[PATCH] Fix a few Coverity IDs

Volker Lendecke Volker.Lendecke at SerNet.DE
Tue Jun 23 10:43:16 MDT 2015


Hi!

The first few patches are triggered by the change to call
get_random_buffer in libadddns. It will also make dropping
in a different rng slightly more pleaseant.

Review&push appreciated!

Thanks,

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From bac68db1edf66ff090bc6086d3daf0500d9607aa Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 09:02:46 +0200
Subject: [PATCH 01/24] lib: Strip genrand.c a bit

This moves for example password complexity checks out of the core random
number generator

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/util/genrand.c      | 280 -------------------------------------------
 lib/util/genrand_util.c | 310 ++++++++++++++++++++++++++++++++++++++++++++++++
 lib/util/wscript_build  |   2 +-
 3 files changed, 311 insertions(+), 281 deletions(-)
 create mode 100644 lib/util/genrand_util.c

diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index c0163f4..4f328ea 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -283,283 +283,3 @@ _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len)
 	
 	generate_random_buffer(out, len);
 }
-
-/**
-  generate a single random uint32_t
-**/
-_PUBLIC_ uint32_t generate_random(void)
-{
-	uint8_t v[4];
-	generate_random_buffer(v, 4);
-	return IVAL(v, 0);
-}
-
-
-/**
-  Microsoft composed the following rules (among others) for quality
-  checks. This is an abridgment from
-  http://msdn.microsoft.com/en-us/subscriptions/cc786468%28v=ws.10%29.aspx:
-
-  Passwords must contain characters from three of the following five
-  categories:
-
-   - Uppercase characters of European languages (A through Z, with
-     diacritic marks, Greek and Cyrillic characters)
-   - Lowercase characters of European languages (a through z, sharp-s,
-     with diacritic marks, Greek and Cyrillic characters)
-   - Base 10 digits (0 through 9)
-   - Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
-   - Any Unicode character that is categorized as an alphabetic character
-     but is not uppercase or lowercase. This includes Unicode characters
-     from Asian languages.
-
- Note: for now do not check if the unicode category is
-       alphabetic character
-**/
-_PUBLIC_ bool check_password_quality(const char *pwd)
-{
-	size_t ofs = 0;
-	size_t num_chars = 0;
-	size_t num_digits = 0;
-	size_t num_upper = 0;
-	size_t num_lower = 0;
-	size_t num_nonalpha = 0;
-	size_t num_unicode = 0;
-	size_t num_categories = 0;
-
-	if (pwd == NULL) {
-		return false;
-	}
-
-	while (true) {
-		const char *s = &pwd[ofs];
-		size_t len = 0;
-		codepoint_t c;
-
-		c = next_codepoint(s, &len);
-		if (c == INVALID_CODEPOINT) {
-			return false;
-		} else if (c == 0) {
-			break;
-		}
-		ofs += len;
-		num_chars += 1;
-
-		if (len == 1) {
-			const char *na = "~!@#$%^&*_-+=`|\\(){}[]:;\"'<>,.?/";
-
-			if (isdigit(c)) {
-				num_digits += 1;
-				continue;
-			}
-
-			if (isupper(c)) {
-				num_upper += 1;
-				continue;
-			}
-
-			if (islower(c)) {
-				num_lower += 1;
-				continue;
-			}
-
-			if (strchr(na, c)) {
-				num_nonalpha += 1;
-				continue;
-			}
-
-			/*
-			 * the rest does not belong to
-			 * a category.
-			 */
-			continue;
-		}
-
-		if (isupper_m(c)) {
-			num_upper += 1;
-			continue;
-		}
-
-		if (islower_m(c)) {
-			num_lower += 1;
-			continue;
-		}
-
-		/*
-		 * Note: for now do not check if the unicode category is
-		 *       alphabetic character
-		 *
-		 * We would have to import the details from
-		 * ftp://ftp.unicode.org/Public/6.3.0/ucd/UnicodeData-6.3.0d1.txt
-		 */
-		num_unicode += 1;
-		continue;
-	}
-
-	if (num_digits > 0) {
-		num_categories += 1;
-	}
-	if (num_upper > 0) {
-		num_categories += 1;
-	}
-	if (num_lower > 0) {
-		num_categories += 1;
-	}
-	if (num_nonalpha > 0) {
-		num_categories += 1;
-	}
-	if (num_unicode > 0) {
-		num_categories += 1;
-	}
-
-	if (num_categories >= 3) {
-		return true;
-	}
-
-	return false;
-}
-
-/**
- Use the random number generator to generate a random string.
-**/
-
-_PUBLIC_ char *generate_random_str_list(TALLOC_CTX *mem_ctx, size_t len, const char *list)
-{
-	size_t i;
-	size_t list_len = strlen(list);
-
-	char *retstr = talloc_array(mem_ctx, char, len + 1);
-	if (!retstr) return NULL;
-
-	generate_random_buffer((uint8_t *)retstr, len);
-	for (i = 0; i < len; i++) {
-		retstr[i] = list[retstr[i] % list_len];
-	}
-	retstr[i] = '\0';
-
-	return retstr;
-}
-
-/**
- * Generate a random text string consisting of the specified length.
- * The returned string will be allocated.
- *
- * Characters used are: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,
- */
-
-_PUBLIC_ char *generate_random_str(TALLOC_CTX *mem_ctx, size_t len)
-{
-	char *retstr;
-	const char *c_list = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,";
-
-again:
-	retstr = generate_random_str_list(mem_ctx, len, c_list);
-	if (!retstr) return NULL;
-
-	/* we need to make sure the random string passes basic quality tests
