diff options
author | Harshavardhana <harsha@harshavardhana.net> | 2013-12-24 08:23:13 -0800 |
---|---|---|
committer | Vijay Bellur <vbellur@redhat.com> | 2014-01-08 20:42:15 -0800 |
commit | 2b05c1588ac60af26e1b16f9f27ef8d5e4e50a5f (patch) | |
tree | cff1a430e5c8eed85789ff7d87324a5bfb50709d /xlators/mgmt | |
parent | 88816bf4b2933da8fa2717cb0e25c521895da4e1 (diff) |
rpc/auth: Avoid NULL dereference in rpcsvc_auth_request_init()
Code section is bogus!
------------------------------------------
370: if (!auth->authops->request_init)
371: ret = auth->authops->request_init (req, auth->authprivate);
------------------------------------------
Seems to have been never been used historically since
logically above code has never been true to actually execute
"authops->request_init() --> auth_glusterfs_{v2,}_request_init()"
On top of that under "rpcsvc_request_init()"
verf.flavour and verf.datalen are initialized from what is
provided through 'callmsg'.
------------------------------------------
req->verf.flavour = rpc_call_verf_flavour (callmsg);
req->verf.datalen = rpc_call_verf_len (callmsg);
/* AUTH */
rpcsvc_auth_request_init (req);
return req;
------------------------------------------
So the code in 'auth_glusterfs_{v2,}_request_init()'
performing this operation will over-write the original
flavour and datalen.
------------------------------------------
if (!req)
return -1;
memset (req->verf.authdata, 0, GF_MAX_AUTH_BYTES);
req->verf.datalen = 0;
req->verf.flavour = AUTH_NULL;
------------------------------------------
Refactoring the whole code into a more understandable version
and also avoiding a potential NULL dereference
Change-Id: I1a430fcb4d26de8de219bd0cb3c46c141649d47d
BUG: 1049735
Signed-off-by: Harshavardhana <harsha@harshavardhana.net>
Reviewed-on: http://review.gluster.org/6591
Reviewed-by: Santosh Pradhan <spradhan@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'xlators/mgmt')
0 files changed, 0 insertions, 0 deletions