed. Also fix get_eoc which was returning without clean_return. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21940 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/asn.1/krb5_decode.c | 807 +++++++++++++++++-------------- 1 file changed, 432 insertions(+), 375 deletions(-) diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c index 2d9a3daf7..79501bc96 100644 --- a/src/lib/krb5/asn.1/krb5_decode.c +++ b/src/lib/krb5/asn.1/krb5_decode.c @@ -35,32 +35,34 @@ /* set up variables */ /* the setup* macros can return, but are always used at function start and thus need no malloc cleanup */ -#define setup_buf_only()\ +#define setup_buf_only(type)\ asn1_error_code retval;\ asn1buf buf;\ +type rep = NULL;\ \ +*repptr = NULL;\ retval = asn1buf_wrap_data(&buf,code);\ if (retval) return retval -#define setup_no_tagnum()\ +#define setup_no_tagnum(type)\ asn1_class asn1class;\ asn1_construction construction;\ -setup_buf_only() +setup_buf_only(type) -#define setup_no_length()\ +#define setup_no_length(type)\ asn1_tagnum tagnum;\ -setup_no_tagnum() +setup_no_tagnum(type) -#define setup()\ +#define setup(type)\ unsigned int length;\ -setup_no_length() +setup_no_length(type) /* helper macros for cleanup */ #define clean_return(val) { retval = val; goto error_out; } /* alloc_field is the first thing to allocate storage that may need cleanup */ -#define alloc_field(var,type)\ -var = (type*)calloc(1,sizeof(type));\ +#define alloc_field(var)\ +var = calloc(1,sizeof(*var));\ if ((var) == NULL) clean_return(ENOMEM) /* process encoding header ***************************************/ @@ -111,7 +113,7 @@ asn1_get_eoc_tag (asn1buf *buf) #define get_eoc() \ { \ retval = asn1_get_eoc_tag(&subbuf); \ - if (retval) return retval; \ + if (retval) clean_return(retval); \ } /* decode sequence header and initialize tagnum with the first field */ @@ -196,30 +198,32 @@ get_lenfield_body(len,var,decoder) /* finish up */ /* to make things less painful, assume the cleanup is passed rep */ #define cleanup(cleanup_routine)\ + *repptr = rep; \ return 0; \ error_out: \ - if (rep && *rep) { \ - cleanup_routine(*rep); \ - *rep = NULL; \ - } \ + if (rep) \ + cleanup_routine(rep); \ return retval; #define cleanup_none()\ + *repptr = rep; \ return 0; \ error_out: \ return retval; #define cleanup_manual()\ + *repptr = rep; \ return 0; #define free_field(rep,f) free((rep)->f) -#define clear_field(rep,f) (*(rep))->f = 0 +#define clear_field(rep,f) (rep)->f = 0 #ifndef LEAN_CLIENT -krb5_error_code decode_krb5_authenticator(const krb5_data *code, krb5_authenticator **rep) +krb5_error_code +decode_krb5_authenticator(const krb5_data *code, krb5_authenticator **repptr) { - setup(); - alloc_field(*rep,krb5_authenticator); + setup(krb5_authenticator *); + alloc_field(rep); clear_field(rep,subkey); clear_field(rep,checksum); clear_field(rep,client); @@ -229,29 +233,28 @@ krb5_error_code decode_krb5_authenticator(const krb5_data *code, krb5_authentica { krb5_kvno kvno; get_field(kvno,0,asn1_decode_kvno); if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); } - alloc_field((*rep)->client,krb5_principal_data); - get_field((*rep)->client,1,asn1_decode_realm); - get_field((*rep)->client,2,asn1_decode_principal_name); + alloc_field(rep->client); + get_field(rep->client,1,asn1_decode_realm); + get_field(rep->client,2,asn1_decode_principal_name); if (tagnum == 3) { - alloc_field((*rep)->checksum,krb5_checksum); - get_field(*((*rep)->checksum),3,asn1_decode_checksum); } - get_field((*rep)->cusec,4,asn1_decode_int32); - get_field((*rep)->ctime,5,asn1_decode_kerberos_time); - if (tagnum == 6) { alloc_field((*rep)->subkey,krb5_keyblock); } - opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key); - opt_field((*rep)->seq_number,7,asn1_decode_seqnum); - opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data); - (*rep)->magic = KV5M_AUTHENTICATOR; + alloc_field(rep->checksum); + get_field(*(rep->checksum),3,asn1_decode_checksum); } + get_field(rep->cusec,4,asn1_decode_int32); + get_field(rep->ctime,5,asn1_decode_kerberos_time); + if (tagnum == 6) { alloc_field(rep->subkey); } + opt_field(*(rep->subkey),6,asn1_decode_encryption_key); + opt_field(rep->seq_number,7,asn1_decode_seqnum); + opt_field(rep->authorization_data,8,asn1_decode_authorization_data); + rep->magic = KV5M_AUTHENTICATOR; end_structure(); } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,subkey); - free_field(*rep,checksum); - free_field(*rep,client); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,subkey); + free_field(rep,checksum); + free_field(rep,client); + free(rep); } return retval; } @@ -259,15 +262,16 @@ error_out: krb5_error_code KRB5_CALLCONV -krb5_decode_ticket(const krb5_data *code, krb5_ticket **rep) +krb5_decode_ticket(const krb5_data *code, krb5_ticket **repptr) { - return decode_krb5_ticket(code, rep); + return decode_krb5_ticket(code, repptr); } -krb5_error_code decode_krb5_ticket(const krb5_data *code, krb5_ticket **rep) +krb5_error_code +decode_krb5_ticket(const krb5_data *code, krb5_ticket **repptr) { - setup(); - alloc_field(*rep,krb5_ticket); + setup(krb5_ticket *); + alloc_field(rep); clear_field(rep,server); check_apptag(1); @@ -276,130 +280,135 @@ krb5_error_code decode_krb5_ticket(const krb5_data *code, krb5_ticket **rep) get_field(kvno,0,asn1_decode_kvno); if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); } - alloc_field((*rep)->server,krb5_principal_data); - get_field((*rep)->server,1,asn1_decode_realm); - get_field((*rep)->server,2,asn1_decode_principal_name); - get_field((*rep)->enc_part,3,asn1_decode_encrypted_data); - (*rep)->magic = KV5M_TICKET; + alloc_field(rep->server); + get_field(rep->server,1,asn1_decode_realm); + get_field(rep->server,2,asn1_decode_principal_name); + get_field(rep->enc_part,3,asn1_decode_encrypted_data); + rep->magic = KV5M_TICKET; end_structure(); } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,server); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,server); + free(rep); } return retval; } -krb5_error_code decode_krb5_encryption_key(const krb5_data *code, krb5_keyblock **rep) +krb5_error_code +decode_krb5_encryption_key(const krb5_data *code, krb5_keyblock **repptr) { - setup(); - alloc_field(*rep,krb5_keyblock); + setup(krb5_keyblock *); + alloc_field(rep); { begin_structure(); - get_field((*rep)->enctype,0,asn1_decode_enctype); - get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring); + get_field(rep->enctype,0,asn1_decode_enctype); + get_lenfield(rep->length,rep->contents,1,asn1_decode_octetstring); end_structure(); - (*rep)->magic = KV5M_KEYBLOCK; + rep->magic = KV5M_KEYBLOCK; } cleanup(free); } -krb5_error_code decode_krb5_enc_tkt_part(const krb5_data *code, krb5_enc_tkt_part **rep) +krb5_error_code +decode_krb5_enc_tkt_part(const krb5_data *code, krb5_enc_tkt_part **repptr) { - setup(); - alloc_field(*rep,krb5_enc_tkt_part); + setup(krb5_enc_tkt_part *); + alloc_field(rep); clear_field(rep,session); clear_field(rep,client); check_apptag(3); { begin_structure(); - get_field((*rep)->flags,0,asn1_decode_ticket_flags); - alloc_field((*rep)->session,krb5_keyblock); - get_field(*((*rep)->session),1,asn1_decode_encryption_key); - alloc_field((*rep)->client,krb5_principal_data); - get_field((*rep)->client,2,asn1_decode_realm); - get_field((*rep)->client,3,asn1_decode_principal_name); - get_field((*rep)->transited,4,asn1_decode_transited_encoding); - get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time); + get_field(rep->flags,0,asn1_decode_ticket_flags); + alloc_field(rep->session); + get_field(*(rep->session),1,asn1_decode_encryption_key); + alloc_field(rep->client); + get_field(rep->client,2,asn1_decode_realm); + get_field(rep->client,3,asn1_decode_principal_name); + get_field(rep->transited,4,asn1_decode_transited_encoding); + get_field(rep->times.authtime,5,asn1_decode_kerberos_time); if (tagnum == 6) - { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); } + { get_field(rep->times.starttime,6,asn1_decode_kerberos_time); } else - (*rep)->times.starttime=(*rep)->times.authtime; - get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time); - opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time); - opt_field((*rep)->caddrs,9,asn1_decode_host_addresses); - opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data); - (*rep)->magic = KV5M_ENC_TKT_PART; + rep->times.starttime=rep->times.authtime; + get_field(rep->times.endtime,7,asn1_decode_kerberos_time); + opt_field(rep->times.renew_till,8,asn1_decode_kerberos_time); + opt_field(rep->caddrs,9,asn1_decode_host_addresses); + opt_field(rep->authorization_data,10,asn1_decode_authorization_data); + rep->magic = KV5M_ENC_TKT_PART; end_structure(); } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,session); - free_field(*rep,client); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,session); + free_field(rep,client); + free(rep); } return retval; } -krb5_error_code decode_krb5_enc_kdc_rep_part(const krb5_data *code, krb5_enc_kdc_rep_part **rep) +krb5_error_code +decode_krb5_enc_kdc_rep_part(const krb5_data *code, + krb5_enc_kdc_rep_part **repptr) { taginfo t4; - setup_buf_only(); - alloc_field(*rep,krb5_enc_kdc_rep_part); + setup_buf_only(krb5_enc_kdc_rep_part *); + alloc_field(rep); retval = asn1_get_tag_2(&buf, &t4); if (retval) clean_return(retval); if (t4.asn1class != APPLICATION || t4.construction != CONSTRUCTED) clean_return(ASN1_BAD_ID); - if (t4.tagnum == 25) (*rep)->msg_type = KRB5_AS_REP; - else if (t4.tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP; + if (t4.tagnum == 25) rep->msg_type = KRB5_AS_REP; + else if (t4.tagnum == 26) rep->msg_type = KRB5_TGS_REP; else clean_return(KRB5_BADMSGTYPE); - retval = asn1_decode_enc_kdc_rep_part(&buf,*rep); + retval = asn1_decode_enc_kdc_rep_part(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_as_rep(const krb5_data *code, krb5_kdc_rep **rep) +krb5_error_code +decode_krb5_as_rep(const krb5_data *code, krb5_kdc_rep **repptr) { - setup_no_length(); - alloc_field(*rep,krb5_kdc_rep); + setup_no_length(krb5_kdc_rep *); + alloc_field(rep); check_apptag(11); - retval = asn1_decode_kdc_rep(&buf,*rep); + retval = asn1_decode_kdc_rep(&buf,rep); if (retval) clean_return(retval); #ifdef KRB5_MSGTYPE_STRICT - if ((*rep)->msg_type != KRB5_AS_REP) + if (rep->msg_type != KRB5_AS_REP) clean_return(KRB5_BADMSGTYPE); #endif cleanup(free); } -krb5_error_code decode_krb5_tgs_rep(const krb5_data *code, krb5_kdc_rep **rep) +krb5_error_code +decode_krb5_tgs_rep(const krb5_data *code, krb5_kdc_rep **repptr) { - setup_no_length(); - alloc_field(*rep,krb5_kdc_rep); + setup_no_length(krb5_kdc_rep *); + alloc_field(rep); check_apptag(13); - retval = asn1_decode_kdc_rep(&buf,*rep); + retval = asn1_decode_kdc_rep(&buf,rep); if (retval) clean_return(retval); #ifdef KRB5_MSGTYPE_STRICT - if ((*rep)->msg_type != KRB5_TGS_REP) clean_return(KRB5_BADMSGTYPE); + if (rep->msg_type != KRB5_TGS_REP) clean_return(KRB5_BADMSGTYPE); #endif cleanup(free); } -krb5_error_code decode_krb5_ap_req(const krb5_data *code, krb5_ap_req **rep) +krb5_error_code +decode_krb5_ap_req(const krb5_data *code, krb5_ap_req **repptr) { - setup(); - alloc_field(*rep,krb5_ap_req); + setup(krb5_ap_req *); + alloc_field(rep); clear_field(rep,ticket); check_apptag(14); @@ -413,27 +422,27 @@ krb5_error_code decode_krb5_ap_req(const krb5_data *code, krb5_ap_req **rep) if (msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE); #endif } - get_field((*rep)->ap_options,2,asn1_decode_ap_options); - alloc_field((*rep)->ticket,krb5_ticket); - get_field(*((*rep)->ticket),3,asn1_decode_ticket); - get_field((*rep)->authenticator,4,asn1_decode_encrypted_data); + get_field(rep->ap_options,2,asn1_decode_ap_options); + alloc_field(rep->ticket); + get_field(*(rep->ticket),3,asn1_decode_ticket); + get_field(rep->authenticator,4,asn1_decode_encrypted_data); end_structure(); - (*rep)->magic = KV5M_AP_REQ; + rep->magic = KV5M_AP_REQ; } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,ticket); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,ticket); + free(rep); } return retval; } -krb5_error_code decode_krb5_ap_rep(const krb5_data *code, krb5_ap_rep **rep) +krb5_error_code +decode_krb5_ap_rep(const krb5_data *code, krb5_ap_rep **repptr) { - setup(); - alloc_field(*rep,krb5_ap_rep); + setup(krb5_ap_rep *); + alloc_field(rep); check_apptag(15); { begin_structure(); @@ -446,75 +455,79 @@ krb5_error_code decode_krb5_ap_rep(const krb5_data *code, krb5_ap_rep **rep) if (msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE); #endif } - get_field((*rep)->enc_part,2,asn1_decode_encrypted_data); + get_field(rep->enc_part,2,asn1_decode_encrypted_data); end_structure(); - (*rep)->magic = KV5M_AP_REP; + rep->magic = KV5M_AP_REP; } cleanup(free); } -krb5_error_code decode_krb5_ap_rep_enc_part(const krb5_data *code, krb5_ap_rep_enc_part **rep) +krb5_error_code +decode_krb5_ap_rep_enc_part(const krb5_data *code, + krb5_ap_rep_enc_part **repptr) { - setup(); - alloc_field(*rep,krb5_ap_rep_enc_part); + setup(krb5_ap_rep_enc_part *); + alloc_field(rep); clear_field(rep,subkey); check_apptag(27); { begin_structure(); - get_field((*rep)->ctime,0,asn1_decode_kerberos_time); - get_field((*rep)->cusec,1,asn1_decode_int32); - if (tagnum == 2) { alloc_field((*rep)->subkey,krb5_keyblock); } - opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key); - opt_field((*rep)->seq_number,3,asn1_decode_seqnum); + get_field(rep->ctime,0,asn1_decode_kerberos_time); + get_field(rep->cusec,1,asn1_decode_int32); + if (tagnum == 2) { alloc_field(rep->subkey); } + opt_field(*(rep->subkey),2,asn1_decode_encryption_key); + opt_field(rep->seq_number,3,asn1_decode_seqnum); end_structure(); - (*rep)->magic = KV5M_AP_REP_ENC_PART; + rep->magic = KV5M_AP_REP_ENC_PART; } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,subkey); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,subkey); + free(rep); } return retval; } -krb5_error_code decode_krb5_as_req(const krb5_data *code, krb5_kdc_req **rep) +krb5_error_code +decode_krb5_as_req(const krb5_data *code, krb5_kdc_req **repptr) { - setup_no_length(); - alloc_field(*rep,krb5_kdc_req); + setup_no_length(krb5_kdc_req *); + alloc_field(rep); check_apptag(10); - retval = asn1_decode_kdc_req(&buf,*rep); + retval = asn1_decode_kdc_req(&buf,rep); if (retval) clean_return(retval); #ifdef KRB5_MSGTYPE_STRICT - if ((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE); + if (rep->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE); #endif cleanup(free); } -krb5_error_code decode_krb5_tgs_req(const krb5_data *code, krb5_kdc_req **rep) +krb5_error_code +decode_krb5_tgs_req(const krb5_data *code, krb5_kdc_req **repptr) { - setup_no_length(); - alloc_field(*rep,krb5_kdc_req); + setup_no_length(krb5_kdc_req *); + alloc_field(rep); check_apptag(12); - retval = asn1_decode_kdc_req(&buf,*rep); + retval = asn1_decode_kdc_req(&buf,rep); if (retval) clean_return(retval); #ifdef KRB5_MSGTYPE_STRICT - if ((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE); + if (rep->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE); #endif cleanup(free); } -krb5_error_code decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **rep) +krb5_error_code +decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_kdc_req); + setup_buf_only(krb5_kdc_req *); + alloc_field(rep); - retval = asn1_decode_kdc_req_body(&buf,*rep); + retval = asn1_decode_kdc_req_body(&buf,rep); if (retval) clean_return(retval); cleanup(free); @@ -534,14 +547,13 @@ krb5_error_code decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **r * This does *not* perform any copying; the returned pointer to the * encoded KRB-SAFE-BODY points into the input buffer. */ -krb5_error_code decode_krb5_safe_with_body( - const krb5_data *code, - krb5_safe **rep, - krb5_data *body) +krb5_error_code +decode_krb5_safe_with_body(const krb5_data *code, krb5_safe **repptr, + krb5_data *body) { krb5_data tmpbody; - setup(); - alloc_field(*rep,krb5_safe); + setup(krb5_safe *); + alloc_field(rep); clear_field(rep,checksum); tmpbody.magic = 0; @@ -568,33 +580,34 @@ krb5_error_code decode_krb5_safe_with_body( tmpbody.length = 0; tmpbody.data = NULL; } - get_field(**rep,2,asn1_decode_krb_safe_body); - alloc_field((*rep)->checksum,krb5_checksum); - get_field(*((*rep)->checksum),3,asn1_decode_checksum); - (*rep)->magic = KV5M_SAFE; + get_field(*rep,2,asn1_decode_krb_safe_body); + alloc_field(rep->checksum); + get_field(*(rep->checksum),3,asn1_decode_checksum); + rep->magic = KV5M_SAFE; end_structure(); } if (body != NULL) *body = tmpbody; cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,checksum); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,checksum); + free(rep); } return retval; } -krb5_error_code decode_krb5_safe(const krb5_data *code, krb5_safe **rep) +krb5_error_code +decode_krb5_safe(const krb5_data *code, krb5_safe **repptr) { - return decode_krb5_safe_with_body(code, rep, NULL); + return decode_krb5_safe_with_body(code, repptr, NULL); } -krb5_error_code decode_krb5_priv(const krb5_data *code, krb5_priv **rep) +krb5_error_code +decode_krb5_priv(const krb5_data *code, krb5_priv **repptr) { - setup(); - alloc_field(*rep,krb5_priv); + setup(krb5_priv *); + alloc_field(rep); check_apptag(21); { begin_structure(); @@ -607,48 +620,49 @@ krb5_error_code decode_krb5_priv(const krb5_data *code, krb5_priv **rep) if (msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE); #endif } - get_field((*rep)->enc_part,3,asn1_decode_encrypted_data); - (*rep)->magic = KV5M_PRIV; + get_field(rep->enc_part,3,asn1_decode_encrypted_data); + rep->magic = KV5M_PRIV; end_structure(); } cleanup(free); } -krb5_error_code decode_krb5_enc_priv_part(const krb5_data *code, krb5_priv_enc_part **rep) +krb5_error_code +decode_krb5_enc_priv_part(const krb5_data *code, krb5_priv_enc_part **repptr) { - setup(); - alloc_field(*rep,krb5_priv_enc_part); + setup(krb5_priv_enc_part *); + alloc_field(rep); clear_field(rep,r_address); clear_field(rep,s_address); check_apptag(28); { begin_structure(); - get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring); - opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time); - opt_field((*rep)->usec,2,asn1_decode_int32); - opt_field((*rep)->seq_number,3,asn1_decode_seqnum); - alloc_field((*rep)->s_address,krb5_address); - get_field(*((*rep)->s_address),4,asn1_decode_host_address); - if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); } - opt_field(*((*rep)->r_address),5,asn1_decode_host_address); - (*rep)->magic = KV5M_PRIV_ENC_PART; + get_lenfield(rep->user_data.length,rep->user_data.data,0,asn1_decode_charstring); + opt_field(rep->timestamp,1,asn1_decode_kerberos_time); + opt_field(rep->usec,2,asn1_decode_int32); + opt_field(rep->seq_number,3,asn1_decode_seqnum); + alloc_field(rep->s_address); + get_field(*(rep->s_address),4,asn1_decode_host_address); + if (tagnum == 5) { alloc_field(rep->r_address); } + opt_field(*(rep->r_address),5,asn1_decode_host_address); + rep->magic = KV5M_PRIV_ENC_PART; end_structure(); } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,r_address); - free_field(*rep,s_address); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,r_address); + free_field(rep,s_address); + free(rep); } return retval; } -krb5_error_code decode_krb5_cred(const krb5_data *code, krb5_cred **rep) +krb5_error_code +decode_krb5_cred(const krb5_data *code, krb5_cred **repptr) { - setup(); - alloc_field(*rep,krb5_cred); + setup(krb5_cred *); + alloc_field(rep); check_apptag(22); { begin_structure(); @@ -661,50 +675,51 @@ krb5_error_code decode_krb5_cred(const krb5_data *code, krb5_cred **rep) if (msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE); #endif } - get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket); - get_field((*rep)->enc_part,3,asn1_decode_encrypted_data); - (*rep)->magic = KV5M_CRED; + get_field(rep->tickets,2,asn1_decode_sequence_of_ticket); + get_field(rep->enc_part,3,asn1_decode_encrypted_data); + rep->magic = KV5M_CRED; end_structure(); } cleanup(free); } -krb5_error_code decode_krb5_enc_cred_part(const krb5_data *code, krb5_cred_enc_part **rep) +krb5_error_code +decode_krb5_enc_cred_part(const krb5_data *code, krb5_cred_enc_part **repptr) { - setup(); - alloc_field(*rep,krb5_cred_enc_part); + setup(krb5_cred_enc_part *); + alloc_field(rep); clear_field(rep,r_address); clear_field(rep,s_address); check_apptag(29); { begin_structure(); - get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info); - opt_field((*rep)->nonce,1,asn1_decode_int32); - opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time); - opt_field((*rep)->usec,3,asn1_decode_int32); - if (tagnum == 4) { alloc_field((*rep)->s_address,krb5_address); } - opt_field(*((*rep)->s_address),4,asn1_decode_host_address); - if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); } - opt_field(*((*rep)->r_address),5,asn1_decode_host_address); - (*rep)->magic = KV5M_CRED_ENC_PART; + get_field(rep->ticket_info,0,asn1_decode_sequence_of_krb_cred_info); + opt_field(rep->nonce,1,asn1_decode_int32); + opt_field(rep->timestamp,2,asn1_decode_kerberos_time); + opt_field(rep->usec,3,asn1_decode_int32); + if (tagnum == 4) { alloc_field(rep->s_address); } + opt_field(*(rep->s_address),4,asn1_decode_host_address); + if (tagnum == 5) { alloc_field(rep->r_address); } + opt_field(*(rep->r_address),5,asn1_decode_host_address); + rep->magic = KV5M_CRED_ENC_PART; end_structure(); } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,r_address); - free_field(*rep,s_address); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,r_address); + free_field(rep,s_address); + free(rep); } return retval; } -krb5_error_code decode_krb5_error(const krb5_data *code, krb5_error **rep) +krb5_error_code +decode_krb5_error(const krb5_data *code, krb5_error **repptr) { - setup(); - alloc_field(*rep,krb5_error); + setup(krb5_error *); + alloc_field(rep); clear_field(rep,server); clear_field(rep,client); @@ -719,427 +734,469 @@ krb5_error_code decode_krb5_error(const krb5_data *code, krb5_error **rep) if (msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE); #endif } - opt_field((*rep)->ctime,2,asn1_decode_kerberos_time); - opt_field((*rep)->cusec,3,asn1_decode_int32); - get_field((*rep)->stime,4,asn1_decode_kerberos_time); - get_field((*rep)->susec,5,asn1_decode_int32); - get_field((*rep)->error,6,asn1_decode_ui_4); - if (tagnum == 7) { alloc_field((*rep)->client,krb5_principal_data); } - opt_field((*rep)->client,7,asn1_decode_realm); - opt_field((*rep)->client,8,asn1_decode_principal_name); - alloc_field((*rep)->server,krb5_principal_data); - get_field((*rep)->server,9,asn1_decode_realm); - get_field((*rep)->server,10,asn1_decode_principal_name); - opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring); - opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring); - (*rep)->magic = KV5M_ERROR; + opt_field(rep->ctime,2,asn1_decode_kerberos_time); + opt_field(rep->cusec,3,asn1_decode_int32); + get_field(rep->stime,4,asn1_decode_kerberos_time); + get_field(rep->susec,5,asn1_decode_int32); + get_field(rep->error,6,asn1_decode_ui_4); + if (tagnum == 7) { alloc_field(rep->client); } + opt_field(rep->client,7,asn1_decode_realm); + opt_field(rep->client,8,asn1_decode_principal_name); + alloc_field(rep->server); + get_field(rep->server,9,asn1_decode_realm); + get_field(rep->server,10,asn1_decode_principal_name); + opt_lenfield(rep->text.length,rep->text.data,11,asn1_decode_generalstring); + opt_lenfield(rep->e_data.length,rep->e_data.data,12,asn1_decode_charstring); + rep->magic = KV5M_ERROR; end_structure(); } cleanup_manual(); error_out: - if (rep && *rep) { - free_field(*rep,server); - free_field(*rep,client); - free(*rep); - *rep = NULL; + if (rep) { + free_field(rep,server); + free_field(rep,client); + free(rep); } return retval; } -krb5_error_code decode_krb5_authdata(const krb5_data *code, krb5_authdata ***rep) +krb5_error_code +decode_krb5_authdata(const krb5_data *code, krb5_authdata ***repptr) { - setup_buf_only(); - *rep = 0; - retval = asn1_decode_authorization_data(&buf,rep); + setup_buf_only(krb5_authdata **); + retval = asn1_decode_authorization_data(&buf,&rep); if (retval) clean_return(retval); cleanup_none(); /* we're not allocating anything here... */ } -krb5_error_code decode_krb5_pwd_sequence(const krb5_data *code, passwd_phrase_element **rep) +krb5_error_code +decode_krb5_pwd_sequence(const krb5_data *code, passwd_phrase_element **repptr) { - setup_buf_only(); - alloc_field(*rep,passwd_phrase_element); - retval = asn1_decode_passwdsequence(&buf,*rep); + setup_buf_only(passwd_phrase_element *); + alloc_field(rep); + retval = asn1_decode_passwdsequence(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_pwd_data(const krb5_data *code, krb5_pwd_data **rep) +krb5_error_code +decode_krb5_pwd_data(const krb5_data *code, krb5_pwd_data **repptr) { - setup(); - alloc_field(*rep,krb5_pwd_data); + setup(krb5_pwd_data *); + alloc_field(rep); { begin_structure(); - get_field((*rep)->sequence_count,0,asn1_decode_int); - get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence); - (*rep)->magic = KV5M_PWD_DATA; + get_field(rep->sequence_count,0,asn1_decode_int); + get_field(rep->element,1,asn1_decode_sequence_of_passwdsequence); + rep->magic = KV5M_PWD_DATA; end_structure (); } cleanup(free); } -krb5_error_code decode_krb5_padata_sequence(const krb5_data *code, krb5_pa_data ***rep) +krb5_error_code +decode_krb5_padata_sequence(const krb5_data *code, krb5_pa_data ***repptr) { - setup_buf_only(); - *rep = 0; - retval = asn1_decode_sequence_of_pa_data(&buf,rep); + setup_buf_only(krb5_pa_data **); + retval = asn1_decode_sequence_of_pa_data(&buf,&rep); if (retval) clean_return(retval); cleanup_none(); /* we're not allocating anything here */ } -krb5_error_code decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **rep) +krb5_error_code +decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **repptr) { - setup(); - alloc_field(*rep,krb5_alt_method); + setup(krb5_alt_method *); + alloc_field(rep); { begin_structure(); - get_field((*rep)->method,0,asn1_decode_int32); + get_field(rep->method,0,asn1_decode_int32); if (tagnum == 1) { - get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring); + get_lenfield(rep->length,rep->data,1,asn1_decode_octetstring); } else { - (*rep)->length = 0; - (*rep)->data = 0; + rep->length = 0; + rep->data = 0; } - (*rep)->magic = KV5M_ALT_METHOD; + rep->magic = KV5M_ALT_METHOD; end_structure(); } cleanup(free); } -krb5_error_code decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_entry ***rep) +krb5_error_code +decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_entry ***repptr) { - setup_buf_only(); - *rep = 0; - retval = asn1_decode_etype_info(&buf,rep); + setup_buf_only(krb5_etype_info_entry **); + retval = asn1_decode_etype_info(&buf,&rep); if (retval) clean_return(retval); cleanup_none(); /* we're not allocating anything here */ } -krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep) +krb5_error_code +decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***repptr) { - setup_buf_only(); - *rep = 0; - retval = asn1_decode_etype_info2(&buf,rep, 0); + setup_buf_only(krb5_etype_info_entry **); + retval = asn1_decode_etype_info2(&buf,&rep, 0); if (retval == ASN1_BAD_ID) { retval = asn1buf_wrap_data(&buf,code); if (retval) clean_return(retval); - retval = asn1_decode_etype_info2(&buf, rep, 1); + retval = asn1_decode_etype_info2(&buf, &rep, 1); } if (retval) clean_return(retval); cleanup_none(); /* we're not allocating anything here */ } -krb5_error_code decode_krb5_enc_data(const krb5_data *code, krb5_enc_data **rep) +krb5_error_code +decode_krb5_enc_data(const krb5_data *code, krb5_enc_data **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_enc_data); + setup_buf_only(krb5_enc_data *); + alloc_field(rep); - retval = asn1_decode_encrypted_data(&buf,*rep); + retval = asn1_decode_encrypted_data(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_pa_enc_ts(const krb5_data *code, krb5_pa_enc_ts **rep) +krb5_error_code +decode_krb5_pa_enc_ts(const krb5_data *code, krb5_pa_enc_ts **repptr) { - setup(); - alloc_field(*rep,krb5_pa_enc_ts); + setup(krb5_pa_enc_ts *); + alloc_field(rep); { begin_structure(); - get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time); + get_field(rep->patimestamp,0,asn1_decode_kerberos_time); if (tagnum == 1) { - get_field((*rep)->pausec,1,asn1_decode_int32); + get_field(rep->pausec,1,asn1_decode_int32); } else - (*rep)->pausec = 0; + rep->pausec = 0; end_structure (); } cleanup(free); } -krb5_error_code decode_krb5_sam_challenge(const krb5_data *code, krb5_sam_challenge **rep) +krb5_error_code +decode_krb5_sam_challenge(const krb5_data *code, krb5_sam_challenge **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_sam_challenge); + setup_buf_only(krb5_sam_challenge *); + alloc_field(rep); - retval = asn1_decode_sam_challenge(&buf,*rep); + retval = asn1_decode_sam_challenge(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_sam_challenge_2(const krb5_data *code, krb5_sam_challenge_2 **rep) +krb5_error_code +decode_krb5_sam_challenge_2(const krb5_data *code, + krb5_sam_challenge_2 **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_sam_challenge_2); + setup_buf_only(krb5_sam_challenge_2 *); + alloc_field(rep); - retval = asn1_decode_sam_challenge_2(&buf,*rep); + retval = asn1_decode_sam_challenge_2(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_sam_challenge_2_body(const krb5_data *code, krb5_sam_challenge_2_body **rep) +krb5_error_code +decode_krb5_sam_challenge_2_body(const krb5_data *code, + krb5_sam_challenge_2_body **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_sam_challenge_2_body); + setup_buf_only(krb5_sam_challenge_2_body *); + alloc_field(rep); - retval = asn1_decode_sam_challenge_2_body(&buf, *rep); + retval = asn1_decode_sam_challenge_2_body(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_enc_sam_key(const krb5_data *code, krb5_sam_key **rep) +krb5_error_code +decode_krb5_enc_sam_key(const krb5_data *code, krb5_sam_key **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_sam_key); + setup_buf_only(krb5_sam_key *); + alloc_field(rep); - retval = asn1_decode_enc_sam_key(&buf,*rep); + retval = asn1_decode_enc_sam_key(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_enc_sam_response_enc(const