URL:
https://github.com/SSSD/sssd/pull/241
Title: #241: FleetCommander Integration
jhrozek commented:
"""
There are some issues Coverity found:
```
Error: TOCTOU (CWE-367):
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:157: fs_check_call: Calling
function "stat" to perform check on "domain_dir".
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:159: toctou: Calling function
"mkdir" that uses "domain_dir" after a check function. This can cause
a time-of-check, time-of-use race condition.
# 157| ret = stat(domain_dir, &info);
# 158| if (ret != EOK) {
# 159|-> ret = mkdir(domain_dir, 0755);
# 160| if (ret != EOK) {
# 161| ret = errno;
Error: TOCTOU (CWE-367):
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:214: fs_check_call: Calling
function "stat" to perform check on "user_dir".
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:216: toctou: Calling function
"mkdir" that uses "user_dir" after a check function. This can cause a
time-of-check, time-of-use race condition.
# 214| ret = stat(user_dir, &info);
# 215| if (ret != EOK) {
# 216|-> ret = mkdir(user_dir, 0600);
# 217| if (ret != EOK) {
# 218| ret = errno;
Error: TOCTOU (CWE-367):
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:227: fs_check_call: Calling
function "stat" to perform check on "user_dir".
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:247: toctou: Calling function
"chown" that uses "user_dir" after a check function. This can cause a
time-of-check, time-of-use race condition.
# 245| }
# 246|
# 247|-> ret = chown(user_dir, uid, gid);
# 248| if (ret != EOK) {
# 249| ret = errno;
Error: TOCTOU (CWE-367):
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:687: fs_check_call: Calling
function "stat" to perform check on "filepath".
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:702: toctou: Calling function
"remove" that uses "filepath" after a check function. This can cause a
time-of-check, time-of-use race condition.
# 700| }
# 701|
# 702|-> ret = remove(filepath);
# 703| if (ret != EOK) {
# 704| ret = errno;
Error: RESOURCE_LEAK (CWE-772):
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:659: alloc_fn: Storage is
returned from allocation function "opendir".
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:659: var_assign: Assigning:
"dir" = storage returned from "opendir(user_dir)".
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:680: noescape: Resource
"dir" is not freed or pointed-to in "readdir".
sssd-1.15.4/src/providers/ipa/ipa_deskprofile_rules_util.c:725: leaked_storage: Variable
"dir" going out of scope leaks the storage it points to.
# 723| done:
# 724| talloc_free(tmp_ctx);
# 725|-> return ret;
# 726| }
# 727|
Error: UNINIT (CWE-457):
sssd-1.15.4/src/responder/common/cache_req/cache_req_sr_overlay.c:122: var_decl: Declaring
variable "ret" without initializer.
sssd-1.15.4/src/responder/common/cache_req/cache_req_sr_overlay.c:209: uninit_use: Using
uninitialized value "ret".
# 207| done:
# 208| talloc_zfree(tmp_ctx);
# 209|-> return ret;
# 210| }
# 211|
```
"""
See the full comment at
https://github.com/SSSD/sssd/pull/241#issuecomment-319315814