krb5/backport-Fix-various-small-logic-errors.patch

From 3b57de1b68f31fa297d91e8b00bd91587d71fd02 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 1 Nov 2024 13:42:44 -0400
Subject: [PATCH] Fix various small logic errors

Correct five logic errors (all unlikely to manifest as user-visible
bugs) found by static analysis.  Reported by Valery Fedorenko.
---
 src/kdc/policy.c                                   |  2 +-
 src/lib/apputils/net-server.c                      |  2 +-
 src/lib/rpc/unit-test/client.c                     |  1 +
 src/plugins/audit/kdc_j_encode.c                   | 10 ++++------
 src/plugins/preauth/pkinit/pkinit_crypto_openssl.c |  2 ++
 5 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/src/kdc/policy.c b/src/kdc/policy.c
index a3ff556c5..1ae1c7a05 100644
--- a/src/kdc/policy.c
+++ b/src/kdc/policy.c
@@ -180,7 +180,7 @@ unload_kdcpolicy_plugins(krb5_context context)
 {
     kdcpolicy_handle *hp, h;
 
-    for (hp = handles; *hp != NULL; hp++) {
+    for (hp = handles; hp != NULL && *hp != NULL; hp++) {
         h = *hp;
         if (h->vt.fini != NULL)
             h->vt.fini(context, h->moddata);
diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c
index 75372d894..b3da72d3f 100644
--- a/src/lib/apputils/net-server.c
+++ b/src/lib/apputils/net-server.c
@@ -1127,7 +1127,7 @@ kill_lru_tcp_or_rpc_connection(void *handle, verto_ev *newev)
     }
     if (oldest_c != NULL) {
         krb5_klog_syslog(LOG_INFO, _("dropping %s fd %d from %s"),
-                         c->type == CONN_RPC ? "rpc" : "tcp",
+                         oldest_c->type == CONN_RPC ? "rpc" : "tcp",
                          verto_get_fd(oldest_ev), oldest_c->addrbuf);
         if (oldest_c->type == CONN_RPC)
             oldest_c->rpc_force_close = 1;
diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c
index 9b907bcdc..7965a4306 100644
--- a/src/lib/rpc/unit-test/client.c
+++ b/src/lib/rpc/unit-test/client.c
@@ -165,6 +165,7 @@ main(int argc, char **argv)
 	  if (echo_resp == NULL) {
 	       fprintf(stderr, "RPC_TEST_ECHO call %d%s", i,
 		       clnt_sperror(clnt, ""));
+	       break;
 	  }
 	  if (strncmp(*echo_resp, "Echo: ", 6) &&
 	      strcmp(echo_arg, (*echo_resp) + 6) != 0)
diff --git a/src/plugins/audit/kdc_j_encode.c b/src/plugins/audit/kdc_j_encode.c
index fb4a4ed73..0df258d76 100755
--- a/src/plugins/audit/kdc_j_encode.c
+++ b/src/plugins/audit/kdc_j_encode.c
@@ -419,12 +419,10 @@ kau_j_tgs_u2u(const krb5_boolean ev_success, krb5_audit_state *state,
             goto error;
     }
     /* Client in the second ticket. */
-    if (req != NULL) {
-        ret = princ_to_value(req->second_ticket[0]->enc_part2->client,
-                             obj, AU_REQ_U2U_USER);
-        if (ret)
-            goto error;
-    }
+    ret = princ_to_value(req->second_ticket[0]->enc_part2->client,
+                         obj, AU_REQ_U2U_USER);
+    if (ret)
+        goto error;
     /* Enctype of a session key of the second ticket. */
     ret = int32_to_value(req->second_ticket[0]->enc_part2->session->enctype,
                          obj, AU_SRV_ETYPE);
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 6d1966194..4ae2c00ad 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -4110,6 +4110,8 @@ pkinit_get_certs_pkcs12(krb5_context context,
 
         TRACE_PKINIT_PKCS_PARSE_FAIL_FIRST(context);
 