krb5_data *code, krb5_enc_sam_response_enc **rep) +krb5_error_code +decode_krb5_enc_sam_response_enc(const krb5_data *code, + krb5_enc_sam_response_enc **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_enc_sam_response_enc); + setup_buf_only(krb5_enc_sam_response_enc *); + alloc_field(rep); - retval = asn1_decode_enc_sam_response_enc(&buf,*rep); + retval = asn1_decode_enc_sam_response_enc(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_enc_sam_response_enc_2(const krb5_data *code, krb5_enc_sam_response_enc_2 **rep) +krb5_error_code +decode_krb5_enc_sam_response_enc_2(const krb5_data *code, + krb5_enc_sam_response_enc_2 **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_enc_sam_response_enc_2); + setup_buf_only(krb5_enc_sam_response_enc_2 *); + alloc_field(rep); - retval = asn1_decode_enc_sam_response_enc_2(&buf,*rep); + retval = asn1_decode_enc_sam_response_enc_2(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_sam_response(const krb5_data *code, krb5_sam_response **rep) +krb5_error_code +decode_krb5_sam_response(const krb5_data *code, + krb5_sam_response **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_sam_response); + setup_buf_only(krb5_sam_response *); + alloc_field(rep); - retval = asn1_decode_sam_response(&buf,*rep); + retval = asn1_decode_sam_response(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_sam_response_2(const krb5_data *code, krb5_sam_response_2 **rep) +krb5_error_code +decode_krb5_sam_response_2(const krb5_data *code, + krb5_sam_response_2 **repptr) { - setup_buf_only(); - alloc_field(*rep,krb5_sam_response_2); + setup_buf_only(krb5_sam_response_2 *); + alloc_field(rep); - retval = asn1_decode_sam_response_2(&buf,*rep); + retval = asn1_decode_sam_response_2(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_predicted_sam_response(const krb5_data *code, krb5_predicted_sam_response **rep) +krb5_error_code +decode_krb5_predicted_sam_response(const krb5_data *code, + krb5_predicted_sam_response **repptr) { - setup_buf_only(); /* preallocated */ - alloc_field(*rep,krb5_predicted_sam_response); + setup_buf_only(krb5_predicted_sam_response *); /* preallocated */ + alloc_field(rep); - retval = asn1_decode_predicted_sam_response(&buf,*rep); + retval = asn1_decode_predicted_sam_response(&buf,rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_setpw_req(const krb5_data *code, - krb5_data **rep, - krb5_principal *principal) +krb5_error_code +decode_krb5_setpw_req(const krb5_data *code, krb5_data **repptr, + krb5_principal *principal) { - setup_buf_only(); - alloc_field(*rep, krb5_data); + setup_buf_only(krb5_data *); + alloc_field(rep); *principal = NULL; - retval = asn1_decode_setpw_req(&buf, *rep, principal); + retval = asn1_decode_setpw_req(&buf, rep, principal); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_pa_for_user(const krb5_data *code, krb5_pa_for_user **rep) +krb5_error_code +decode_krb5_pa_for_user(const krb5_data *code, krb5_pa_for_user **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_pa_for_user); + setup_buf_only(krb5_pa_for_user *); + alloc_field(rep); - retval = asn1_decode_pa_for_user(&buf, *rep); + retval = asn1_decode_pa_for_user(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_pa_pac_req(const krb5_data *code, krb5_pa_pac_req **rep) +krb5_error_code +decode_krb5_pa_pac_req(const krb5_data *code, krb5_pa_pac_req **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_pa_pac_req); + setup_buf_only(krb5_pa_pac_req *); + alloc_field(rep); - retval = asn1_decode_pa_pac_req(&buf, *rep); + retval = asn1_decode_pa_pac_req(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_etype_list(const krb5_data *code, krb5_etype_list **rep) +krb5_error_code +decode_krb5_etype_list(const krb5_data *code, krb5_etype_list **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_etype_list); + setup_buf_only(krb5_etype_list *); + alloc_field(rep); - retval = asn1_decode_sequence_of_enctype(&buf, &(*rep)->length, &(*rep)->etypes); + retval = asn1_decode_sequence_of_enctype(&buf, &rep->length, &rep->etypes); if (retval) clean_return(retval); cleanup(free); } #ifndef DISABLE_PKINIT -krb5_error_code decode_krb5_pa_pk_as_req(const krb5_data *code, krb5_pa_pk_as_req **rep) +krb5_error_code +decode_krb5_pa_pk_as_req(const krb5_data *code, krb5_pa_pk_as_req **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_pa_pk_as_req); + setup_buf_only(krb5_pa_pk_as_req *); + alloc_field(rep); - retval = asn1_decode_pa_pk_as_req(&buf, *rep); + retval = asn1_decode_pa_pk_as_req(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_pa_pk_as_req_draft9(const krb5_data *code, krb5_pa_pk_as_req_draft9 **rep) +krb5_error_code +decode_krb5_pa_pk_as_req_draft9(const krb5_data *code, + krb5_pa_pk_as_req_draft9 **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_pa_pk_as_req_draft9); + setup_buf_only(krb5_pa_pk_as_req_draft9 *); + alloc_field(rep); - retval = asn1_decode_pa_pk_as_req_draft9(&buf, *rep); + retval = asn1_decode_pa_pk_as_req_draft9(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_pa_pk_as_rep(const