summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2007-05-21 12:47:18 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:52:43 -0500
commit931f594cf16b8c7f9f416d7a8831432b783a0ec8 (patch)
tree3fca99de9b35314f20034e015b6e0a7fa436f634
parent43da48650ac5e8eaa3d8445c096fd9386c0afb18 (diff)
downloadsamba-931f594cf16b8c7f9f416d7a8831432b783a0ec8.tar.gz
samba-931f594cf16b8c7f9f416d7a8831432b783a0ec8.tar.bz2
samba-931f594cf16b8c7f9f416d7a8831432b783a0ec8.zip
r23036: error checking on asn1_init() failure
(This used to be commit 26cf8494084c0106ef0e1c9b6ef40eeadf945ef2)
-rw-r--r--source4/auth/gensec/spnego_parse.c11
-rw-r--r--source4/auth/kerberos/gssapi_parse.c13
-rw-r--r--source4/ldap_server/ldap_server.c4
-rw-r--r--source4/libcli/cldap/cldap.c2
-rw-r--r--source4/libcli/ldap/ldap.c2
-rw-r--r--source4/libcli/ldap/ldap_client.c4
-rw-r--r--source4/libcli/ldap/ldap_controls.c40
-rw-r--r--source4/libcli/util/asn1.c6
8 files changed, 77 insertions, 5 deletions
diff --git a/source4/auth/gensec/spnego_parse.c b/source4/auth/gensec/spnego_parse.c
index c768d1e847..5382402206 100644
--- a/source4/auth/gensec/spnego_parse.c
+++ b/source4/auth/gensec/spnego_parse.c
@@ -265,7 +265,7 @@ static BOOL write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTar
ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data *token)
{
- struct asn1_data *asn1 = asn1_init(mem_ctx);
+ struct asn1_data *asn1;
ssize_t ret = -1;
uint8_t context;
@@ -275,6 +275,11 @@ ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data
return ret;
}
+ asn1 = asn1_init(mem_ctx);
+ if (asn1 == NULL) {
+ return -1;
+ }
+
asn1_load(asn1, data);
if (!asn1_peek_uint8(asn1, &context)) {
@@ -311,6 +316,10 @@ ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_da
struct asn1_data *asn1 = asn1_init(mem_ctx);
ssize_t ret = -1;
+ if (asn1 == NULL) {
+ return -1;
+ }
+
switch (spnego->type) {
case SPNEGO_NEG_TOKEN_INIT:
asn1_push_tag(asn1, ASN1_APPLICATION(0));
diff --git a/source4/auth/kerberos/gssapi_parse.c b/source4/auth/kerberos/gssapi_parse.c
index 86a9e9554a..de6fa31afb 100644
--- a/source4/auth/kerberos/gssapi_parse.c
+++ b/source4/auth/kerberos/gssapi_parse.c
@@ -31,13 +31,18 @@
*/
DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *ticket, const uint8_t tok_id[2])
{
- struct asn1_data *data = asn1_init(mem_ctx);
+ struct asn1_data *data;
DATA_BLOB ret;
if (!data || !ticket->data) {
return data_blob(NULL,0);
}
+ data = asn1_init(mem_ctx);
+ if (data == NULL) {
+ return data_blob(NULL,0);
+ }
+
asn1_push_tag(data, ASN1_APPLICATION(0));
asn1_write_OID(data, GENSEC_OID_KERBEROS5);
@@ -66,6 +71,10 @@ BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, D
struct asn1_data *data = asn1_init(mem_ctx);
int data_remaining;
+ if (!data) {
+ return False;
+ }
+
asn1_load(data, *blob);
asn1_start_tag(data, ASN1_APPLICATION(0));
asn1_check_OID(data, GENSEC_OID_KERBEROS5);
@@ -99,6 +108,8 @@ BOOL gensec_gssapi_check_oid(const DATA_BLOB *blob, const char *oid)
BOOL ret;
struct asn1_data *data = asn1_init(NULL);
+ if (!data) return False;
+
asn1_load(data, *blob);
asn1_start_tag(data, ASN1_APPLICATION(0));
asn1_check_OID(data, oid);
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 9aefbed485..03fb10b4de 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -137,11 +137,13 @@ static NTSTATUS ldapsrv_decode(void *private, DATA_BLOB blob)
struct asn1_data *asn1 = asn1_init(conn);
struct ldap_message *msg = talloc(conn, struct ldap_message);
- if (msg == NULL) {
