]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
Fix GCC v14 [-Wanalyzer-null-dereference] warnings in Kerberos (#1983)
authorhuaraz <huaraz@moeller.plus.com>
Fri, 17 Jan 2025 17:08:18 +0000 (17:08 +0000)
committerSquid Anubis <squid-anubis@squid-cache.org>
Sun, 19 Jan 2025 11:41:18 +0000 (11:41 +0000)
    src/acl/external/kerberos_ldap_group/support_sasl.cc:190:17: error:
    dereference of NULL 'defs' [CWE-476] [-Wanalyzer-null-dereference]

    src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:235:19: error:
    dereference of NULL 'Rids' [CWE-476] [-Wanalyzer-null-dereference]

src/acl/external/kerberos_ldap_group/support_sasl.cc
src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc

index 1b62c62e5fa25f9364d177df9315c2c3728fef04..8f533d09b3344fe5c2ca823f10eb9eff8df8f30b 100644 (file)
@@ -185,16 +185,16 @@ void
 lutil_sasl_freedefs(
     void *defaults)
 {
-    lutilSASLdefaults *defs = (lutilSASLdefaults *) defaults;
-
-    xfree(defs->mech);
-    xfree(defs->realm);
-    xfree(defs->authcid);
-    xfree(defs->passwd);
-    xfree(defs->authzid);
-    xfree(defs->resps);
-
-    xfree(defs);
+    if (const auto defs = static_cast<lutilSASLdefaults*>(defaults)) {
+        xfree(defs->mech);
+        xfree(defs->realm);
+        xfree(defs->authcid);
+        xfree(defs->passwd);
+        xfree(defs->authzid);
+        xfree(defs->resps);
+
+        xfree(defs);
+    }
 }
 
 int
index 494024f8e70829bdbfa3de4cc604f473de1c4d83..a9e1e3bad14ae23e068429fe61dd7003d7844725 100644 (file)
@@ -205,6 +205,12 @@ getdomaingids(char *ad_groups, uint32_t DomainLogonId, char **Rids, uint32_t Gro
         return nullptr;
     }
 
+    if (!Rids) {
+        debug((char *) "%s| %s: ERR: Invalid RIDS list\n",
+              LogTime(), PROGRAM);
+        return nullptr;
+    }
+
     if (DomainLogonId!= 0) {
         uint8_t rev;
         uint64_t idauth;