-	   or it might be rejected by windows as a password */
-	if (len >= 7 && !check_password_quality(retstr)) {
-		talloc_free(retstr);
-		goto again;
-	}
-
-	return retstr;
-}
-
-/**
- * Generate a random text password.
- */
-
-_PUBLIC_ char *generate_random_password(TALLOC_CTX *mem_ctx, size_t min, size_t max)
-{
-	char *retstr;
-	/* This list does not include { or } because they cause
-	 * problems for our provision (it can create a substring
-	 * ${...}, and for Fedora DS (which treats {...} at the start
-	 * of a stored password as special 
-	 *  -- Andrew Bartlett 2010-03-11
-	 */
-	const char *c_list = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,@$%&!?:;<=>()[]~";
-	size_t len = max;
-	size_t diff;
-
-	if (min > max) {
-		errno = EINVAL;
-		return NULL;
-	}
-
-	diff = max - min;
-
-	if (diff > 0 ) {
-		size_t tmp;
-
-		generate_random_buffer((uint8_t *)&tmp, sizeof(tmp));
-
-		tmp %= diff;
-
-		len = min + tmp;
-	}
-
-again:
-	retstr = generate_random_str_list(mem_ctx, len, c_list);
-	if (!retstr) return NULL;
-
-	/* we need to make sure the random string passes basic quality tests
-	   or it might be rejected by windows as a password */
-	if (len >= 7 && !check_password_quality(retstr)) {
-		talloc_free(retstr);
-		goto again;
-	}
-
-	return retstr;
-}
-
-/**
- * Generate an array of unique text strings all of the same length.
- * The returned string will be allocated.
- * Returns NULL if the number of unique combinations cannot be created.
- *
- * Characters used are: abcdefghijklmnopqrstuvwxyz0123456789+_-#.,
- */
-_PUBLIC_ char** generate_unique_strs(TALLOC_CTX *mem_ctx, size_t len,
-				     uint32_t num)
-{
-	const char *c_list = "abcdefghijklmnopqrstuvwxyz0123456789+_-#.,";
-	const unsigned c_size = 42;
-	size_t i, j;
-	unsigned rem;
-	char ** strs = NULL;
-
-	if (num == 0 || len == 0)
-		return NULL;
-
-	strs = talloc_array(mem_ctx, char *, num);
-	if (strs == NULL) return NULL;
-
-	for (i = 0; i < num; i++) {
-		char *retstr = (char *)talloc_size(strs, len + 1);
-		if (retstr == NULL) {
-			talloc_free(strs);
-			return NULL;
-		}
-		rem = i;
-		for (j = 0; j < len; j++) {
-			retstr[j] = c_list[rem % c_size];
-			rem = rem / c_size;
-		}
-		retstr[j] = 0;
-		strs[i] = retstr;
-		if (rem != 0) {
-			/* we were not able to fit the number of
-			 * combinations asked for in the length
-			 * specified */
-			DEBUG(0,(__location__ ": Too many combinations %u for length %u\n",
-				 num, (unsigned)len));
-				 
-			talloc_free(strs);
-			return NULL;			 
-		}
-	}
-
-	return strs;
-}
diff --git a/lib/util/genrand_util.c b/lib/util/genrand_util.c
new file mode 100644
index 0000000..af7aab6
--- /dev/null
+++ b/lib/util/genrand_util.c
@@ -0,0 +1,310 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   Functions to create reasonable random numbers for crypto use.
+
+   Copyright (C) Jeremy Allison 2001
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/filesys.h"
+#include "../lib/crypto/crypto.h"
+#include "system/locale.h"
+
+/**
+ * @file
+ * @brief Random number generation
+ */
+
+/**
+  generate a single random uint32_t
+**/
+_PUBLIC_ uint32_t generate_random(void)
+{
+	uint8_t v[4];
+	generate_random_buffer(v, 4);
+	return IVAL(v, 0);
+}
+
+
+/**
+  Microsoft composed the following rules (among others) for quality
+  checks. This is an abridgment from
+  http://msdn.microsoft.com/en-us/subscriptions/cc786468%28v=ws.10%29.aspx:
+
+  Passwords must contain characters from three of the following five
+  categories:
+
+   - Uppercase characters of European languages (A through Z, with
+     diacritic marks, Greek and Cyrillic characters)
+   - Lowercase characters of European languages (a through z, sharp-s,
+     with diacritic marks, Greek and Cyrillic characters)
+   - Base 10 digits (0 through 9)
+   - Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
+   - Any Unicode character that is categorized as an alphabetic character
+     but is not uppercase or lowercase. This includes Unicode characters
+     from Asian languages.
+
+ Note: for now do not check if the unicode category is
+       alphabetic character
+**/
+_PUBLIC_ bool check_password_quality(const char *pwd)
+{
+	size_t ofs = 0;
+	size_t num_chars = 0;
+	size_t num_digits = 0;
+	size_t num_upper = 0;
+	size_t num_lower = 0;
+	size_t num_nonalpha = 0;
+	size_t num_unicode = 0;
+	size_t num_categories = 0;
+
+	if (pwd == NULL) {
+		return false;
+	}
+
+	while (true) {
+		const char *s = &pwd[ofs];
+		size_t len = 0;
+		codepoint_t c;
+
+		c = next_codepoint(s, &len);
+		if (c == INVALID_CODEPOINT) {
+			return false;
+		} else if (c == 0) {
+			break;
+		}
+		ofs += len;
+		num_chars += 1;
+
+		if (len == 1) {
+			const char *na = "~!@#$%^&*_-+=`|\\(){}[]:;\"'<>,.?/";
+
+			if (isdigit(c)) {
+				num_digits += 1;
+				continue;
+			}
+
+			if (isupper(c)) {
+				num_upper += 1;
+				continue;
+			}
+
+			if (islower(c)) {
+				num_lower += 1;
+				continue;
+			}
+
+			if (strchr(na, c)) {
+				num_nonalpha += 1;
+				continue;
+			}
+
+			/*
+			 * the rest does not belong to