+ if (asn1 == NULL || msg == NULL) {
return NT_STATUS_NO_MEMORY;
}
if (!asn1_load(asn1, blob)) {
+ talloc_free(msg);
+ talloc_free(asn1);
return NT_STATUS_NO_MEMORY;
}
diff --git a/source4/libcli/cldap/cldap.c b/source4/libcli/cldap/cldap.c
index e92abe4d47..bd2ab630db 100644
--- a/source4/libcli/cldap/cldap.c
+++ b/source4/libcli/cldap/cldap.c
@@ -70,6 +70,8 @@ static void cldap_socket_recv(struct cldap_socket *cldap)
struct ldap_message *ldap_msg;
struct cldap_request *req;
+ if (!asn1) return;
+
status = socket_pending(cldap->sock, &dsize);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(tmp_ctx);
diff --git a/source4/libcli/ldap/ldap.c b/source4/libcli/ldap/ldap.c
index 70ba9335db..55988b8eb4 100644
--- a/source4/libcli/ldap/ldap.c
+++ b/source4/libcli/ldap/ldap.c
@@ -193,6 +193,8 @@ BOOL ldap_encode(struct ldap_message *msg, DATA_BLOB *result, TALLOC_CTX *mem_ct
struct asn1_data *data = asn1_init(mem_ctx);
int i, j;
+ if (!data) return False;
+
asn1_push_tag(data, ASN1_SEQUENCE(0));
asn1_write_Integer(data, msg->messageid);
diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c
index 5e4eddee92..ce15b39271 100644
--- a/source4/libcli/ldap/ldap_client.c
+++ b/source4/libcli/ldap/ldap_client.c
@@ -175,11 +175,13 @@ static NTSTATUS ldap_recv_handler(void *private_data, DATA_BLOB blob)
struct ldap_message *msg = talloc(conn, struct ldap_message);
struct asn1_data *asn1 = asn1_init(conn);
- if (msg == NULL) {
+ if (asn1 == NULL || msg == NULL) {
return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR);
}
if (!asn1_load(asn1, blob)) {
+ talloc_free(msg);
+ talloc_free(asn1);
return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR);
}
diff --git a/source4/libcli/ldap/ldap_controls.c b/source4/libcli/ldap/ldap_controls.c
index 180e6eeb62..79c16afc95 100644
--- a/source4/libcli/ldap/ldap_controls.c
+++ b/source4/libcli/ldap/ldap_controls.c
@@ -37,6 +37,8 @@ static BOOL decode_server_sort_response(void *mem_ctx, DATA_BLOB in, void **out)
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_sort_resp_control *lsrc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -82,6 +84,8 @@ static BOOL decode_server_sort_request(void *mem_ctx, DATA_BLOB in, void **out)
struct ldb_server_sort_control **lssc;
int num;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -156,6 +160,8 @@ static BOOL decode_extended_dn_request(void *mem_ctx, DATA_BLOB in, void **out)
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_extended_dn_control *ledc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -187,6 +193,8 @@ static BOOL decode_sd_flags_request(void *mem_ctx, DATA_BLOB in, void **out)
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_sd_flags_control *lsdfc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -218,6 +226,8 @@ static BOOL decode_search_options_request(void *mem_ctx, DATA_BLOB in, void **ou
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_search_options_control *lsoc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -250,6 +260,8 @@ static BOOL decode_paged_results_request(void *mem_ctx, DATA_BLOB in, void **out
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_paged_control *lprc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -296,6 +308,8 @@ static BOOL decode_dirsync_request(void *mem_ctx, DATA_BLOB in, void **out)
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_dirsync_control *ldc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -349,6 +363,8 @@ static BOOL decode_asq_control(void *mem_ctx, DATA_BLOB in, void **out)
