Check sbuff returns in header_source() (CIDs #150424, #150280) (#5116)

It's seriously unlikely, since conf_buffer can use all the
memory there is, but in theory the generation of the SMTP header
*could* fail, and that's enough to make coverity kvetch.

diff --git a/src/modules/rlm_smtp/rlm_smtp.c b/src/modules/rlm_smtp/rlm_smtp.c
index 93b45fda99dab6528022478dd4a0054d0f3b9e36..5fdb26db2e885452ca142b2f930708e156cbcd88 100644 (file)
--- a/src/modules/rlm_smtp/rlm_smtp.c
+++ b/src/modules/rlm_smtp/rlm_smtp.c
@@ -598,10 +598,12 @@ static int header_source(fr_mail_ctx_t *uctx, rlm_smtp_t const *inst)
                fr_sbuff_init_talloc(uctx, &conf_buffer, &conf_ctx, 256, SIZE_MAX);
 
                /* Format the conf item to be a valid SMTP header */
-               /* coverity[check_return] */
-               fr_sbuff_in_bstrncpy(&conf_buffer, header->name, strlen(header->name));
-               fr_sbuff_in_strcpy(&conf_buffer, ": ");
-               fr_sbuff_in_bstrncpy(&conf_buffer, expanded_rhs, strlen(expanded_rhs));
+               if (unlikely((fr_sbuff_in_bstrncpy(&conf_buffer, header->name, strlen(header->name)) < 0) ||
+                            (fr_sbuff_in_strcpy(&conf_buffer, ": ") < 0) ||
+                            (fr_sbuff_in_bstrncpy(&conf_buffer, expanded_rhs, strlen(expanded_rhs)) < 0))) {
+                       RDEBUG2("Skipping: could not generate SMTP header");
+                       continue;
+               }
 
                /* Add the header to the curl slist */
                uctx->header = curl_slist_append(uctx->header, fr_sbuff_buff(&conf_buffer));