+			 * a category.
+			 */
+			continue;
+		}
+
+		if (isupper_m(c)) {
+			num_upper += 1;
+			continue;
+		}
+
+		if (islower_m(c)) {
+			num_lower += 1;
+			continue;
+		}
+
+		/*
+		 * Note: for now do not check if the unicode category is
+		 *       alphabetic character
+		 *
+		 * We would have to import the details from
+		 * ftp://ftp.unicode.org/Public/6.3.0/ucd/UnicodeData-6.3.0d1.txt
+		 */
+		num_unicode += 1;
+		continue;
+	}
+
+	if (num_digits > 0) {
+		num_categories += 1;
+	}
+	if (num_upper > 0) {
+		num_categories += 1;
+	}
+	if (num_lower > 0) {
+		num_categories += 1;
+	}
+	if (num_nonalpha > 0) {
+		num_categories += 1;
+	}
+	if (num_unicode > 0) {
+		num_categories += 1;
+	}
+
+	if (num_categories >= 3) {
+		return true;
+	}
+
+	return false;
+}
+
+/**
+ Use the random number generator to generate a random string.
+**/
+
+_PUBLIC_ char *generate_random_str_list(TALLOC_CTX *mem_ctx, size_t len, const char *list)
+{
+	size_t i;
+	size_t list_len = strlen(list);
+
+	char *retstr = talloc_array(mem_ctx, char, len + 1);
+	if (!retstr) return NULL;
+
+	generate_random_buffer((uint8_t *)retstr, len);
+	for (i = 0; i < len; i++) {
+		retstr[i] = list[retstr[i] % list_len];
+	}
+	retstr[i] = '\0';
+
+	return retstr;
+}
+
+/**
+ * Generate a random text string consisting of the specified length.
+ * The returned string will be allocated.
+ *
+ * Characters used are: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,
+ */
+
+_PUBLIC_ char *generate_random_str(TALLOC_CTX *mem_ctx, size_t len)
+{
+	char *retstr;
+	const char *c_list = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,";
+
+again:
+	retstr = generate_random_str_list(mem_ctx, len, c_list);
+	if (!retstr) return NULL;
+
+	/* we need to make sure the random string passes basic quality tests
+	   or it might be rejected by windows as a password */
+	if (len >= 7 && !check_password_quality(retstr)) {
+		talloc_free(retstr);
+		goto again;
+	}
+
+	return retstr;
+}
+
+/**
+ * Generate a random text password.
+ */
+
+_PUBLIC_ char *generate_random_password(TALLOC_CTX *mem_ctx, size_t min, size_t max)
+{
+	char *retstr;
+	/* This list does not include { or } because they cause
+	 * problems for our provision (it can create a substring
+	 * ${...}, and for Fedora DS (which treats {...} at the start
+	 * of a stored password as special
+	 *  -- Andrew Bartlett 2010-03-11
+	 */
+	const char *c_list = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,@$%&!?:;<=>()[]~";
+	size_t len = max;
+	size_t diff;
+
+	if (min > max) {
+		errno = EINVAL;
+		return NULL;
+	}
+
+	diff = max - min;
+
+	if (diff > 0 ) {
+		size_t tmp;
+
+		generate_random_buffer((uint8_t *)&tmp, sizeof(tmp));
+
+		tmp %= diff;
+
+		len = min + tmp;
+	}
+
+again:
+	retstr = generate_random_str_list(mem_ctx, len, c_list);
+	if (!retstr) return NULL;
+
+	/* we need to make sure the random string passes basic quality tests
+	   or it might be rejected by windows as a password */
+	if (len >= 7 && !check_password_quality(retstr)) {
+		talloc_free(retstr);
+		goto again;
+	}
+
+	return retstr;
+}
+
+/**
+ * Generate an array of unique text strings all of the same length.
+ * The returned string will be allocated.
+ * Returns NULL if the number of unique combinations cannot be created.
+ *
+ * Characters used are: abcdefghijklmnopqrstuvwxyz0123456789+_-#.,
+ */
+_PUBLIC_ char** generate_unique_strs(TALLOC_CTX *mem_ctx, size_t len,
+				     uint32_t num)
+{
+	const char *c_list = "abcdefghijklmnopqrstuvwxyz0123456789+_-#.,";
+	const unsigned c_size = 42;
+	size_t i, j;
+	unsigned rem;
+	char ** strs = NULL;
+
+	if (num == 0 || len == 0)
+		return NULL;
+
+	strs = talloc_array(mem_ctx, char *, num);
+	if (strs == NULL) return NULL;
+
+	for (i = 0; i < num; i++) {
+		char *retstr = (char *)talloc_size(strs, len + 1);
+		if (retstr == NULL) {
+			talloc_free(strs);
+			return NULL;
+		}
+		rem = i;
+		for (j = 0; j < len; j++) {
+			retstr[j] = c_list[rem % c_size];
+			rem = rem / c_size;
+		}
+		retstr[j] = 0;
+		strs[i] = retstr;
+		if (rem != 0) {
+			/* we were not able to fit the number of
+			 * combinations asked for in the length
+			 * specified */
+			DEBUG(0,(__location__ ": Too many combinations %u for length %u\n",
+				 num, (unsigned)len));
+
+			talloc_free(strs);
+			return NULL;
+		}
+	}
+
+	return strs;
+}
diff --git a/lib/util/wscript_build b/lib/util/wscript_build
index 92f2545..ffd1098 100755
--- a/lib/util/wscript_build
+++ b/lib/util/wscript_build
@@ -65,7 +65,7 @@ if not bld.env.SAMBA_UTIL_CORE_ONLY:
     bld.SAMBA_LIBRARY('samba-util',
                   source='''talloc_stack.c smb_threads.c
                     rbtree.c rfc1738.c become_daemon.c system.c select.c getpass.c
-                    genrand.c fsusage.c
+                    genrand.c genrand_util.c fsusage.c
                     params.c util_id.c util_net.c
                     util_strlist.c util_paths.c idtree_random.c base64.c
                     util_str.c util_str_common.c ms_fnmatch.c
-- 
1.9.1