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_asq_control *lac;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -452,6 +468,8 @@ static BOOL decode_vlv_request(void *mem_ctx, DATA_BLOB in, void **out)
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_vlv_req_control *lvrc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -562,6 +580,8 @@ static BOOL decode_vlv_response(void *mem_ctx, DATA_BLOB in, void **out)
struct asn1_data *data = asn1_init(mem_ctx);
struct ldb_vlv_resp_control *lvrc;
+ if (!data) return False;
+
if (!asn1_load(data, in)) {
return False;
}
@@ -615,6 +635,8 @@ static BOOL encode_server_sort_response(void *mem_ctx, void *in, DATA_BLOB *out)
struct ldb_sort_resp_control *lsrc = talloc_get_type(in, struct ldb_sort_resp_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -648,6 +670,8 @@ static BOOL encode_server_sort_request(void *mem_ctx, void *in, DATA_BLOB *out)
struct asn1_data *data = asn1_init(mem_ctx);
int num;
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -696,6 +720,8 @@ static BOOL encode_extended_dn_request(void *mem_ctx, void *in, DATA_BLOB *out)
struct ldb_extended_dn_control *ledc = talloc_get_type(in, struct ldb_extended_dn_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -722,6 +748,8 @@ static BOOL encode_sd_flags_request(void *mem_ctx, void *in, DATA_BLOB *out)
struct ldb_sd_flags_control *lsdfc = talloc_get_type(in, struct ldb_sd_flags_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -748,6 +776,8 @@ static BOOL encode_search_options_request(void *mem_ctx, void *in, DATA_BLOB *ou
struct ldb_search_options_control *lsoc = talloc_get_type(in, struct ldb_search_options_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -774,6 +804,8 @@ static BOOL encode_paged_results_request(void *mem_ctx, void *in, DATA_BLOB *out
struct ldb_paged_control *lprc = talloc_get_type(in, struct ldb_paged_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -807,6 +839,8 @@ static BOOL encode_asq_control(void *mem_ctx, void *in, DATA_BLOB *out)
struct ldb_asq_control *lac = talloc_get_type(in, struct ldb_asq_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -840,6 +874,8 @@ static BOOL encode_dirsync_request(void *mem_ctx, void *in, DATA_BLOB *out)
struct ldb_dirsync_control *ldc = talloc_get_type(in, struct ldb_dirsync_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -924,6 +960,8 @@ static BOOL encode_vlv_request(void *mem_ctx, void *in, DATA_BLOB *out)
struct ldb_vlv_req_control *lvrc = talloc_get_type(in, struct ldb_vlv_req_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
@@ -998,6 +1036,8 @@ static BOOL encode_vlv_response(void *mem_ctx, void *in, DATA_BLOB *out)
struct ldb_vlv_resp_control *lvrc = talloc_get_type(in, struct ldb_vlv_resp_control);
struct asn1_data *data = asn1_init(mem_ctx);
+ if (!data) return False;
+
if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) {
return False;
}
diff --git a/source4/libcli/util/asn1.c b/source4/libcli/util/asn1.c
index d02f6be9c7..81ce72bed9 100644
--- a/source4/libcli/util/asn1.c
+++ b/source4/libcli/util/asn1.c
@@ -24,7 +24,11 @@
/* allocate an asn1 structure */
struct asn1_data *asn1_init(TALLOC_CTX *mem_ctx)
{
- return talloc_zero(NULL, struct asn1_data);
+ struct asn1_data *ret = talloc_zero(NULL, struct asn1_data);
+ if (ret == NULL) {
+ DEBUG(0,("asn1_init failed! out of memory\n"));
+ }
+ return ret;
}
/* free an asn1 structure */