aboutsummaryrefslogtreecommitdiff
path: root/src/lib/krb5
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/krb5')
-rw-r--r--src/lib/krb5/ccache/cc_keyring.c53
-rw-r--r--src/lib/krb5/ccache/t_cc.c4
-rw-r--r--src/lib/krb5/krb/t_deltat.c6
-rw-r--r--src/lib/krb5/krb/t_ser.c4
-rw-r--r--src/lib/krb5/os/localaddr.c8
-rw-r--r--src/lib/krb5/rcache/rc_io.c3
6 files changed, 23 insertions, 55 deletions
diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c
index bbe2a2e..3828c59 100644
--- a/src/lib/krb5/ccache/cc_keyring.c
+++ b/src/lib/krb5/ccache/cc_keyring.c
@@ -144,11 +144,6 @@ debug_print(char *fmt, ...)
/* Hopefully big enough to hold a serialized credential */
#define GUESS_CRED_SIZE 4096
-#define ALLOC(NUM,TYPE) \
- (((NUM) <= (((size_t)0-1)/ sizeof(TYPE))) \
- ? (TYPE *) calloc((NUM), sizeof(TYPE)) \
- : (errno = ENOMEM,(TYPE *) 0))
-
#define CHECK_N_GO(ret, errdest) if (ret != KRB5_OK) goto errdest
#define CHECK(ret) if (ret != KRB5_OK) goto errout
#define CHECK_OUT(ret) if (ret != KRB5_OK) return ret
@@ -651,7 +646,7 @@ krb5_krcc_start_seq_get(krb5_context context, krb5_ccache id,
krb5_krcc_cursor krcursor;
krb5_krcc_data *d;
unsigned int size;
- int res;
+ long res;
DEBUG_PRINT(("krb5_krcc_start_seq_get: entered\n"));
@@ -676,7 +671,7 @@ krb5_krcc_start_seq_get(krb5_context context, krb5_ccache id,
krcursor->keys = (key_serial_t *) ((char *) krcursor + sizeof(*krcursor));
res = keyctl_read(d->ring_id, (char *) krcursor->keys,
((d->numkeys + 1) * sizeof(key_serial_t)));
- if (res < 0 || res > ((d->numkeys + 1) * sizeof(key_serial_t))) {
+ if (res < 0 || (size_t)res > ((d->numkeys + 1) * sizeof(key_serial_t))) {
DEBUG_PRINT(("Read %d bytes from keyring, numkeys %d: %s\n",
res, d->numkeys, strerror(errno)));
free(krcursor);
@@ -1213,7 +1208,7 @@ krb5_krcc_get_ring_ids(krb5_krcc_ring_ids_t *p)
*/
memset(ids_buf, '\0', sizeof(ids_buf));
val = keyctl_read(ids_key, ids_buf, sizeof(ids_buf));
- if (val > sizeof(ids_buf))
+ if (val < 0 || (size_t)val > sizeof(ids_buf))
goto out;
val = sscanf(ids_buf, "%d:%d:%d", &session, &process, &thread);
@@ -1359,12 +1354,7 @@ krb5_krcc_parse_principal(krb5_context context, krb5_ccache id,
if (tmpprinc == NULL)
return KRB5_CC_NOMEM;
if (length) {
- size_t msize = length;
- if (msize != length) {
- free(tmpprinc);
- return KRB5_CC_NOMEM;
- }
- tmpprinc->data = ALLOC(msize, krb5_data);
+ tmpprinc->data = calloc(length, sizeof(krb5_data));
if (tmpprinc->data == 0) {
free(tmpprinc);
return KRB5_CC_NOMEM;
@@ -1415,12 +1405,9 @@ krb5_krcc_parse_keyblock(krb5_context context, krb5_ccache id,
if (int32 < 0)
return KRB5_CC_NOMEM;
keyblock->length = int32;
- /* Overflow check. */
- if (keyblock->length != int32)
- return KRB5_CC_NOMEM;
if (keyblock->length == 0)
return KRB5_OK;
- keyblock->contents = ALLOC(keyblock->length, krb5_octet);
+ keyblock->contents = malloc(keyblock->length);
if (keyblock->contents == NULL)
return KRB5_CC_NOMEM;
@@ -1478,7 +1465,7 @@ krb5_krcc_parse_krb5data(krb5_context context, krb5_ccache id,
if (len < 0)
return KRB5_CC_NOMEM;
data->length = len;
- if (data->length != len || data->length + 1 == 0)
+ if (data->length + 1 == 0)
return KRB5_CC_NOMEM;
if (data->length == 0) {
@@ -1542,11 +1529,10 @@ krb5_krcc_parse_addrs(krb5_context context, krb5_ccache id,
* Make *addrs able to hold length pointers to krb5_address structs
* Add one extra for a null-terminated list
*/
- msize = length;
- msize += 1;
- if (msize == 0 || msize - 1 != length || length < 0)
+ msize = (size_t)length + 1;
+ if (msize == 0 || length < 0)
return KRB5_CC_NOMEM;
- *addrs = ALLOC(msize, krb5_address *);
+ *addrs = calloc(msize, sizeof(krb5_address *));
if (*addrs == NULL)
return KRB5_CC_NOMEM;
@@ -1587,13 +1573,6 @@ krb5_krcc_parse_addr(krb5_context context, krb5_ccache id, krb5_address * addr,
if ((int32 & VALID_INT_BITS) != int32) /* Overflow int??? */
return KRB5_CC_NOMEM;
addr->length = int32;
- /*
- * Length field is "unsigned int", which may be smaller
- * than 32 bits.