From 26d990b4a270bf6d033f9cacb47214e00a3a4093 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 09:05:56 +0200
Subject: [PATCH 02/24] lib: Fix whitespace

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/util/genrand.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index 4f328ea..f117907 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -1,20 +1,20 @@
-/* 
+/*
    Unix SMB/CIFS implementation.
 
    Functions to create reasonable random numbers for crypto use.
 
    Copyright (C) Jeremy Allison 2001
-   
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
@@ -69,7 +69,7 @@ static void get_rand_reseed_data(int *reseed_data)
 	}
 }
 
-/**************************************************************** 
+/****************************************************************
  Setup the seed.
 *****************************************************************/
 
@@ -95,7 +95,7 @@ static void seed_random_stream(unsigned char *seedval, size_t seedlen)
 	hash[257] = 0;
 }
 
-/**************************************************************** 
+/****************************************************************
  Get datasize bytes worth of random data.
 *****************************************************************/
 
@@ -125,7 +125,7 @@ static void get_random_stream(unsigned char *data, size_t datasize)
 }
 
 /****************************************************************
- Get a 16 byte hash from the contents of a file.  
+ Get a 16 byte hash from the contents of a file.
 
  Note that the hash is initialised, because the extra entropy is not
  worth the valgrind pain.
@@ -226,7 +226,7 @@ _PUBLIC_ void generate_random_buffer(uint8_t *out, int len)
 
 	if(!done_reseed) {
 		bytes_since_reseed += len;
-		
+
 		/* Magic constant to try and avoid reading 40 bytes
 		 * and setting up the PRNG if the app only ever wants
 		 * a few bytes */
@@ -280,6 +280,6 @@ _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len)
 	if(urand_fd != -1 && (read(urand_fd, out, len) == len)) {
 		return;
 	}
-	
+
 	generate_random_buffer(out, len);
 }
-- 
1.9.1


From 011763842536014a359eb39da03195259db9d89b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 09:28:28 +0200
Subject: [PATCH 03/24] lib: Streamline genrand.c includes

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/util/genrand.c      |  7 +++++--
 lib/util/genrand.h      | 44 ++++++++++++++++++++++++++++++++++++++++++++
 lib/util/genrand_util.c |  2 --
 lib/util/samba_util.h   | 22 +---------------------
 lib/util/wscript_build  |  2 +-
 5 files changed, 51 insertions(+), 26 deletions(-)
 create mode 100644 lib/util/genrand.h

diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index f117907..4473433 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -19,10 +19,13 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#include "includes.h"
+#include "replace.h"
 #include "system/filesys.h"
 #include "../lib/crypto/crypto.h"
-#include "system/locale.h"
+#include "lib/util/genrand.h"
+#include "lib/util/blocking.h"
+#include "lib/util/time_basic.h"
+#include "lib/util/byteorder.h"
 
 /**
  * @file
diff --git a/lib/util/genrand.h b/lib/util/genrand.h
new file mode 100644
index 0000000..73ca601
--- /dev/null
+++ b/lib/util/genrand.h
@@ -0,0 +1,44 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   Functions to create reasonable random numbers for crypto use.
+
+   Copyright (C) Jeremy Allison 2001
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/**
+ Copy any user given reseed data.
+**/
+
+void set_rand_reseed_callback(void (*fn)(void *, int *), void *userdata);
+
+/**
+ * Tell the random number generator it needs to reseed.
+ */
+void set_need_random_reseed(void);
+
+/**
+ Interface to the (hopefully) good crypto random number generator.
+ Will use our internal PRNG if more than 40 bytes of random generation
+ has been requested, otherwise tries to read from /dev/random
+**/
+void generate_random_buffer(uint8_t *out, int len);
+
+/**
+ Interface to the (hopefully) good crypto random number generator.
+ Will always use /dev/urandom if available.
+**/
+void generate_secret_buffer(uint8_t *out, int len);
diff --git a/lib/util/genrand_util.c b/lib/util/genrand_util.c
index af7aab6..fbd9998 100644
--- a/lib/util/genrand_util.c
+++ b/lib/util/genrand_util.c
@@ -20,8 +20,6 @@
 */
 
 #include "includes.h"
-#include "system/filesys.h"
-#include "../lib/crypto/crypto.h"
 #include "system/locale.h"
 
 /**
diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h
index 1c974cd..496923c 100644
--- a/lib/util/samba_util.h
+++ b/lib/util/samba_util.h
@@ -87,28 +87,8 @@ _PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,
 			     int flags);
 
 /* The following definitions come from lib/util/genrand.c  */
-/**
- Copy any user given reseed data.
-**/
-_PUBLIC_ void set_rand_reseed_callback(void (*fn)(void *, int *), void *);
-
-/**
- * Tell the random number generator it needs to reseed.
- */
-_PUBLIC_ void set_need_random_reseed(void);
 
-/**
- Interface to the (hopefully) good crypto random number generator.
- Will use our internal PRNG if more than 40 bytes of random generation
- has been requested, otherwise tries to read from /dev/random
-**/
-_PUBLIC_ void generate_random_buffer(uint8_t *out, int len);
-
-/**
- Interface to the (hopefully) good crypto random number generator.
- Will always use /dev/urandom if available.
-**/
-_PUBLIC_ void generate_secret_buffer(uint8_t *out, int len);
+#include "lib/util/genrand.h"
 
