Blame SOURCES/0194-certmap-make-sure-eku_oid_list-is-always-allocated.patch

5ad689
From 27ef368b4105f19382360fe62f944b36ca74adb7 Mon Sep 17 00:00:00 2001
5ad689
From: Sumit Bose <sbose@redhat.com>
5ad689
Date: Wed, 6 Sep 2017 12:20:25 +0200
5ad689
Subject: [PATCH 194/194] certmap: make sure eku_oid_list is always allocated
5ad689
MIME-Version: 1.0
5ad689
Content-Type: text/plain; charset=UTF-8
5ad689
Content-Transfer-Encoding: 8bit
5ad689
5ad689
If there are only OIDs in a <EKU> part of a matching rule a NULL pointer
5ad689
dereference might occur.
5ad689
5ad689
Related to https://pagure.io/SSSD/sssd/issue/3508
5ad689
5ad689
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
5ad689
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
5ad689
(cherry picked from commit f5a8cd60c6f377af1954b58f007d16cf3f6dc846)
5ad689
---
5ad689
 src/lib/certmap/sss_certmap_krb5_match.c | 21 ++++++++++++---------
5ad689
 src/tests/cmocka/test_certmap.c          | 17 +++++++++++++++++
5ad689
 2 files changed, 29 insertions(+), 9 deletions(-)
5ad689
5ad689
diff --git a/src/lib/certmap/sss_certmap_krb5_match.c b/src/lib/certmap/sss_certmap_krb5_match.c
5ad689
index e40f17b8ace46e61087e0a2fa570a362a84cead2..0a77ac225d73f3506e102fdbdc9084faa0f19cf0 100644
5ad689
--- a/src/lib/certmap/sss_certmap_krb5_match.c
5ad689
+++ b/src/lib/certmap/sss_certmap_krb5_match.c
5ad689
@@ -179,19 +179,17 @@ static int parse_krb5_get_eku_value(TALLOC_CTX *mem_ctx,
5ad689
         goto done;
5ad689
     }
5ad689
 
5ad689
+    comp->eku_oid_list = talloc_zero_array(comp, const char *,
5ad689
+                                           eku_list_size + 1);
5ad689
+    if (comp->eku_oid_list == NULL) {
5ad689
+        ret = ENOMEM;
5ad689
+        goto done;
5ad689
+    }
5ad689
+
5ad689
     for (c = 0; eku_list[c] != NULL; c++) {
5ad689
         for (k = 0; ext_key_usage[k].name != NULL; k++) {
5ad689
 CM_DEBUG(ctx, "[%s][%s].", eku_list[c], ext_key_usage[k].name);
5ad689
             if (strcasecmp(eku_list[c], ext_key_usage[k].name) == 0) {
5ad689
-                if (comp->eku_oid_list == NULL) {
5ad689
-                    comp->eku_oid_list = talloc_zero_array(comp, const char *,
5ad689
-                                                           eku_list_size + 1);
5ad689
-                    if (comp->eku_oid_list == NULL) {
5ad689
-                        ret = ENOMEM;
5ad689
-                        goto done;
5ad689
-                    }
5ad689
-                }
5ad689
-
5ad689
                 comp->eku_oid_list[e] = talloc_strdup(comp->eku_oid_list,
5ad689
                                                       ext_key_usage[k].oid);
5ad689
                 if (comp->eku_oid_list[e] == NULL) {
5ad689
@@ -225,6 +223,11 @@ CM_DEBUG(ctx, "[%s][%s].", eku_list[c], ext_key_usage[k].name);
5ad689
         }
5ad689
     }
5ad689
 
5ad689
+    if (e == 0) {
5ad689
+        talloc_free(comp->eku_oid_list);
5ad689
+        comp->eku_oid_list = NULL;
5ad689
+    }
5ad689
+
5ad689
     ret = 0;
5ad689
 
5ad689
 done:
5ad689
diff --git a/src/tests/cmocka/test_certmap.c b/src/tests/cmocka/test_certmap.c
5ad689
index c998443d086eaa72cc2a05c38ddfc5ba590a1ce7..e732bb214476943d0f723b318ab64d3b4156cace 100644
5ad689
--- a/src/tests/cmocka/test_certmap.c
5ad689
+++ b/src/tests/cmocka/test_certmap.c
5ad689
@@ -445,6 +445,23 @@ static void test_sss_certmap_add_matching_rule(void **state)
5ad689
     assert_null(
5ad689
             ctx->prio_list->rule_list->parsed_match_rule->eku->eku_oid_list[3]);
5ad689
 
5ad689
+    ret = sss_certmap_add_rule(ctx, 96,
5ad689
+                               "KRB5:<EKU>1.2.3",
5ad689
+                               NULL, NULL);
5ad689
+    assert_int_equal(ret, 0);
5ad689
+    assert_non_null(ctx->prio_list);
5ad689
+    assert_non_null(ctx->prio_list->rule_list);
5ad689
+    assert_non_null(ctx->prio_list->rule_list->parsed_match_rule);
5ad689
+    assert_int_equal(ctx->prio_list->rule_list->parsed_match_rule->r,
5ad689
+                     relation_and);
5ad689
+    assert_non_null(ctx->prio_list->rule_list->parsed_match_rule->eku);
5ad689
+    assert_true(string_in_list("1.2.3",
5ad689
+              discard_const(
5ad689
+               ctx->prio_list->rule_list->parsed_match_rule->eku->eku_oid_list),
5ad689
+              true));
5ad689
+    assert_null(
5ad689
+            ctx->prio_list->rule_list->parsed_match_rule->eku->eku_oid_list[1]);
5ad689
+
5ad689
     /* SAN tests */
5ad689
     ret = sss_certmap_add_rule(ctx, 89, "KRB5:<SAN>abc", NULL, NULL);
5ad689
     assert_int_equal(ret, 0);
5ad689
-- 
5ad689
2.13.5
5ad689