Date: Wed, 20 Apr 2016 00:50:17 +0000 (UTC) From: "Pedro F. Giffuni" <pfg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r298316 - stable/9/lib/libgssapi Message-ID: <201604200050.u3K0oHhZ015836@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pfg Date: Wed Apr 20 00:50:17 2016 New Revision: 298316 URL: https://svnweb.freebsd.org/changeset/base/298316 Log: MFC 297942: libgssapi: avoid NULL pointer dereferences. While here also use NULL instead of zero for pointers. Modified: stable/9/lib/libgssapi/gss_add_cred.c stable/9/lib/libgssapi/gss_encapsulate_token.c stable/9/lib/libgssapi/gss_get_mic.c stable/9/lib/libgssapi/gss_inquire_context.c stable/9/lib/libgssapi/gss_mech_switch.c stable/9/lib/libgssapi/gss_pseudo_random.c stable/9/lib/libgssapi/gss_verify_mic.c stable/9/lib/libgssapi/gss_wrap.c stable/9/lib/libgssapi/gss_wrap_size_limit.c Directory Properties: stable/9/lib/libgssapi/ (props changed) Modified: stable/9/lib/libgssapi/gss_add_cred.c ============================================================================== --- stable/9/lib/libgssapi/gss_add_cred.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_add_cred.c Wed Apr 20 00:50:17 2016 (r298316) @@ -121,7 +121,7 @@ gss_add_cred(OM_uint32 *minor_status, * gss_add_cred for that mechanism, otherwise we copy the mc * to new_cred. */ - target_mc = 0; + target_mc = NULL; if (cred) { SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { if (gss_oid_equal(mc->gmc_mech_oid, desired_mech)) { @@ -151,7 +151,7 @@ gss_add_cred(OM_uint32 *minor_status, return (major_status); } } else { - mn = 0; + mn = NULL; } m = _gss_find_mech_switch(desired_mech); Modified: stable/9/lib/libgssapi/gss_encapsulate_token.c ============================================================================== --- stable/9/lib/libgssapi/gss_encapsulate_token.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_encapsulate_token.c Wed Apr 20 00:50:17 2016 (r298316) @@ -47,7 +47,7 @@ gss_encapsulate_token(const gss_buffer_t * First time around, we calculate the size, second time, we * encode the token. */ - p = 0; + p = NULL; for (i = 0; i < 2; i++) { len = 0; Modified: stable/9/lib/libgssapi/gss_get_mic.c ============================================================================== --- stable/9/lib/libgssapi/gss_get_mic.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_get_mic.c Wed Apr 20 00:50:17 2016 (r298316) @@ -40,13 +40,14 @@ gss_get_mic(OM_uint32 *minor_status, gss_buffer_t message_token) { struct _gss_context *ctx = (struct _gss_context *) context_handle; - struct _gss_mech_switch *m = ctx->gc_mech; + struct _gss_mech_switch *m; _gss_buffer_zero(message_token); if (ctx == NULL) { *minor_status = 0; return (GSS_S_NO_CONTEXT); } + m = ctx->gc_mech; return (m->gm_get_mic(minor_status, ctx->gc_ctx, qop_req, message_buffer, message_token)); Modified: stable/9/lib/libgssapi/gss_inquire_context.c ============================================================================== --- stable/9/lib/libgssapi/gss_inquire_context.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_inquire_context.c Wed Apr 20 00:50:17 2016 (r298316) @@ -99,7 +99,7 @@ gss_inquire_context(OM_uint32 *minor_sta if (src_name) gss_release_name(minor_status, src_name); m->gm_release_name(minor_status, &src_mn); - minor_status = 0; + minor_status = NULL; return (GSS_S_FAILURE); } *targ_name = (gss_name_t) name; Modified: stable/9/lib/libgssapi/gss_mech_switch.c ============================================================================== --- stable/9/lib/libgssapi/gss_mech_switch.