 /**
   generate a single random uint32_t
diff --git a/lib/util/wscript_build b/lib/util/wscript_build
index ffd1098..b95108a 100755
--- a/lib/util/wscript_build
+++ b/lib/util/wscript_build
@@ -74,7 +74,7 @@ if not bld.env.SAMBA_UTIL_CORE_ONLY:
                   deps='samba-util-core DYNCONFIG close-low-fd tini tiniparser',
 
                   public_deps='talloc tevent execinfo pthread LIBCRYPTO charset util_setid systemd systemd-daemon',
-                  public_headers='debug.h attr.h byteorder.h data_blob.h memory.h safe_string.h time.h talloc_stack.h xfile.h dlinklist.h samba_util.h string_wrappers.h idtree.h idtree_random.h blocking.h signal.h substitute.h fault.h',
+                  public_headers='debug.h attr.h byteorder.h data_blob.h memory.h safe_string.h time.h talloc_stack.h xfile.h dlinklist.h samba_util.h string_wrappers.h idtree.h idtree_random.h blocking.h signal.h substitute.h fault.h genrand.h',
                   header_path= [ ('dlinklist.h samba_util.h', '.'), ('*', 'util') ],
                   local_include=False,
                   vnum='0.0.1',
-- 
1.9.1


From 769fb019f0e98ccc66aaf34506002caa6344e7b6 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 09:52:49 +0200
Subject: [PATCH 04/24] lib: Simplify arcfour_crypt

We don't need a dependency on data_blob in crypto

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/crypto/arcfour.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/lib/crypto/arcfour.c b/lib/crypto/arcfour.c
index 1afd659..d310649 100644
--- a/lib/crypto/arcfour.c
+++ b/lib/crypto/arcfour.c
@@ -81,11 +81,12 @@ _PUBLIC_ void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key)
 */
 _PUBLIC_ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len)
 {
-	DATA_BLOB key = data_blob(keystr, 16);
-	
-	arcfour_crypt_blob(data, len, &key);
+	uint8_t keycopy[16];
+	DATA_BLOB key = { .data = keycopy, .length = sizeof(keycopy) };
 
-	data_blob_free(&key);
+	memcpy(keycopy, keystr, sizeof(keycopy));
+
+	arcfour_crypt_blob(data, len, &key);
 }
 
 
-- 
1.9.1


From 778fa1781470a88e7b3038379ff7ab591bd416cd Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 09:53:15 +0200
Subject: [PATCH 05/24] lib: Fix deps for LIBCRYPTO

LIBCRYPTO itself does not depend on talloc

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/crypto/wscript_build | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/crypto/wscript_build b/lib/crypto/wscript_build
index f2326a2..0224feb 100644
--- a/lib/crypto/wscript_build
+++ b/lib/crypto/wscript_build
@@ -15,12 +15,12 @@ bld.SAMBA_SUBSYSTEM('LIBCRYPTO',
         source='''crc32.c hmacmd5.c md4.c arcfour.c sha256.c sha512.c hmacsha256.c
         aes.c rijndael-alg-fst.c aes_cmac_128.c aes_ccm_128.c aes_gcm_128.c
         ''' + extra_source,
-        deps='talloc' + extra_deps
+        deps=extra_deps
         )
 
 bld.SAMBA_SUBSYSTEM('TORTURE_LIBCRYPTO',
 	source='md4test.c md5test.c hmacmd5test.c aes_cmac_128_test.c aes_gcm_128_test.c',
 	autoproto='test_proto.h',
-	deps='LIBCRYPTO'
+	deps='talloc LIBCRYPTO'
 	)
 
-- 
1.9.1


From 1e71a9d78344272c2b95ff0925bcb7145cbca4de Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 10:40:33 +0200
Subject: [PATCH 06/24] lib: Make time-basic a library

The next commit will make genrand depend on time-basic. Without this, we would
link in time-basic twice, from samba-debug and from genrand.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/util/wscript_build | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/lib/util/wscript_build b/lib/util/wscript_build
index b95108a..a1287b7 100755
--- a/lib/util/wscript_build
+++ b/lib/util/wscript_build
@@ -3,10 +3,11 @@
 # Please add any new SAMBA_SUBSYSTEM/SAMBA_LIBRARY to the bottom of the file
 # unless they are also required to build standalone ctdb.
 
-bld.SAMBA_SUBSYSTEM('time-basic',
-                    source='time_basic.c',
-                    deps='replace',
-                    local_include=False)
+bld.SAMBA_LIBRARY('time-basic',
+                  source='time_basic.c',
+                  deps='replace',
+                  private_library=True,
+                  local_include=False)
 
 bld.SAMBA_SUBSYSTEM('tini',
                     source='tini.c',
-- 
1.9.1


From 75f14f7bb8d5f9b0b3117af91fb75aae284f4b88 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 09:56:55 +0200
Subject: [PATCH 07/24] lib: Make genrand independent

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/util/wscript_build | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/util/wscript_build b/lib/util/wscript_build
index a1287b7..1014c75 100755
--- a/lib/util/wscript_build
+++ b/lib/util/wscript_build
@@ -63,16 +63,22 @@ if not bld.env.SAMBA_UTIL_CORE_ONLY:
 
     bld.env.public_headers_skip.append('charset_compat.h')
 
+    bld.SAMBA_LIBRARY('genrand',
+                      source='genrand.c',
+                      deps='time-basic socket-blocking LIBCRYPTO',
+                      local_include=False,
+                      private_library=True)
+
     bld.SAMBA_LIBRARY('samba-util',
                   source='''talloc_stack.c smb_threads.c
                     rbtree.c rfc1738.c become_daemon.c system.c select.c getpass.c
-                    genrand.c genrand_util.c fsusage.c
+                    genrand_util.c fsusage.c
                     params.c util_id.c util_net.c
                     util_strlist.c util_paths.c idtree_random.c base64.c
                     util_str.c util_str_common.c ms_fnmatch.c
                     server_id.c dprintf.c parmlist.c bitmap.c pidfile.c
                     tevent_debug.c util_process.c memcache.c''',
-                  deps='samba-util-core DYNCONFIG close-low-fd tini tiniparser',
+                  deps='samba-util-core DYNCONFIG close-low-fd tini tiniparser genrand',
 
                   public_deps='talloc tevent execinfo pthread LIBCRYPTO charset util_setid systemd systemd-daemon',
                   public_headers='debug.h attr.h byteorder.h data_blob.h memory.h safe_string.h time.h talloc_stack.h xfile.h dlinklist.h samba_util.h string_wrappers.h idtree.h idtree_random.h blocking.h signal.h substitute.h fault.h genrand.h',
-- 
1.9.1


