[CalendarServer-changes] [15140] PyKerberos/trunk/src
source_changes at macosforge.org
source_changes at macosforge.org
Mon Sep 21 07:19:48 PDT 2015
Revision: 15140
http://trac.calendarserver.org//changeset/15140
Author: cdaboo at apple.com
Date: 2015-09-21 07:19:48 -0700 (Mon, 21 Sep 2015)
Log Message:
-----------
Properly handle NULL results of memory allocation.
Modified Paths:
--------------
PyKerberos/trunk/src/base64.c
PyKerberos/trunk/src/kerberos.c
PyKerberos/trunk/src/kerberosbasic.c
PyKerberos/trunk/src/kerberosgss.c
PyKerberos/trunk/src/kerberospw.c
Modified: PyKerberos/trunk/src/base64.c
===================================================================
--- PyKerberos/trunk/src/base64.c 2015-09-20 17:15:56 UTC (rev 15139)
+++ PyKerberos/trunk/src/base64.c 2015-09-21 14:19:48 UTC (rev 15140)
@@ -43,6 +43,10 @@
char *base64_encode(const unsigned char *value, size_t vlen)
{
char *result = (char *)malloc((vlen * 4) / 3 + 5);
+ if (result == NULL)
+ {
+ return NULL;
+ }
char *out = result;
while (vlen >= 3)
{
@@ -79,6 +83,10 @@
size_t vlen = strlen(value);
unsigned char *result =(unsigned char *)malloc((vlen * 3) / 4 + 1);
+ if (result == NULL)
+ {
+ return NULL;
+ }
unsigned char *out = result;
while (1) {
Modified: PyKerberos/trunk/src/kerberos.c
===================================================================
--- PyKerberos/trunk/src/kerberos.c 2015-09-20 17:15:56 UTC (rev 15139)
+++ PyKerberos/trunk/src/kerberos.c 2015-09-21 14:19:48 UTC (rev 15140)
@@ -108,7 +108,7 @@
{
const char *service = NULL;
const char *hostname = NULL;
- char* result;
+ char* result = NULL;
if (! PyArg_ParseTuple(args, "ss", &service, &hostname)) {
return NULL;
@@ -147,6 +147,11 @@
}
state = (gss_client_state *) malloc(sizeof(gss_client_state));
+ if (state == NULL)
+ {
+ PyErr_NoMemory();
+ return NULL;
+ }
pystate = PyCObject_FromVoidPtr(state, NULL);
if (pydelegatestate != NULL && PyCObject_Check(pydelegatestate)) {
@@ -419,6 +424,11 @@
}
state = (gss_server_state *) malloc(sizeof(gss_server_state));
+ if (state == NULL)
+ {
+ PyErr_NoMemory();
+ return NULL;
+ }
pystate = PyCObject_FromVoidPtr(state, NULL);
result = authenticate_gss_server_init(service, state);
Modified: PyKerberos/trunk/src/kerberosbasic.c
===================================================================
--- PyKerberos/trunk/src/kerberosbasic.c 2015-09-20 17:15:56 UTC (rev 15139)
+++ PyKerberos/trunk/src/kerberosbasic.c 2015-09-21 14:19:48 UTC (rev 15140)
@@ -76,6 +76,12 @@
name = NULL;
name = (char *)malloc(256);
+ if (name == NULL)
+ {
+ PyErr_NoMemory();
+ ret = 0;
+ goto end;
+ }
p = strchr(user, '@');
if (p == NULL) {
snprintf(name, 256, "%s@%s", user, default_realm);
Modified: PyKerberos/trunk/src/kerberosgss.c
===================================================================
--- PyKerberos/trunk/src/kerberosgss.c 2015-09-20 17:15:56 UTC (rev 15139)
+++ PyKerberos/trunk/src/kerberosgss.c 2015-09-21 14:19:48 UTC (rev 15140)
@@ -93,6 +93,11 @@
if (strncmp(pname, match, match_len) == 0) {
result = malloc(strlen(pname) + 1);
+ if (result == NULL)
+ {
+ PyErr_NoMemory();
+ goto end;
+ }
strcpy(result, pname);
krb5_free_unparsed_name(kcontext, pname);
krb5_free_keytab_entry_contents(kcontext, &entry);
@@ -245,6 +250,12 @@
if (challenge && *challenge) {
size_t len;
input_token.value = base64_decode(challenge, &len);
+ if (input_token.value == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
input_token.length = len;
}
@@ -276,7 +287,13 @@
ret = (maj_stat == GSS_S_COMPLETE) ? AUTH_GSS_COMPLETE : AUTH_GSS_CONTINUE;
// Grab the client response to send back to the server
if (output_token.length) {
- state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
+ state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);
+ if (state->response == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
maj_stat = gss_release_buffer(&min_stat, &output_token);
}
@@ -303,6 +320,12 @@
goto end;
} else {
state->username = (char *)malloc(name_token.length + 1);