- */
- if (addr->length != int32)
- return KRB5_CC_NOMEM; /* XXX */
-
if (addr->length == 0)
return KRB5_OK;
@@ -1633,11 +1612,10 @@ krb5_krcc_parse_authdata(krb5_context context, krb5_ccache id,
* Make *a able to hold length pointers to krb5_authdata structs
* Add one extra for a null-terminated list
*/
- msize = length;
- msize += 1;
- if (msize == 0 || msize - 1 != length || length < 0)
+ msize = (size_t)length + 1;
+ if (msize == 0 || length < 0)
return KRB5_CC_NOMEM;
- *a = ALLOC(msize, krb5_authdata *);
+ *a = calloc(msize, sizeof(krb5_authdata *));
if (*a == NULL)
return KRB5_CC_NOMEM;
@@ -1680,13 +1658,6 @@ krb5_krcc_parse_authdatum(krb5_context context, krb5_ccache id,
if ((int32 & VALID_INT_BITS) != int32) /* Overflow int??? */
return KRB5_CC_NOMEM;
a->length = int32;
- /*
- * Value could have gotten truncated if int is
- * smaller than 32 bits.
- */
- if (a->length != int32)
- return KRB5_CC_NOMEM; /* XXX */
-
if (a->length == 0)
return KRB5_OK;
diff --git a/src/lib/krb5/ccache/t_cc.c b/src/lib/krb5/ccache/t_cc.c
index 1c11272..991cef0 100644
--- a/src/lib/krb5/ccache/t_cc.c
+++ b/src/lib/krb5/ccache/t_cc.c
@@ -332,14 +332,14 @@ check_registered(krb5_context context, const char *prefix)
if(kret != KRB5_OK) {
if(kret == KRB5_CC_UNKNOWN_TYPE)
return 0;
- com_err("Checking on credential type", kret,prefix);
+ com_err("Checking on credential type", kret, "%s", prefix);
fflush(stderr);
return 0;
}
kret = krb5_cc_close(context, id);
if(kret != KRB5_OK) {
- com_err("Checking on credential type - closing", kret,prefix);
+ com_err("Checking on credential type - closing", kret, "%s", prefix);
fflush(stderr);
}
diff --git a/src/lib/krb5/krb/t_deltat.c b/src/lib/krb5/krb/t_deltat.c
index 8a50c69..e519ee8 100644
--- a/src/lib/krb5/krb/t_deltat.c
+++ b/src/lib/krb5/krb/t_deltat.c
@@ -126,7 +126,7 @@ main (void)
};
int fail = 0;
- int i;
+ size_t i;
for (i = 0; i < sizeof(values)/sizeof(values[0]); i++) {
krb5_deltat result;
@@ -150,8 +150,8 @@ main (void)
}
}
if (fail == 0)
- printf ("Passed all %d tests.\n", i);
+ printf ("Passed all %d tests.\n", (int)i);
else
- printf ("Failed %d of %d tests.\n", fail, i);
+ printf ("Failed %d of %d tests.\n", fail, (int)i);
return fail;
}
diff --git a/src/lib/krb5/krb/t_ser.c b/src/lib/krb5/krb/t_ser.c
index 692d89d..9cdf5e6 100644
--- a/src/lib/krb5/krb/t_ser.c
+++ b/src/lib/krb5/krb/t_ser.c
@@ -95,7 +95,7 @@ ser_data(int verbose, char *msg, krb5_pointer ctx, krb5_magic dtype)
kret = krb5_externalize_data(ser_ctx, ctx, &outrep, &outlen);
if (!kret) {
if (verbose) {
- printf("%s: externalized in %d bytes\n", msg, outlen);
+ printf("%s: externalized in %d bytes\n", msg, (int)outlen);
print_erep(outrep, outlen);
}
@@ -110,7 +110,7 @@ ser_data(int verbose, char *msg, krb5_pointer ctx, krb5_magic dtype)
if (!kret) {
if (ilen)
printf("%s: %d bytes left over after internalize\n",
- msg, ilen);
+ msg, (int)ilen);
/* Now attempt to re-externalize it */
kret = krb5_externalize_data(ser_ctx, nctx, &outrep2, &outlen2);
if (!kret) {
diff --git a/src/lib/krb5/os/localaddr.c b/src/lib/krb5/os/localaddr.c
index f894d05..f7eb2d2 100644
--- a/src/lib/krb5/os/localaddr.c
+++ b/src/lib/krb5/os/localaddr.c
@@ -1346,12 +1346,10 @@ get_localaddrs (krb5_context context, krb5_address ***addr, int use_profile)
{
struct localaddr_data data = { 0 };
int r;
- krb5_error_code err;
- if (use_profile) {
- err = krb5_os_localaddr_profile (context, &data);
- /* ignore err for now */
- }
+ /* Ignore errors for now. */
+ if (use_profile)
+ (void)krb5_os_localaddr_profile (context, &data);
r = foreach_localaddr (&data, count_addrs, allocate, add_addr);
if (r != 0) {
diff --git a/src/lib/krb5/rcache/rc_io.c b/src/lib/krb5/rcache/rc_io.c
index ef7ce0b..1930d7e 100644
--- a/src/lib/krb5/rcache/rc_io.c
+++ b/src/lib/krb5/rcache/rc_io.c
@@ -223,9 +223,8 @@ krb5_rc_io_open_internal(krb5_context context, krb5_rc_iostuff *d, char *fn,
struct stat sb1, sb2;
#endif
char *dir;
- size_t dirlen;
- GETDIR;
+ dir = getdir();
if (full_pathname) {
if (!(d->fn = strdup(full_pathname)))
return KRB5_RC_IO_MALLOC;
generated by cgit v1.1 at 2024-08-03 13:28:23 +0000