From fdf6d756f38c9ef361f3d9f925a043b39b5bc36b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 10:02:17 +0200
Subject: [PATCH 08/24] lib: Fix CID 1272913 Calling risky function

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/addns/dnsrecord.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/addns/dnsrecord.c b/lib/addns/dnsrecord.c
index 724d0df..0d14937 100644
--- a/lib/addns/dnsrecord.c
+++ b/lib/addns/dnsrecord.c
@@ -22,6 +22,7 @@
 */
 
 #include "dns.h"
+#include "lib/util/genrand.h"
 
 DNS_ERROR dns_create_query( TALLOC_CTX *mem_ctx, const char *name,
 			    uint16_t q_type, uint16_t q_class,
@@ -39,7 +40,7 @@ DNS_ERROR dns_create_query( TALLOC_CTX *mem_ctx, const char *name,
 		return ERROR_DNS_NO_MEMORY;
 	}
 
-	req->id = random();
+	generate_random_buffer((uint8_t *)&req->id, sizeof(req->id));
 
 	req->num_questions = 1;
 	q = req->questions[0];
-- 
1.9.1


From 8a6abc48f59ee62c695c6c42482d5a951ae449aa Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 10:10:19 +0200
Subject: [PATCH 09/24] lib: Fix CID 1034723 Explicit null dereferenced

Do an early return if there's nothing to receive

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/addns/dnssock.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/lib/addns/dnssock.c b/lib/addns/dnssock.c
index b1d794d..df17523 100644
--- a/lib/addns/dnssock.c
+++ b/lib/addns/dnssock.c
@@ -321,13 +321,14 @@ static DNS_ERROR dns_receive_tcp(TALLOC_CTX *mem_ctx,
 
 	buf->size = ntohs(len);
 
-	if (buf->size) {
-		if (!(buf->data = talloc_array(buf, uint8_t, buf->size))) {
-			TALLOC_FREE(buf);
-			return ERROR_DNS_NO_MEMORY;
-		}
-	} else {
-		buf->data = NULL;
+	if (buf->size == 0) {
+		*presult = buf;
+		return ERROR_DNS_SUCCESS;
+	}
+
+	if (!(buf->data = talloc_array(buf, uint8_t, buf->size))) {
+		TALLOC_FREE(buf);
+		return ERROR_DNS_NO_MEMORY;
 	}
 
 	err = read_all(conn->s, buf->data, buf->size);
-- 
1.9.1


From 2448c23bd64d24e2b627a0c3e819450e0349df89 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 10:12:15 +0200
Subject: [PATCH 10/24] lib: Fix CID 1273234 Untrusted value as argument

buf->size has been sanitized in the checks done in talloc_array(). This makes
the "trust" flow more explicit.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/addns/dnssock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/addns/dnssock.c b/lib/addns/dnssock.c
index df17523..a45e325 100644
--- a/lib/addns/dnssock.c
+++ b/lib/addns/dnssock.c
@@ -331,7 +331,7 @@ static DNS_ERROR dns_receive_tcp(TALLOC_CTX *mem_ctx,
 		return ERROR_DNS_NO_MEMORY;
 	}
 
-	err = read_all(conn->s, buf->data, buf->size);
+	err = read_all(conn->s, buf->data, talloc_get_size(buf->data));
 	if (!ERR_DNS_IS_OK(err)) {
 		TALLOC_FREE(buf);
 		return err;
-- 
1.9.1


From 7ac9071501884afa0579b912ab3e1cec03915623 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 10:18:31 +0200
Subject: [PATCH 11/24] lib: Fix CID 710685 Unchecked return value from library

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/async_req/async_sock.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index e90f4e6..d2cda15 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -74,6 +74,7 @@ struct tevent_req *async_connect_send(
 {
 	struct tevent_req *req;
 	struct async_connect_state *state;
+	int ret;
 
 	req = tevent_req_create(mem_ctx, &state, struct async_connect_state);
 	if (req == NULL) {
@@ -105,7 +106,11 @@ struct tevent_req *async_connect_send(
 	}
 	memcpy(&state->address, address, address_len);
 
-	set_blocking(fd, false);
+	ret = set_blocking(fd, false);
+	if (ret == -1) {
+		tevent_req_error(req, errno);
+		return tevent_req_post(req, ev);
+	}
 
 	if (state->before_connect != NULL) {
 		state->before_connect(state->private_data);
-- 
1.9.1


From d0e4ea7c81662ded71aa027a2d1028bc6690afe0 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 11:03:47 +0200
Subject: [PATCH 12/24] lib: Fix CID 1272858 Copy-paste error

Coverity is wrong here, but it's a good idea to consolidate the close-loop

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/lib/messages.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/source3/lib/messages.c b/source3/lib/messages.c
index 041aa1f..78ff721 100644
--- a/source3/lib/messages.c
+++ b/source3/lib/messages.c
@@ -219,19 +219,13 @@ static void messaging_recv_cb(const uint8_t *msg, size_t msg_len,
 	size_t i;
 
 	if (msg_len < MESSAGE_HDR_LENGTH) {
-		for (i=0; i < num_fds; i++) {
-			close(fds[i]);
-		}
 		DEBUG(1, ("message too short: %u\n", (unsigned)msg_len));
-		return;
+		goto close_fail;
 	}
 
 	if (num_fds > INT8_MAX) {
-		for (i=0; i < num_fds; i++) {
-			close(fds[i]);
-		}
 		DEBUG(1, ("too many fds: %u\n", (unsigned)num_fds));
-		return;
+		goto close_fail;
 	}
 
