Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Dec 2022 14:26:09 GMT
From:      Cy Schubert <cy@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: ca2e0c6b4afe - stable/12 - heimdal: Add missing kadm5 error checks
Message-ID:  <202212011426.2B1EQ9Tf079713@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/12 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=ca2e0c6b4afe8b0a69e8e9e212ce447ba839f8ec

commit ca2e0c6b4afe8b0a69e8e9e212ce447ba839f8ec
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2022-11-26 17:06:09 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2022-12-01 14:25:53 +0000

    heimdal: Add missing kadm5 error checks
    
    Obtained from:  Heimdal commit 4a0e01f9edabe36d0f2cab188078dd29fa5aaf02
    
    (cherry picked from commit 879b0e9cd2ada8f815e208d31feb4b7c05ba7e4a)
---
 crypto/heimdal/lib/kadm5/get_princs_s.c | 3 ++-
 crypto/heimdal/lib/kadm5/get_s.c        | 2 ++
 crypto/heimdal/lib/kadm5/rename_s.c     | 4 +++-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/crypto/heimdal/lib/kadm5/get_princs_s.c b/crypto/heimdal/lib/kadm5/get_princs_s.c
index 55c8f2e98b60..3ccd18f87a14 100644
--- a/crypto/heimdal/lib/kadm5/get_princs_s.c
+++ b/crypto/heimdal/lib/kadm5/get_princs_s.c
@@ -93,7 +93,8 @@ kadm5_s_get_principals(void *server_handle,
     d.exp = expression;
     {
 	krb5_realm r;
-	krb5_get_default_realm(context->context, &r);
+	if ((ret = krb5_get_default_realm(context->context, &r)))
+	    return (ret);
 	asprintf(&d.exp2, "%s@%s", expression, r);
 	free(r);
     }
diff --git a/crypto/heimdal/lib/kadm5/get_s.c b/crypto/heimdal/lib/kadm5/get_s.c
index 6c456e118316..6c966a9281e1 100644
--- a/crypto/heimdal/lib/kadm5/get_s.c
+++ b/crypto/heimdal/lib/kadm5/get_s.c
@@ -231,6 +231,8 @@ kadm5_s_get_principal(void *server_handle,
 	    unsigned char buf[4];
 	    _krb5_put_int(buf, last_pw_expire, sizeof(buf));
 	    ret = add_tl_data(out, KRB5_TL_LAST_PWD_CHANGE, buf, sizeof(buf));
+	    if (ret)
+		goto out;
 	}
 	if(ret){
 	    kadm5_free_principal_ent(context, out);
diff --git a/crypto/heimdal/lib/kadm5/rename_s.c b/crypto/heimdal/lib/kadm5/rename_s.c
index 08351290c9a6..1b3cc5a11f3b 100644
--- a/crypto/heimdal/lib/kadm5/rename_s.c
+++ b/crypto/heimdal/lib/kadm5/rename_s.c
@@ -66,7 +66,9 @@ kadm5_s_rename_principal(void *server_handle,
 	Salt salt;
 	krb5_salt salt2;
 	memset(&salt, 0, sizeof(salt));
-	krb5_get_pw_salt(context->context, source, &salt2);
+	ret = krb5_get_pw_salt(context->context, source, &salt2);
+	if (ret)
+	    goto out;
 	salt.type = hdb_pw_salt;
 	salt.salt = salt2.saltvalue;
 	for(i = 0; i < ent.entry.keys.len; i++){

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202212011426.2B1EQ9Tf079713>