From 240b082dc4bd2d62ad5eaeea8811ec9cb51e0b69 Mon Sep 17 00:00:00 2001 From: Joseph Sutton Date: Fri, 6 Oct 2023 14:24:51 +1300 Subject: [PATCH] s4:rpc_server: Check return values of gnutls functions (CID 1452111) Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- .../rpc_server/backupkey/dcesrv_backupkey.c | 29 ++++++++++++++----- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index b872ea688b4..47e338f546c 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -431,11 +431,18 @@ static WERROR get_and_verify_access_check(TALLOC_CTX *sub_ctx, return WERR_INVALID_DATA; } - gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA1); - gnutls_hash(dig_ctx, - blob_us.data, - blob_us.length - hash_size); + rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA1); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } + rc = gnutls_hash(dig_ctx, + blob_us.data, + blob_us.length - hash_size); gnutls_hash_deinit(dig_ctx, hash); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } + /* * We free it after the sha1 calculation because blob.data * point to the same area @@ -465,11 +472,17 @@ static WERROR get_and_verify_access_check(TALLOC_CTX *sub_ctx, return WERR_INVALID_DATA; } - gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA512); - gnutls_hash(dig_ctx, - blob_us.data, - blob_us.length - hash_size); + rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA512); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } + rc = gnutls_hash(dig_ctx, + blob_us.data, + blob_us.length - hash_size); gnutls_hash_deinit(dig_ctx, hash); + if (rc != GNUTLS_E_SUCCESS) { + return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR); + } /* * We free it after the sha1 calculation because blob.data -- 2.47.3