 	/*
@@ -260,6 +254,12 @@ static void messaging_recv_cb(const uint8_t *msg, size_t msg_len,
 		   server_id_str_buf(rec.src, &idbuf)));
 
 	messaging_dispatch_rec(msg_ctx, &rec);
+	return;
+
+close_fail:
+	for (i=0; i < num_fds; i++) {
+		close(fds[i]);
+	}
 }
 
 static int messaging_context_destructor(struct messaging_context *ctx)
-- 
1.9.1


From 83723d011ec17fd4bc78c401e45273e466875bb1 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 11:06:02 +0200
Subject: [PATCH 13/24] lib: Fix CID 1128556 Dereference after null check

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/lib/messages_ctdbd.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/source3/lib/messages_ctdbd.c b/source3/lib/messages_ctdbd.c
index b4f4d63..248fc0d 100644
--- a/source3/lib/messages_ctdbd.c
+++ b/source3/lib/messages_ctdbd.c
@@ -50,6 +50,7 @@ struct ctdbd_connection *messaging_ctdbd_connection(void)
 		ev = samba_tevent_context_init(NULL);
 		if (!ev) {
 			DEBUG(0,("samba_tevent_context_init failed\n"));
+			return NULL;
 		}
 
 		msg = messaging_init(NULL, ev);
-- 
1.9.1


From 0eb1e9d5ed122efeccf6b550f867345ce378c366 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 11:22:04 +0200
Subject: [PATCH 14/24] lib: Remove unused functions

This fixes CID 1034629 Unchecked return value

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/registry/reg_objects.c | 27 ---------------------------
 source3/registry/reg_objects.h |  2 --
 2 files changed, 29 deletions(-)

diff --git a/source3/registry/reg_objects.c b/source3/registry/reg_objects.c
index 1c9e79d..2d48b26 100644
--- a/source3/registry/reg_objects.c
+++ b/source3/registry/reg_objects.c
@@ -612,30 +612,3 @@ WERROR regval_ctr_set_seqnum(struct regval_ctr *ctr, int seqnum)
 
 	return WERR_OK;
 }
-
-/***********************************************************************
- return the data_p as a uint32_t
- **********************************************************************/
-
-uint32_t regval_dword(struct regval_blob *val)
-{
-	uint32_t data;
-
-	data = IVAL( regval_data_p(val), 0 );
-
-	return data;
-}
-
-/***********************************************************************
- return the data_p as a character string
- **********************************************************************/
-
-const char *regval_sz(struct regval_blob *val)
-{
-	const char *data = NULL;
-	DATA_BLOB blob = data_blob_const(regval_data_p(val), regval_size(val));
-
-	pull_reg_sz(talloc_tos(), &blob, &data);
-
-	return data;
-}
diff --git a/source3/registry/reg_objects.h b/source3/registry/reg_objects.h
index 9e1c1d1..959fbe6 100644
--- a/source3/registry/reg_objects.h
+++ b/source3/registry/reg_objects.h
@@ -69,8 +69,6 @@ struct regval_blob* regval_ctr_getvalue(struct regval_ctr *ctr,
 					const char *name);
 int regval_ctr_get_seqnum(struct regval_ctr *ctr);
 WERROR regval_ctr_set_seqnum(struct regval_ctr *ctr, int seqnum);
-uint32_t regval_dword(struct regval_blob *val);
-const char *regval_sz(struct regval_blob *val);
 
 
 #endif /* _REG_OBJECTS_H */
-- 
1.9.1


From 485557b38b28dd66b7e5202889c18f6497d6a114 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 12:02:06 +0200
Subject: [PATCH 15/24] smbd: Fix CID 1273096 Dereference before null check

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/smbd/smb2_lock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/smbd/smb2_lock.c b/source3/smbd/smb2_lock.c
index c160731..2fcd359 100644
--- a/source3/smbd/smb2_lock.c
+++ b/source3/smbd/smb2_lock.c
@@ -475,7 +475,7 @@ static bool recalc_smb2_brl_timeout(struct smbd_server_connection *sconn)
 
 	TALLOC_FREE(sconn->smb2.locks.brl_timeout);
 
-	if (sconn != NULL && sconn->client != NULL) {
+	if (sconn->client != NULL) {
 		xconn = sconn->client->connections;
 	}
 
-- 
1.9.1


From f738aa25c56719f5112bc7e39391d7d97540dabf Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 12:48:13 +0200
Subject: [PATCH 16/24] dsdb: Fix CID 1034745 Dereference after null check

This is a cut&paste error

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/schema/schema_syntax.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c
index 2f48b25..f9c50b8 100644
--- a/source4/dsdb/schema/schema_syntax.c
+++ b/source4/dsdb/schema/schema_syntax.c
@@ -801,7 +801,7 @@ static WERROR dsdb_syntax_NTTIME_validate_ldb(const struct dsdb_syntax_ctx *ctx,
 		}
 
 		if (attr->rangeUpper) {
-			if ((int32_t)t > (int32_t)*attr->rangeLower) {
+			if ((int32_t)t > (int32_t)*attr->rangeUpper) {
 				return WERR_DS_INVALID_ATTRIBUTE_SYNTAX;
 			}
 		}
-- 
1.9.1


From 4e3e1858938b383d0aa9ef2a776e4231f78ac0cc Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:39:58 +0200
Subject: [PATCH 17/24] dsdb: Fix CID 1034804 Dereference null return value

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/util.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
index 4c81a1d..513dc06 100644
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -1234,6 +1234,9 @@ int dsdb_module_constrainted_update_int64(struct ldb_module *module,
 	int ret;
 
 	msg = ldb_msg_new(module);
+	if (msg == NULL) {
+		return ldb_module_oom(module);
+	}
 	msg->dn = dn;
 
 	ret = dsdb_msg_constrainted_update_int64(module,
-- 
1.9.1


From 9cf2dd7f0bc9945252b3311e67e8c4c65e9be8cf Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:40:42 +0200
Subject: [PATCH 18/24] dsdb: Fix CID 1034803 Dereference null return value

