[PATCH] Fix two CIDs
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Nov 21 20:04:35 UTC 2017
Hi!
This NEWLY pushed file so severely needs overhaul to match
README.Coding :-(
For example there are several if-statements without {} around the
code. There's a reason why we don't want this: CVE 2014-1266, which
was an early one with a famous name. Is this file so completely immune
to any security-relevant exposure that this does not matter here? How
have we verified that this is irrelevant to security?
I'm not talking about the cosmetic 80-column thingy, something which
this file does not follow either. I am talking about our way to
protect from one aspect of security-aware coding, and a very easily
implemented one.
Garming and Andrew, you have both reviewed this file: Can you please
explain these obvious violations of README.Coding?
Thanks, Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From ab3f509ee25d90af7b51168a297a77a242474305 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 21 Nov 2017 20:30:08 +0100
Subject: [PATCH 1/2] libgpo: Fix CID 1422262 Explicit null dereferenced
Signed-off-by: Volker Lendecke <vl at samba.org>
---
libgpo/pygpo.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c
index a54ddb98fe7..619985239cb 100644
--- a/libgpo/pygpo.c
+++ b/libgpo/pygpo.c
@@ -175,12 +175,16 @@ static int py_ads_init(ADS *self, PyObject *args, PyObject *kwds)
}
if (lp_obj) {
+ bool ok;
lp_ctx = pytalloc_get_type(lp_obj, struct loadparm_context);
if (lp_ctx == NULL) {
return -1;
}
+ ok = lp_load_initial_only(lp_ctx->szConfigFile);
+ if (!ok) {
+ return -1;
+ }
}
- if (!lp_load_initial_only(lp_ctx->szConfigFile)) return -1;
if (self->cli_creds) {
realm = cli_credentials_get_realm(self->cli_creds);
--
2.11.0
From 4b9ebfb65f675b3b51ee412c2f9ba8eb7de48814 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 21 Nov 2017 20:41:47 +0100
Subject: [PATCH 2/2] libgpo: Fix CID 1422263 Resource leak
---
libgpo/pygpo.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c
index 619985239cb..d7bb17382b2 100644
--- a/libgpo/pygpo.c
+++ b/libgpo/pygpo.c
@@ -248,6 +248,7 @@ static PyObject* py_ads_connect(ADS *self)
if (!strupper_m(self->ads_ptr->auth.realm)) {
PyErr_SetString(PyExc_SystemError, "Failed to strdup");
TALLOC_FREE(frame);
+ SAFE_FREE(passwd);
Py_RETURN_FALSE;
}
@@ -255,6 +256,7 @@ static PyObject* py_ads_connect(ADS *self)
if (!ADS_ERR_OK(status)) {
PyErr_SetString(PyExc_SystemError, "ads_connect() failed");
TALLOC_FREE(frame);
+ SAFE_FREE(passwd);
Py_RETURN_FALSE;
}
}
--
2.11.0
More information about the samba-technical
mailing list