sudo_ldap_parse_options: fix memory leak of sudoRole cn string.
Coverity CID 249976
This commit is contained in:
Todd C. Miller
@@ -421,38 +421,31 @@ sudo_ldap_get_first_rdn(LDAP *ld, LDAPMessage *entry, int *rc)
|
|||||||
static bool
|
static bool
|
||||||
sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry, struct defaults_list *defs)
|
sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry, struct defaults_list *defs)
|
||||||
{
|
{
|
||||||
struct berval **bv, **p;
|
struct berval **p, **bv = NULL;
|
||||||
char *cn, *cp, *source = NULL;
|
char *cp, *cn = NULL, *source = NULL;
|
||||||
bool ret = false;
|
bool ret = false;
|
||||||
int rc;
|
int rc;
|
||||||
debug_decl(sudo_ldap_parse_options, SUDOERS_DEBUG_LDAP);
|
debug_decl(sudo_ldap_parse_options, SUDOERS_DEBUG_LDAP);
|
||||||
|
|
||||||
bv = sudo_ldap_get_values_len(ld, entry, "sudoOption", &rc);
|
bv = sudo_ldap_get_values_len(ld, entry, "sudoOption", &rc);
|
||||||
if (bv == NULL) {
|
if (bv == NULL) {
|
||||||
if (rc == LDAP_NO_MEMORY) {
|
if (rc == LDAP_NO_MEMORY)
|
||||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
goto oom;
|
||||||
debug_return_bool(false);
|
|
||||||
}
|
|
||||||
debug_return_bool(true);
|
debug_return_bool(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Use sudoRole in place of file name in defaults. */
|
/* Use sudoRole in place of file name in defaults. */
|
||||||
cn = sudo_ldap_get_first_rdn(ld, entry, &rc);
|
cn = sudo_ldap_get_first_rdn(ld, entry, &rc);
|
||||||
if (cn == NULL) {
|
if (cn == NULL) {
|
||||||
if (rc == LDAP_NO_MEMORY) {
|
if (rc == LDAP_NO_MEMORY)
|
||||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
goto oom;
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (asprintf(&cp, "sudoRole %s", cn ? cn : "UNKNOWN") == -1) {
|
|
||||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
if ((source = sudo_rcstr_dup(cp)) == NULL) {
|
|
||||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
|
||||||
free(cp);
|
|
||||||
goto done;
|
|
||||||
}
|
}
|
||||||
|
if (asprintf(&cp, "sudoRole %s", cn ? cn : "UNKNOWN") == -1)
|
||||||
|
goto oom;
|
||||||
|
source = sudo_rcstr_dup(cp);
|
||||||
|
free(cp);
|
||||||
|
if (source == NULL)
|
||||||
|
goto oom;
|
||||||
|
|
||||||
/* Walk through options, appending to defs. */
|
/* Walk through options, appending to defs. */
|
||||||
for (p = bv; *p != NULL; p++) {
|
for (p = bv; *p != NULL; p++) {
|
||||||
@@ -460,13 +453,15 @@ sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry, struct defaults_list *defs
|
|||||||
int op;
|
int op;
|
||||||
|
|
||||||
op = sudo_ldap_parse_option((*p)->bv_val, &var, &val);
|
op = sudo_ldap_parse_option((*p)->bv_val, &var, &val);
|
||||||
if (!append_default(var, val, op, source, defs)) {
|
if (!append_default(var, val, op, source, defs))
|
||||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
goto oom;
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = true;
|
ret = true;
|
||||||
|
goto done;
|
||||||
|
|
||||||
|
oom:
|
||||||
|
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||||
|
|
||||||
done:
|
done:
|
||||||
sudo_rcstr_delref(source);
|
sudo_rcstr_delref(source);
|
||||||
|
|||||||
Reference in New Issue
Block a user