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/util.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
index 513dc06..1455760 100644
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -1192,6 +1192,9 @@ int dsdb_module_constrainted_update_int32(struct ldb_module *module,
 	int ret;
 
 	msg = ldb_msg_new(module);
+	if (msg == NULL) {
+		return ldb_module_oom(module);
+	}
 	msg->dn = dn;
 
 	ret = dsdb_msg_constrainted_update_int32(module,
-- 
1.9.1


From 9db80594d35db916d5e4909833b9ab6856ce53f2 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:42:06 +0200
Subject: [PATCH 19/24] dsdb: Fix CID 1034743 Dereference after null check

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/simple_dn.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/dsdb/samdb/ldb_modules/simple_dn.c b/source4/dsdb/samdb/ldb_modules/simple_dn.c
index c7b800f..80ef3b5 100644
--- a/source4/dsdb/samdb/ldb_modules/simple_dn.c
+++ b/source4/dsdb/samdb/ldb_modules/simple_dn.c
@@ -44,7 +44,7 @@ static int simple_dn_search(struct ldb_module *module, struct ldb_request *req)
 
 	new_base = ldb_dn_copy(req, req->op.search.base);
 	if (!new_base) {
-		ldb_module_oom(module);
+		return ldb_module_oom(module);
 	}
 
 	ldb_dn_remove_extended_components(new_base);
-- 
1.9.1


From 67a5dd7781b8d7bf524de8094802cbe3bb003a71 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:44:05 +0200
Subject: [PATCH 20/24] dsdb: Fix CID 1034742 Dereference after null check

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/schema_util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/dsdb/samdb/ldb_modules/schema_util.c b/source4/dsdb/samdb/ldb_modules/schema_util.c
index c6d8ade..7402c04 100644
--- a/source4/dsdb/samdb/ldb_modules/schema_util.c
+++ b/source4/dsdb/samdb/ldb_modules/schema_util.c
@@ -240,7 +240,7 @@ static int dsdb_module_schema_info_write(struct ldb_module *ldb_module,
 
 	temp_ctx = talloc_new(ldb_module);
 	if (temp_ctx == NULL) {
-		return ldb_module_oom(temp_ctx);
+		return ldb_module_oom(ldb_module);
 	}
 
 	/* convert schema_info to a blob */
-- 
1.9.1


From 6966b39fdfb1418aab1c8ffb503cc5720cdc8e20 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:46:12 +0200
Subject: [PATCH 21/24] dsdb: Fix CID 1034802 Dereference null return value

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/rootdse.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 111266f..f26bc94 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -1178,6 +1178,10 @@ static int rootdse_enable_recycle_bin(struct ldb_module *module,struct ldb_conte
 	}
 
 	msg = ldb_msg_new(tmp_ctx);
+	if (msg == NULL) {
+		talloc_free(tmp_ctx);
+		return ldb_module_oom(module);
+	}
 	msg->dn = ntds_settings_dn;
 
 	ldb_msg_add_linearized_dn(msg, "msDS-EnabledFeature", op_feature_msg->dn);
-- 
1.9.1


From dce2741173a4115fabb373d24e5d2043f2fa6ff1 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:53:39 +0200
Subject: [PATCH 22/24] dsdb: Fix CID 1034719 Evaluation order violation

We assigned lp_ctx twice...

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/password_hash.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index cd23ab7..5defc1d 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -2227,9 +2227,8 @@ static int setup_io(struct ph_context *ac,
 { 
 	const struct ldb_val *quoted_utf16, *old_quoted_utf16, *lm_hash, *old_lm_hash;
 	struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
-	struct loadparm_context *lp_ctx =
-		lp_ctx = talloc_get_type(ldb_get_opaque(ldb, "loadparm"),
-					 struct loadparm_context);
+	struct loadparm_context *lp_ctx = talloc_get_type(
+		ldb_get_opaque(ldb, "loadparm"), struct loadparm_context);
 	int ret;
 
 	ZERO_STRUCTP(io);
-- 
1.9.1


From c5f7910f31d95eeb5849e495c0676cb64a3a5d31 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:56:50 +0200
Subject: [PATCH 23/24] dsdb: Fix CID 1034687 Logically dead code

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/operational.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c
index 66dfca0..8390230 100644
--- a/source4/dsdb/samdb/ldb_modules/operational.c
+++ b/source4/dsdb/samdb/ldb_modules/operational.c
@@ -617,9 +617,6 @@ static int construct_msds_keyversionnumber(struct ldb_module *module,
 		/* We can't make up a key version number without meta data */
 		return LDB_SUCCESS;
 	}
-	if (!omd_value) {
-		return LDB_SUCCESS;
-	}
 
 	omd = talloc(msg, struct replPropertyMetaDataBlob);
 	if (!omd) {
-- 
1.9.1


From 9539c244a79fa72f7648fc1da5c4dc64ac671203 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 23 Jun 2015 14:58:11 +0200
Subject: [PATCH 24/24] dsdb: Fix CID 1034902 Dereference before null check

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source4/dsdb/samdb/ldb_modules/extended_dn_out.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source4/dsdb/samdb/ldb_modules/extended_dn_out.c b/source4/dsdb/samdb/ldb_modules/extended_dn_out.c
index 7083522..bdb35be 100644
--- a/source4/dsdb/samdb/ldb_modules/extended_dn_out.c
+++ b/source4/dsdb/samdb/ldb_modules/extended_dn_out.c
@@ -82,7 +82,7 @@ static int extended_dn_out_dereference_setup_control(struct ldb_context *ldb, st
 		dereference_control->dereference
 			= talloc_realloc(p, dereference_control->dereference,
 					 struct dsdb_openldap_dereference *, i + 2);
-		if (!dereference_control) {
+		if (!dereference_control->dereference) {
 			return ldb_oom(ldb);
 		}
 		dereference_control->dereference[i] = talloc(dereference_control->dereference,
-- 
1.9.1



More information about the samba-technical mailing list