sssd/0051-SYSDB-Remove-code-causing-a-covscan-warning.patch
Lukas Slebodnik 1dedfbb334 Resolves: upstream#3523 - ABRT crash - /usr/libexec/sssd/sssd_nss in setnetgrent_result_timeout
Resolves: upstream#3588 - sssd_nss consumes more memory until restarted
                          or machine swaps
Resolves: failure in glibc tests
          https://sourceware.org/bugzilla/show_bug.cgi?id=22530
Resolves: upstream#3451 - When sssd is configured with id_provider proxy and
                          auth_provider ldap, login fails if the LDAP server
                          is not allowing anonymous binds
Resolves: upstream#3285 - SSSD needs restart after incorrect clock is
                          corrected with AD
Resolves: upstream#3586 - Give a more detailed debug and system-log message
                          if krb5_init_context() failed
Resolves: rhbz#1431153 - SSSD ships a drop-in configuration snippet
                         in /etc/systemd/system
Backport few upstream features from 1.16.1
2017-12-04 21:42:37 +01:00

128 lines
6.0 KiB
Diff

From 38bc29c3475421d9e9ce62810739b6b8b10ad7c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fidencio@redhat.com>
Date: Mon, 13 Nov 2017 08:29:53 +0100
Subject: [PATCH 51/79] SYSDB: Remove code causing a covscan warning
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
There's no reason to check for both ret != EOK and sanitized == NULL, as
the second should never ever happen.
This check is causing a clang warning in our code:
Defect type: CLANG_WARNING
1. sssd-1.16.0/src/db/sysdb_ops.c:4223:9: warning: Dereference of undefined pointer value
# if (res->count > 1) {
# ^~~~~~~~~~
4. sssd-1.16.0/src/db/sysdb_ops.c:4199:5: note: 'res' declared without an initial value
# struct ldb_result *res;
# ^~~~~~~~~~~~~~~~~~~~~~
7. sssd-1.16.0/src/db/sysdb_ops.c:4202:9: note: Assuming 'sid_str' is non-null
# if (!sid_str) return EINVAL;
# ^~~~~~~~
10. sssd-1.16.0/src/db/sysdb_ops.c:4202:5: note: Taking false branch
# if (!sid_str) return EINVAL;
# ^
13. sssd-1.16.0/src/db/sysdb_ops.c:4205:9: note: Assuming 'tmp_ctx' is non-null
# if (!tmp_ctx) {
# ^~~~~~~~
16. sssd-1.16.0/src/db/sysdb_ops.c:4205:5: note: Taking false branch
# if (!tmp_ctx) {
# ^
19. sssd-1.16.0/src/db/sysdb_ops.c:4209:11: note: Calling 'sysdb_search_object_by_sid'
# ret = sysdb_search_object_by_sid(tmp_ctx, domain, sid_str, NULL, &res);
# ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
22. sssd-1.16.0/src/db/sysdb_ops.c:4960:12: note: Calling 'sysdb_search_object_by_str_attr'
# return sysdb_search_object_by_str_attr(mem_ctx, domain, SYSDB_SID_FILTER,
# ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
25. sssd-1.16.0/src/db/sysdb_ops.c:4872:5: note: Taking false branch
# if (str == NULL) {
# ^
28. sssd-1.16.0/src/db/sysdb_ops.c:4877:9: note: Assuming 'ret' is equal to 0
# if (ret != EOK || sanitized == NULL) {
# ^~~~~~~~~~
31. sssd-1.16.0/src/db/sysdb_ops.c:4877:9: note: Left side of '||' is false
32. sssd-1.16.0/src/db/sysdb_ops.c:4877:23: note: Assuming 'sanitized' is equal to null
# if (ret != EOK || sanitized == NULL) {
# ^~~~~~~~~~~~~~~~~
35. sssd-1.16.0/src/db/sysdb_ops.c:4877:5: note: Taking true branch