krb5_data *code, krb5_pa_pk_as_rep **rep) +krb5_error_code +decode_krb5_pa_pk_as_rep(const krb5_data *code, krb5_pa_pk_as_rep **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_pa_pk_as_rep); + setup_buf_only(krb5_pa_pk_as_rep *); + alloc_field(rep); - retval = asn1_decode_pa_pk_as_rep(&buf, *rep); + retval = asn1_decode_pa_pk_as_rep(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_pa_pk_as_rep_draft9(const krb5_data *code, krb5_pa_pk_as_rep_draft9 **rep) +krb5_error_code +decode_krb5_pa_pk_as_rep_draft9(const krb5_data *code, + krb5_pa_pk_as_rep_draft9 **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_pa_pk_as_rep_draft9); + setup_buf_only(krb5_pa_pk_as_rep_draft9 *); + alloc_field(rep); - retval = asn1_decode_pa_pk_as_rep_draft9(&buf, *rep); + retval = asn1_decode_pa_pk_as_rep_draft9(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_auth_pack(const krb5_data *code, krb5_auth_pack **rep) +krb5_error_code +decode_krb5_auth_pack(const krb5_data *code, krb5_auth_pack **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_auth_pack); + setup_buf_only(krb5_auth_pack *); + alloc_field(rep); - retval = asn1_decode_auth_pack(&buf, *rep); + retval = asn1_decode_auth_pack(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_auth_pack_draft9(const krb5_data *code, krb5_auth_pack_draft9 **rep) +krb5_error_code +decode_krb5_auth_pack_draft9(const krb5_data *code, + krb5_auth_pack_draft9 **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_auth_pack_draft9); + setup_buf_only(krb5_auth_pack_draft9 *); + alloc_field(rep); - retval = asn1_decode_auth_pack_draft9(&buf, *rep); + retval = asn1_decode_auth_pack_draft9(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_kdc_dh_key_info(const krb5_data *code, krb5_kdc_dh_key_info **rep) +krb5_error_code +decode_krb5_kdc_dh_key_info(const krb5_data *code, + krb5_kdc_dh_key_info **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_kdc_dh_key_info); + setup_buf_only(krb5_kdc_dh_key_info *); + alloc_field(rep); - retval = asn1_decode_kdc_dh_key_info(&buf, *rep); + retval = asn1_decode_kdc_dh_key_info(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep) +krb5_error_code +decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_principal_data); + setup_buf_only(krb5_principal_data *); + alloc_field(rep); - retval = asn1_decode_krb5_principal_name(&buf, rep); + retval = asn1_decode_krb5_principal_name(&buf, &rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_reply_key_pack(const krb5_data *code, krb5_reply_key_pack **rep) +krb5_error_code +decode_krb5_reply_key_pack(const krb5_data *code, krb5_reply_key_pack **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_reply_key_pack); + setup_buf_only(krb5_reply_key_pack *); + alloc_field(rep); - retval = asn1_decode_reply_key_pack(&buf, *rep); + retval = asn1_decode_reply_key_pack(&buf, rep); if (retval) goto error_out; cleanup_manual(); error_out: - if (rep && *rep) { - free((*rep)->replyKey.contents); - free((*rep)->asChecksum.contents); - free(*rep); - *rep = NULL; + if (rep) { + free(rep->replyKey.contents); + free(rep->asChecksum.contents); + free(rep); } return retval; } -krb5_error_code decode_krb5_reply_key_pack_draft9(const krb5_data *code, krb5_reply_key_pack_draft9 **rep) +krb5_error_code +decode_krb5_reply_key_pack_draft9(const krb5_data *code, + krb5_reply_key_pack_draft9 **repptr) { - setup_buf_only(); - alloc_field(*rep, krb5_reply_key_pack_draft9); + setup_buf_only(krb5_reply_key_pack_draft9 *); + alloc_field(rep); - retval = asn1_decode_reply_key_pack_draft9(&buf, *rep); + retval = asn1_decode_reply_key_pack_draft9(&buf, rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_typed_data(const krb5_data *code, krb5_typed_data ***rep) +krb5_error_code +decode_krb5_typed_data(const krb5_data *code, krb5_typed_data ***repptr) { - setup_buf_only(); - retval = asn1_decode_sequence_of_typed_data(&buf, rep); + setup_buf_only(krb5_typed_data **); + retval = asn1_decode_sequence_of_typed_data(&buf, &rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_td_trusted_certifiers(const krb5_data *code, krb5_external_principal_identifier ***rep) +krb5_error_code +decode_krb5_td_trusted_certifiers(const krb5_data *code, + krb5_external_principal_identifier ***repptr) { - setup_buf_only(); - retval = asn1_decode_sequence_of_external_principal_identifier(&buf, rep); + setup_buf_only(krb5_external_principal_identifier **); + retval = asn1_decode_sequence_of_external_principal_identifier(&buf, &rep); if (retval) clean_return(retval); cleanup(free); } -krb5_error_code decode_krb5_td_dh_parameters(const krb5_data *code, krb5_algorithm_identifier ***rep) +krb5_error_code +decode_krb5_td_dh_parameters(const krb5_data *code, + krb5_algorithm_identifier ***repptr) { - setup_buf_only(); - retval = asn1_decode_sequence_of_algorithm_identifier(&buf, rep); + setup_buf_only(krb5_algorithm_identifier **); + retval = asn1_decode_sequence_of_algorithm_identifier(&buf, &rep); if (retval) clean_return(retval); cleanup(free); -- 2.26.2