[PATCH] Fix two CIDs
Jeremy Allison
jra at samba.org
Tue Nov 21 21:03:48 UTC 2017
On Tue, Nov 21, 2017 at 09:04:35PM +0100, Volker Lendecke via samba-technical wrote:
> Hi!
>
> This NEWLY pushed file so severely needs overhaul to match
> README.Coding :-(
>
> For example there are several if-statements without {} around the
> code. There's a reason why we don't want this: CVE 2014-1266, which
> was an early one with a famous name. Is this file so completely immune
> to any security-relevant exposure that this does not matter here? How
> have we verified that this is irrelevant to security?
>
> I'm not talking about the cosmetic 80-column thingy, something which
> this file does not follow either. I am talking about our way to
> protect from one aspect of security-aware coding, and a very easily
> implemented one.
>
> Garming and Andrew, you have both reviewed this file: Can you please
> explain these obvious violations of README.Coding?
RB+. Pushed !
Thanks,
Jeremy.
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
> http://www.sernet.de, mailto:kontakt at sernet.de
> From ab3f509ee25d90af7b51168a297a77a242474305 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Tue, 21 Nov 2017 20:30:08 +0100
> Subject: [PATCH 1/2] libgpo: Fix CID 1422262 Explicit null dereferenced
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> libgpo/pygpo.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c
> index a54ddb98fe7..619985239cb 100644
> --- a/libgpo/pygpo.c
> +++ b/libgpo/pygpo.c
> @@ -175,12 +175,16 @@ static int py_ads_init(ADS *self, PyObject *args, PyObject *kwds)
> }
>
> if (lp_obj) {
> + bool ok;
> lp_ctx = pytalloc_get_type(lp_obj, struct loadparm_context);
> if (lp_ctx == NULL) {
> return -1;
> }
> + ok = lp_load_initial_only(lp_ctx->szConfigFile);
> + if (!ok) {
> + return -1;
> + }
> }
> - if (!lp_load_initial_only(lp_ctx->szConfigFile)) return -1;
>
> if (self->cli_creds) {
> realm = cli_credentials_get_realm(self->cli_creds);
> --
> 2.11.0
>
>
> From 4b9ebfb65f675b3b51ee412c2f9ba8eb7de48814 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Tue, 21 Nov 2017 20:41:47 +0100
> Subject: [PATCH 2/2] libgpo: Fix CID 1422263 Resource leak
>
> ---
> libgpo/pygpo.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c
> index 619985239cb..d7bb17382b2 100644
> --- a/libgpo/pygpo.c
> +++ b/libgpo/pygpo.c
> @@ -248,6 +248,7 @@ static PyObject* py_ads_connect(ADS *self)
> if (!strupper_m(self->ads_ptr->auth.realm)) {
> PyErr_SetString(PyExc_SystemError, "Failed to strdup");
> TALLOC_FREE(frame);
> + SAFE_FREE(passwd);
> Py_RETURN_FALSE;
> }
>
> @@ -255,6 +256,7 @@ static PyObject* py_ads_connect(ADS *self)
> if (!ADS_ERR_OK(status)) {
> PyErr_SetString(PyExc_SystemError, "ads_connect() failed");
> TALLOC_FREE(frame);
> + SAFE_FREE(passwd);
> Py_RETURN_FALSE;
> }
> }
> --
> 2.11.0
>
More information about the samba-technical
mailing list