[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/libraries/libldap gssapi.c

hyc writes:
>	gssapi.c  NONE -> 1.1
> ITS#5369 SASL/GSSAPi refactoring from Stefan Metzmacher <metze@samba.org>
> and Rafal Szczeniak <mimir@samba.org>, with minor cleanups

This is buggy:

pkt_len is used uninitialized in sb_sasl_gssapi_decode().

guess_service_principal() is broken: It uses 'ret' uninitialized, as if
a return value from malloc.  It passes (buffer length - 1) instead of
buffer length to snprintf, which I think fails for the (allow_remote &&
givenstr) case.  snprintf() unnecessary anyway since the function can
malloc the exact needed size.  Also it's preferable to only use a string
literal as format argument, so gcc can verify the printf (instead of
warning that it can't).

Format errors: OM_uint32 printed as %u, size_t/ber_len_t as %lu.

Here is a draft patch.  Untested.  Note I've not looked at how this
actually works, just how to get rid of warnings.

Finally, some header files should declare these functions:
  ldap_gssapi_bind_s(), ldap_int_gssapi_close(), ldap_int_gssapi_config(),
  ldap_int_gssapi_get_option(), ldap_int_gssapi_set_option(),
  ldap_pvt_sasl_generic_install(), ldap_pvt_sasl_generic_remove(),
and be #included by bind.c, cyrus.c, gssapi.c, init.c, options.c, request.c.