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_mech_switch.c Wed Apr 20 00:50:17 2016 (r298316) @@ -83,7 +83,7 @@ _gss_string_to_oid(const char* s, gss_OI * out the size. Second time around, we actually encode the * number. */ - res = 0; + res = NULL; for (i = 0; i < 2; i++) { byte_count = 0; for (p = s, j = 0; p; p = q, j++) { Modified: stable/9/lib/libgssapi/gss_pseudo_random.c ============================================================================== --- stable/9/lib/libgssapi/gss_pseudo_random.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_pseudo_random.c Wed Apr 20 00:50:17 2016 (r298316) @@ -48,7 +48,7 @@ gss_pseudo_random(OM_uint32 *minor_statu gss_buffer_t prf_out) { struct _gss_context *ctx = (struct _gss_context *) context; - struct _gss_mech_switch *m = ctx->gc_mech; + struct _gss_mech_switch *m; OM_uint32 major_status; _gss_buffer_zero(prf_out); @@ -58,6 +58,7 @@ gss_pseudo_random(OM_uint32 *minor_statu *minor_status = 0; return GSS_S_NO_CONTEXT; } + m = ctx->gc_mech; if (m->gm_pseudo_random == NULL) return GSS_S_UNAVAILABLE; Modified: stable/9/lib/libgssapi/gss_verify_mic.c ============================================================================== --- stable/9/lib/libgssapi/gss_verify_mic.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_verify_mic.c Wed Apr 20 00:50:17 2016 (r298316) @@ -39,7 +39,7 @@ gss_verify_mic(OM_uint32 *minor_status, gss_qop_t *qop_state) { struct _gss_context *ctx = (struct _gss_context *) context_handle; - struct _gss_mech_switch *m = ctx->gc_mech; + struct _gss_mech_switch *m; if (qop_state) *qop_state = 0; @@ -47,6 +47,7 @@ gss_verify_mic(OM_uint32 *minor_status, *minor_status = 0; return (GSS_S_NO_CONTEXT); } + m = ctx->gc_mech; return (m->gm_verify_mic(minor_status, ctx->gc_ctx, message_buffer, token_buffer, qop_state)); Modified: stable/9/lib/libgssapi/gss_wrap.c ============================================================================== --- stable/9/lib/libgssapi/gss_wrap.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_wrap.c Wed Apr 20 00:50:17 2016 (r298316) @@ -42,7 +42,7 @@ gss_wrap(OM_uint32 *minor_status, gss_buffer_t output_message_buffer) { struct _gss_context *ctx = (struct _gss_context *) context_handle; - struct _gss_mech_switch *m = ctx->gc_mech; + struct _gss_mech_switch *m; if (conf_state) *conf_state = 0; @@ -51,6 +51,7 @@ gss_wrap(OM_uint32 *minor_status, *minor_status = 0; return (GSS_S_NO_CONTEXT); } + m = ctx->gc_mech; return (m->gm_wrap(minor_status, ctx->gc_ctx, conf_req_flag, qop_req, input_message_buffer, Modified: stable/9/lib/libgssapi/gss_wrap_size_limit.c ============================================================================== --- stable/9/lib/libgssapi/gss_wrap_size_limit.c Wed Apr 20 00:49:49 2016 (r298315) +++ stable/9/lib/libgssapi/gss_wrap_size_limit.c Wed Apr 20 00:50:17 2016 (r298316) @@ -40,13 +40,14 @@ gss_wrap_size_limit(OM_uint32 *minor_sta OM_uint32 *max_input_size) { struct _gss_context *ctx = (struct _gss_context *) context_handle; - struct _gss_mech_switch *m = ctx->gc_mech; + struct _gss_mech_switch *m; *max_input_size = 0; if (ctx == NULL) { *minor_status = 0; return (GSS_S_NO_CONTEXT); } + m = ctx->gc_mech; return (m->gm_wrap_size_limit(minor_status, ctx->gc_ctx, conf_req_flag, qop_req, req_output_size, max_input_size));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201604200050.u3K0oHhZ015836>