diff options
| author | Mike Kaganski <mike.kaganski@collabora.com> | 2018-10-20 22:24:26 +0200 |
|---|---|---|
| committer | Mike Kaganski <mike.kaganski@collabora.com> | 2018-10-21 00:31:19 +0200 |
| commit | 3846561f79cf9065abd9ca83c9fbfbe7e52e28e2 (patch) | |
| tree | 10c7051871e0392fe8705f4b731e9bcd84b016fe /sal | |
| parent | cc21f1ab22328ddf2bd82a77d81dbee69c847e5e (diff) | |
tdf#120703 (PVS)
V522 There might be dereferencing of a potential null pointer 'pSecImpl'.
Check lines: 81, 79.
Check lines: 116, 114.
Check lines: 175, 173.
V522 There might be dereferencing of a potential null pointer 'pSecImpl->m_pNetResource'.
Check lines: 176, 175.
V701 realloc() possible leak: when realloc() fails in allocating memory, original
pointer 'pInfoBuffer' is lost. Consider assigning realloc() to a temporary
pointer.
V724 Converting type 'BOOL' to type 'sal_Bool' can lead to a loss of high-order
bits. Non-zero value can become 'FALSE'.
V522 There might be dereferencing of a potential null pointer 'Ident'.
Check lines: 345, 340.
V614 Potentially uninitialized buffer 'Name' used. Consider checking the second
actual argument of the 'rtl_uString_newFromStr' function.
Change-Id: Ieadc914d0f15e9c01621f8d7b5a7f8c0778c4498
Reviewed-on: https://gerrit.libreoffice.org/62090
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Diffstat (limited to 'sal')
| -rw-r--r-- | sal/osl/w32/security.cxx | 106 |
1 files changed, 63 insertions, 43 deletions
diff --git a/sal/osl/w32/security.cxx b/sal/osl/w32/security.cxx index 2082301d2156..ebd3754705dd 100644 --- a/sal/osl/w32/security.cxx +++ b/sal/osl/w32/security.cxx @@ -77,12 +77,13 @@ static bool getUserNameImpl(oslSecurity Security, rtl_uString **strName, bool bI oslSecurity SAL_CALL osl_getCurrentSecurity(void) { oslSecurityImpl* pSecImpl = static_cast<oslSecurityImpl *>(malloc(sizeof(oslSecurityImpl))); - - pSecImpl->m_pNetResource = nullptr; - pSecImpl->m_User[0] = '\0'; - pSecImpl->m_hToken = nullptr; - pSecImpl->m_hProfile = nullptr; - + if (pSecImpl) + { + pSecImpl->m_pNetResource = nullptr; + pSecImpl->m_User[0] = '\0'; + pSecImpl->m_hToken = nullptr; + pSecImpl->m_hProfile = nullptr; + } return pSecImpl; } @@ -112,14 +113,15 @@ oslSecurityError SAL_CALL osl_loginUser( rtl_uString *strUserName, rtl_uString * &hUserToken)) { oslSecurityImpl* pSecImpl = static_cast<oslSecurityImpl *>(malloc(sizeof(oslSecurityImpl))); - - pSecImpl->m_pNetResource = nullptr; - pSecImpl->m_hToken = hUserToken; - pSecImpl->m_hProfile = nullptr; - wcscpy(o3tl::toW(pSecImpl->m_User), o3tl::toW(strUser)); - + if (pSecImpl) + { + pSecImpl->m_pNetResource = nullptr; + pSecImpl->m_hToken = hUserToken; + pSecImpl->m_hProfile = nullptr; + wcscpy(o3tl::toW(pSecImpl->m_User), o3tl::toW(strUser)); + } *pSecurity = pSecImpl; - ret = osl_Security_E_None; + ret = pSecImpl ? osl_Security_E_None : osl_Security_E_Unknown; } else { @@ -171,17 +173,25 @@ oslSecurityError SAL_CALL osl_loginUserOnFileServer(rtl_uString *strUserName, if ((err == NO_ERROR) || (err == ERROR_ALREADY_ASSIGNED)) { oslSecurityImpl* pSecImpl = static_cast<oslSecurityImpl *>(malloc(sizeof(oslSecurityImpl))); - - pSecImpl->m_pNetResource = static_cast<NETRESOURCEW *>(malloc(sizeof(NETRESOURCE))); - *pSecImpl->m_pNetResource = netResource; - - pSecImpl->m_hToken = nullptr; - pSecImpl->m_hProfile = nullptr; - wcscpy(o3tl::toW(pSecImpl->m_User), o3tl::toW(rtl_uString_getStr(strUserName))); - + if (pSecImpl) + { + pSecImpl->m_pNetResource = static_cast<NETRESOURCEW *>(malloc(sizeof(NETRESOURCE))); + if (pSecImpl->m_pNetResource) + { + *pSecImpl->m_pNetResource = netResource; + pSecImpl->m_hToken = nullptr; + pSecImpl->m_hProfile = nullptr; + wcscpy(o3tl::toW(pSecImpl->m_User), o3tl::toW(rtl_uString_getStr(strUserName))); + } + else + { + free(pSecImpl); + pSecImpl = nullptr; + } + } *pSecurity = pSecImpl; - ret = osl_Security_E_None; + ret = pSecImpl ? osl_Security_E_None : osl_Security_E_Unknown; } else { @@ -291,7 +301,14 @@ sal_Bool SAL_CALL osl_getUserIdent(oslSecurity Security, rtl_uString **strIdent) { if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) { - pInfoBuffer = static_cast<UCHAR *>(realloc(pInfoBuffer, nInfoBuffer)); + if (auto p = static_cast<UCHAR *>(realloc(pInfoBuffer, nInfoBuffer))) + pInfoBuffer = p; + else + { + free(pInfoBuffer); + pInfoBuffer = nullptr; + break; + } } else { @@ -325,31 +342,29 @@ sal_Bool SAL_CALL osl_getUserIdent(oslSecurity Security, rtl_uString **strIdent) free(pInfoBuffer); - return bResult; + return bResult != FALSE; } } else { DWORD needed = 0; - sal_Unicode *Ident; WNetGetUserW(nullptr, nullptr, &needed); if (needed < 16) needed = 16; - Ident = static_cast<sal_Unicode *>(malloc(needed*sizeof(sal_Unicode))); - - if (WNetGetUserW(nullptr, o3tl::toW(Ident), &needed) != NO_ERROR) + if (auto Ident = static_cast<sal_Unicode *>(malloc(needed*sizeof(sal_Unicode)))) { - wcscpy(o3tl::toW(Ident), L"unknown"); - Ident[7] = L'\0'; - } - - rtl_uString_newFromStr( strIdent, Ident); - - free(Ident); + if (WNetGetUserW(nullptr, o3tl::toW(Ident), &needed) != NO_ERROR) + { + wcscpy(o3tl::toW(Ident), L"unknown"); + Ident[7] = L'\0'; + } - return true; + rtl_uString_newFromStr( strIdent, Ident); + free(Ident); + return true; + } } } @@ -710,7 +725,14 @@ static bool getUserNameImpl(oslSecurity Security, rtl_uString **strName, bool b { if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) { - pInfoBuffer = static_cast<UCHAR *>(realloc(pInfoBuffer, nInfoBuffer)); + if (auto p = static_cast<UCHAR *>(realloc(pInfoBuffer, nInfoBuffer))) + pInfoBuffer = p; + else + { + free(pInfoBuffer); + pInfoBuffer = nullptr; + break; + } } else { @@ -746,13 +768,11 @@ static bool getUserNameImpl(oslSecurity Security, rtl_uString **strName, bool b { wcscpy(o3tl::toW(Name), o3tl::toW(UserName)); } - } - - rtl_uString_newFromStr( strName, Name); - free(pInfoBuffer); - - return true; + rtl_uString_newFromStr(strName, Name); + free(pInfoBuffer); + return true; + } } } else |