+ if (state->username == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
strncpy(state->username, (char*) name_token.value, name_token.length);
state->username[name_token.length] = 0;
gss_release_buffer(&min_stat, &name_token);
@@ -341,6 +364,11 @@
if (challenge && *challenge) {
size_t len;
input_token.value = base64_decode(challenge, &len);
+ if (input_token.value == NULL) {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
input_token.length = len;
}
@@ -367,6 +395,12 @@
state->response = base64_encode(
(const unsigned char *)output_token.value, output_token.length
);
+ if (state->response == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
state->responseConf = conf;
maj_stat = gss_release_buffer(&min_stat, &output_token);
}
@@ -402,6 +436,12 @@
if (challenge && *challenge) {
size_t len;
input_token.value = base64_decode(challenge, &len);
+ if (input_token.value == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
input_token.length = len;
}
@@ -451,7 +491,12 @@
}
// Grab the client response to send back to the server
if (output_token.length) {
- state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
+ state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);
+ if (state->response == NULL) {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
maj_stat = gss_release_buffer(&min_stat, &output_token);
}
@@ -630,6 +675,12 @@
if (challenge && *challenge) {
size_t len;
input_token.value = base64_decode(challenge, &len);
+ if (input_token.value == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
input_token.length = len;
} else {
PyErr_SetString(
@@ -665,7 +716,13 @@
if (output_token.length) {
state->response = base64_encode(
(const unsigned char *)output_token.value, output_token.length
- );;
+ );
+ if (state->response == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
maj_stat = gss_release_buffer(&min_stat, &output_token);
}
@@ -679,6 +736,12 @@
goto end;
}
state->username = (char *)malloc(output_token.length + 1);
+ if (state->username == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
strncpy(state->username, (char*) output_token.value, output_token.length);
state->username[output_token.length] = 0;
@@ -703,6 +766,12 @@
goto end;
}
state->targetname = (char *)malloc(output_token.length + 1);
+ if (state->targetname == NULL)
+ {
+ PyErr_NoMemory();
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
strncpy(
state->targetname, (char*) output_token.value, output_token.length
);
@@ -906,6 +975,11 @@
}
state->ccname = (char *)malloc(32*sizeof(char));
+ if (state->ccname == NULL)
+ {
+ PyErr_NoMemory();
+ return 1;
+ }
strcpy(state->ccname, ccname);
return ret;
Modified: PyKerberos/trunk/src/kerberospw.c
===================================================================
--- PyKerberos/trunk/src/kerberospw.c 2015-09-20 17:15:56 UTC (rev 15139)
+++ PyKerberos/trunk/src/kerberospw.c 2015-09-21 14:19:48 UTC (rev 15140)
@@ -86,6 +86,7 @@
krb5_principal client = NULL;
krb5_creds creds;
int ret = 0;
+ int bytes = 0;
char *name = NULL;
const char* service = "kadmin/changepw";
@@ -104,6 +105,11 @@
}
name = (char *)malloc(256);
+ if (name == NULL)
+ {
+ PyErr_NoMemory();
+ goto end;
+ }
snprintf(name, 256, "%s", user);
code = krb5_parse_name(kcontext, name, &client);
@@ -125,18 +131,25 @@
}
if (result_code) {
char *message = NULL;
- asprintf(
+ bytes = asprintf(
&message, "%.*s: %.*s",
(int) result_code_string.length,
(char *) result_code_string.data,
(int) result_string.length,
(char *) result_string.data
);
- PyErr_SetObject(
- PwdChangeException_class,
- Py_BuildValue("((s:i))", message, result_code)
- );
- free(message);
+ if (bytes == -1)
+ {
+ PyErr_NoMemory();
+ }
+ else
+ {
+ PyErr_SetObject(
+ PwdChangeException_class,
+ Py_BuildValue("((s:i))", message, result_code)
+ );
+ free(message);
+ }
goto end;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20150921/80cec77b/attachment-0001.html>
More information about the calendarserver-changes
mailing list