# if (ret != EOK || sanitized == NULL) {
# ^
38. sssd-1.16.0/src/db/sysdb_ops.c:4878:9: note: Left side of '||' is false
# DEBUG(SSSDBG_OP_FAILURE, "sss_filter_sanitize failed.\n");
# ^
41. sssd-1.16.0/src/util/debug.h:123:9: note: expanded from macro 'DEBUG'
# if (DEBUG_IS_SET(__debug_macro_level)) { \
# ^
44. sssd-1.16.0/src/util/debug.h:135:30: note: expanded from macro 'DEBUG_IS_SET'
# #define DEBUG_IS_SET(level) (debug_level & (level) || \
# ^
47. sssd-1.16.0/src/db/sysdb_ops.c:4878:9: note: Assuming 'debug_level' is not equal to 0
# DEBUG(SSSDBG_OP_FAILURE, "sss_filter_sanitize failed.\n");
# ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
50. sssd-1.16.0/src/util/debug.h:123:9: note: expanded from macro 'DEBUG'
# if (DEBUG_IS_SET(__debug_macro_level)) { \
# ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
53. sssd-1.16.0/src/util/debug.h:136:30: note: expanded from macro 'DEBUG_IS_SET'
# (debug_level == SSSDBG_UNRESOLVED && \
# ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
56. sssd-1.16.0/src/db/sysdb_ops.c:4878:9: note: Left side of '&&' is false
57. sssd-1.16.0/src/util/debug.h:123:9: note: expanded from macro 'DEBUG'
# if (DEBUG_IS_SET(__debug_macro_level)) { \
# ^
60. sssd-1.16.0/src/util/debug.h:136:63: note: expanded from macro 'DEBUG_IS_SET'
# (debug_level == SSSDBG_UNRESOLVED && \
# ^
63. sssd-1.16.0/src/db/sysdb_ops.c:4878:9: note: Loop condition is false. Exiting loop
64. sssd-1.16.0/src/util/debug.h:121:35: note: expanded from macro 'DEBUG'
# #define DEBUG(level, format, ...) do { \
# ^
67. sssd-1.16.0/src/db/sysdb_ops.c:4879:9: note: Control jumps to line 4892
# goto done;
# ^
70. sssd-1.16.0/src/db/sysdb_ops.c:4960:12: note: Returning from 'sysdb_search_object_by_str_attr'
# return sysdb_search_object_by_str_attr(mem_ctx, domain, SYSDB_SID_FILTER,
# ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73. sssd-1.16.0/src/db/sysdb_ops.c:4209:11: note: Returning from 'sysdb_search_object_by_sid'
# ret = sysdb_search_object_by_sid(tmp_ctx, domain, sid_str, NULL, &res);
# ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
76. sssd-1.16.0/src/db/sysdb_ops.c:4211:5: note: Taking false branch
# if (ret == ENOENT) {
# ^
79. sssd-1.16.0/src/db/sysdb_ops.c:4217:12: note: Taking false branch
# } else if (ret != EOK) {
# ^
82. sssd-1.16.0/src/db/sysdb_ops.c:4223:9: note: Dereference of undefined pointer value
# if (res->count > 1) {
# ^~~~~~~~~~
# 4221| }
# 4222|
# 4223|-> if (res->count > 1) {
# 4224| DEBUG(SSSDBG_FATAL_FAILURE, "getbysid call returned more than one " \
# 4225| "result !?!\n");
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
---
src/db/sysdb_ops.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 2f8e36c6c9a2c2cefe4af5fb78957763304d989a..635c7db51f516e2217c93016409499e49289004c 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -4874,7 +4874,7 @@ static errno_t sysdb_search_object_by_str_attr(TALLOC_CTX *mem_ctx,
}
ret = sss_filter_sanitize(NULL, str, &sanitized);
- if (ret != EOK || sanitized == NULL) {
+ if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, "sss_filter_sanitize failed.\n");
goto done;
}
--
2.15.1