From: Joseph Sutton Date: Fri, 6 Oct 2023 01:24:51 +0000 (+1300) Subject: s4:rpc_server: Check return values of gnutls functions (CID 1452111) X-Git-Tag: tevent-0.16.0~36 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=240b082dc4bd2d62ad5eaeea8811ec9cb51e0b69;p=thirdparty%2Fsamba.git s4:rpc_server: Check return values of gnutls functions (CID 1452111) Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index b872ea688b4..47e338f546c 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -431,11 +431,18 @@ static WERROR get_and_verify_access_check(TALLOC_CTX *sub_ctx, return WERR_INVALID_DATA; } - gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA1); - gnutls_hash(dig_ctx, - blob_us.data, - blob_us.length - hash_size); + rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA1); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } + rc = gnutls_hash(dig_ctx, + blob_us.data, + blob_us.length - hash_size); gnutls_hash_deinit(dig_ctx, hash); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } + /* * We free it after the sha1 calculation because blob.data * point to the same area @@ -465,11 +472,17 @@ static WERROR get_and_verify_access_check(TALLOC_CTX *sub_ctx, return WERR_INVALID_DATA; } - gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA512); - gnutls_hash(dig_ctx, - blob_us.data, - blob_us.length - hash_size); + rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA512); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } + rc = gnutls_hash(dig_ctx, + blob_us.data, + blob_us.length - hash_size); gnutls_hash_deinit(dig_ctx, hash); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } /* * We free it after the sha1 calculation because blob.data