Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939

https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
description: Catch possible NULL pointer in handle_handshake_done().
Endi S. Dewata 15 years ago
parent
b89a1eae02
commit
7c9b3a5ac8
1 changed files with 14 additions and 9 deletions
Split View Show Diff Stats
  1. 14 9
      ldap/servers/slapd/auth.c

+ 14 - 9
ldap/servers/slapd/auth.c
View File 

@@ -440,6 +440,7 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData)
 
     char* extraErrorMsg = "";
 
 	SSLChannelInfo channelInfo;
 
 	SSLCipherSuiteInfo cipherInfo;
 
+	char* subject = NULL;
 
 
 	if ( (slapd_ssl_getChannelInfo (prfd, &channelInfo, sizeof(channelInfo))) != SECSuccess ) {
 
 		PRErrorCode errorCode = PR_GetError();
 
@@ -447,7 +448,7 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData)
 
 			"conn=%" NSPRIu64 " SSL failed to obtain channel info; "
 
 			SLAPI_COMPONENT_NAME_NSPR " error %i (%s)\n",
 
 			conn->c_connid, errorCode, slapd_pr_strerror(errorCode));
 
-		return;
 
+		goto done;
 
 	}
 
 	if ( (slapd_ssl_getCipherSuiteInfo (channelInfo.cipherSuite, &cipherInfo, sizeof(cipherInfo)) )
 
 			!= SECSuccess) {
 
@@ -456,7 +457,7 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData)
 
 			"conn=%" NSPRIu64 " SSL failed to obtain cipher info; "
 
 			SLAPI_COMPONENT_NAME_NSPR " error %i (%s)\n",
 
 			conn->c_connid, errorCode, slapd_pr_strerror(errorCode));
 
-		return;
 
+		goto done;
 
 	}
 
 
 	keySize = cipherInfo.effectiveKeyBits;
 
@@ -468,22 +469,26 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData)
 
     if ( conn->c_flags & CONN_FLAG_START_TLS ) {
 
         if ( cipherInfo.symKeyBits == 0 ) {
 
 	        start_tls_graceful_closure( conn, NULL, 1 );
 
-			slapi_ch_free_string(&cipher);
 
-	        return ;
 
+		goto done;
 
 	}
 
     }
 
 
     if (config_get_SSLclientAuth() == SLAPD_SSLCLIENTAUTH_OFF ) {
 
 		slapi_log_access (LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " SSL %i-bit %s\n",
 
 		   		conn->c_connid, keySize, cipher ? cipher : "NULL" );
 
-		slapi_ch_free_string(&cipher);
 
-		return;
 
+		goto done;
 
     } 
     if (clientCert == NULL) {
 
 	slapi_log_access (LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " SSL %i-bit %s\n",
 
 		   conn->c_connid, keySize, cipher ? cipher : "NULL" );
 
     } else {
 
-	char* subject = subject_of (clientCert);
 
+	subject = subject_of (clientCert);
 
+	if (!subject) {
 
+		slapi_log_access( LDAP_DEBUG_STATS,
 
+		       "conn=%" NSPRIu64 " SSL %i-bit %s; missing subject\n",
 
+		       conn->c_connid, keySize, cipher ? cipher : "NULL");
 
+		goto done;
 
+	}
 
 	{
 
 	    char* issuer  = issuer_of (clientCert);
 
 	    char sbuf[ BUFSIZ ], ibuf[ BUFSIZ ];
 
@@ -521,7 +526,6 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData)
 
 		slapi_ch_free_string(&basedn);
 
 	    slapu_msgfree (internal_ld, chain);
 
 	}
 
-	if (subject) free (subject);
 
     }
 
 
     if (clientDN != NULL) {
 
@@ -555,7 +559,8 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData)
 
 	 */
 
 	bind_credentials_set( conn, SLAPD_AUTH_SSL, clientDN,
 
 			SLAPD_AUTH_SSL, clientDN, clientCert , NULL);
 
-
 
+done:
 
+    slapi_ch_free_string(&subject);
 
     slapi_ch_free_string(&cipher);
 
     /* clientDN and clientCert will be freed later */
 
 }