You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
512 if (fo_is_srv_lookup(server)) {
At conditional (1): "dns_domain == NULL" taking the true branch.
At conditional (2): "server->srv_data->dns_domain == NULL" taking the false branch.
Comparing "dns_domain" to null implies that "dns_domain" might be null.
Passing null variable "dns_domain" to function "strcasecmp", which dereferences it. (Deref assumed on the basis of 'nonnull' parameter attribute.)
513 if (((dns_domain == NULL && server->srv_data->dns_domain == NULL) ||
514 strcasecmp(server->srv_data->dns_domain, dns_domain) == 0) &&
515 strcasecmp(server->srv_data->proto, proto) == 0) {
516 return EEXIST;
517 }
This if statement needs to be broken out more. It's very confusing and is vulnerable to a null dereference if dns_domain was passed in as NULL (which is valid)
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/717
512 if (fo_is_srv_lookup(server)) {
At conditional (1): "dns_domain == NULL" taking the true branch.
At conditional (2): "server->srv_data->dns_domain == NULL" taking the false branch.
Comparing "dns_domain" to null implies that "dns_domain" might be null.
Passing null variable "dns_domain" to function "strcasecmp", which dereferences it. (Deref assumed on the basis of 'nonnull' parameter attribute.)
513 if (((dns_domain == NULL && server->srv_data->dns_domain == NULL) ||
514 strcasecmp(server->srv_data->dns_domain, dns_domain) == 0) &&
515 strcasecmp(server->srv_data->proto, proto) == 0) {
516 return EEXIST;
517 }
This if statement needs to be broken out more. It's very confusing and is vulnerable to a null dereference if dns_domain was passed in as NULL (which is valid)
Comments
Comment from sgallagh at 2010-12-14 15:34:51
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.5.0
Comment from sgallagh at 2010-12-15 14:18:35
Fixed by 6ad2d3a
coverity: => 10008
resolution: => fixed
status: new => closed
Comment from dpal at 2012-01-19 03:00:31
Fields changed
rhbz: => 0
Comment from sgallagh at 2017-02-24 14:32:07
Metadata Update from @sgallagh:
The text was updated successfully, but these errors were encountered: