#
2a63c3be |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c comment pattern Remove /^/[*/]\s*\$FreeBSD\$.*\n/
|
#
446bb222 |
|
28-Jan-2020 |
Conrad Meyer <cem@FreeBSD.org> |
ypldap(8): Fix absent va_end() in 'goto fail' path In this path, we used va_start() without pairing it with va_end(). Add the va_end(). (va_start() without paired va_end() is undefined behavior per the C standard.) "In many implementations, [va_end] is a do-nothing operation; but those implementations that need it probably need it badly." - Rationale for the ANSI C Programming Language, ยง 4.8.1.3. Reported by: Coverity CID: 1340539
|
#
9d80a8b0 |
|
24-May-2016 |
Don Lewis <truckman@FreeBSD.org> |
Fix Coverity CIDs 1340544 Resource leak and 1340543 Use after free At line 479 of ldapclient.c in client_build_req(), the error return leaks ldap_attrs (CID 1340544). It looks like this can happen if the first utoa() call in aldap_get_stringset() fails. It looks like other leaks can happen if other utoa() calls fail since scanning this array when it is freed stops when the first NULL is encountered. Fix these problems by not storing NULL in the array when utoa() fails, and by freeing ret and returning NULL if nothing is stored in the array. That way the caller will never see the ldap_attrs[0] == NULL case, so delete that check. The ber_printf_element() calls ber_free_elements() on its ber argument and returns NULL on failure. When each of its callers detects failure, they do a goto fail, which then calls ber_free_elements() with the same pointer (CID 1340543). Fix is to delete the ber_free_elements() from ber_printf_element() Reported by: Coverity CID: 1340543, 1340544 Reviewed by: araujo Differential Revision: https://reviews.freebsd.org/D6550
|
#
a5f63746 |
|
12-May-2016 |
Don Lewis <truckman@FreeBSD.org> |
Avoid indexing an array with a negative value. Reported by: Coverity CID: 971121
|
#
0e356242 |
|
12-Apr-2016 |
Marcelo Araujo <araujo@FreeBSD.org> |
Apply revisions 1.4 and 1.5 from ldapd's ber.c to ypldap's copy, so it can deal with messages that haven't been fully read from the server yet. Obtained from: OpenBSD r1.11
|
#
474fa6a7 |
|
15-Dec-2015 |
Marcelo Araujo <araujo@FreeBSD.org> |
Remove wrong header and the NULL check before free(). Approved by: bapt (mentor) Obtained from: OpenBSD Differential Revision: https://reviews.freebsd.org/D4548
|
#
28b524fb |
|
16-Nov-2015 |
Craig Rodrigues <rodrigc@FreeBSD.org> |
Add include of <string.h> for strlen() prototype.
|
#
9e7c127f |
|
16-Nov-2015 |
Craig Rodrigues <rodrigc@FreeBSD.org> |
Import ypldap from OpenBSD. ypldap -- Intended to be a drop-in replacement for ypserv, gluing in a LDAP directory and thus providing support for users and groups stored in LDAP for the get{pw,gr}ent family of functions.
|