+        if (p12name == NULL)
+            goto cleanup;
         if (id_cryptoctx->defer_id_prompt) {
             /* Supply the identity name to be passed to the responder. */
             pkinit_set_deferred_id(&id_cryptoctx->deferred_ids, p12name, 0,
-- 
2.33.0
backport patches to fix bugs (cherry picked from commit a232588500d7aa39f884aad25a6a939a6373231d) 2025-03-25 09:09:15 +08:00			`From 3b57de1b68f31fa297d91e8b00bd91587d71fd02 Mon Sep 17 00:00:00 2001`
			`From: Greg Hudson <ghudson@mit.edu>`
			`Date: Fri, 1 Nov 2024 13:42:44 -0400`
			`Subject: [PATCH] Fix various small logic errors`

			`Correct five logic errors (all unlikely to manifest as user-visible`
			`bugs) found by static analysis. Reported by Valery Fedorenko.`
			`---`
			`src/kdc/policy.c \| 2 +-`
			`src/lib/apputils/net-server.c \| 2 +-`
			`src/lib/rpc/unit-test/client.c \| 1 +`
			`src/plugins/audit/kdc_j_encode.c \| 10 ++++------`
			`src/plugins/preauth/pkinit/pkinit_crypto_openssl.c \| 2 ++`
			`5 files changed, 9 insertions(+), 8 deletions(-)`

			`diff --git a/src/kdc/policy.c b/src/kdc/policy.c`
			`index a3ff556c5..1ae1c7a05 100644`
			`--- a/src/kdc/policy.c`
			`+++ b/src/kdc/policy.c`
			`@@ -180,7 +180,7 @@ unload_kdcpolicy_plugins(krb5_context context)`
			`{`
			`kdcpolicy_handle *hp, h;`

			`- for (hp = handles; *hp != NULL; hp++) {`
			`+ for (hp = handles; hp != NULL && *hp != NULL; hp++) {`
			`h = *hp;`
			`if (h->vt.fini != NULL)`
			`h->vt.fini(context, h->moddata);`
			`diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c`
			`index 75372d894..b3da72d3f 100644`
			`--- a/src/lib/apputils/net-server.c`
			`+++ b/src/lib/apputils/net-server.c`
			`@@ -1127,7 +1127,7 @@ kill_lru_tcp_or_rpc_connection(void handle, verto_ev newev)`
			`}`
			`if (oldest_c != NULL) {`
			`krb5_klog_syslog(LOG_INFO, _("dropping %s fd %d from %s"),`
			`- c->type == CONN_RPC ? "rpc" : "tcp",`
			`+ oldest_c->type == CONN_RPC ? "rpc" : "tcp",`
			`verto_get_fd(oldest_ev), oldest_c->addrbuf);`
			`if (oldest_c->type == CONN_RPC)`
			`oldest_c->rpc_force_close = 1;`
			`diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c`
			`index 9b907bcdc..7965a4306 100644`
			`--- a/src/lib/rpc/unit-test/client.c`
			`+++ b/src/lib/rpc/unit-test/client.c`
			`@@ -165,6 +165,7 @@ main(int argc, char **argv)`
			`if (echo_resp == NULL) {`
			`fprintf(stderr, "RPC_TEST_ECHO call %d%s", i,`
			`clnt_sperror(clnt, ""));`
			`+ break;`
			`}`
			`if (strncmp(*echo_resp, "Echo: ", 6) &&`
			`strcmp(echo_arg, (*echo_resp) + 6) != 0)`
			`diff --git a/src/plugins/audit/kdc_j_encode.c b/src/plugins/audit/kdc_j_encode.c`
			`index fb4a4ed73..0df258d76 100755`
			`--- a/src/plugins/audit/kdc_j_encode.c`
			`+++ b/src/plugins/audit/kdc_j_encode.c`
			`@@ -419,12 +419,10 @@ kau_j_tgs_u2u(const krb5_boolean ev_success, krb5_audit_state *state,`
			`goto error;`
			`}`
			`/* Client in the second ticket. */`
			`- if (req != NULL) {`
			`- ret = princ_to_value(req->second_ticket[0]->enc_part2->client,`
			`- obj, AU_REQ_U2U_USER);`
			`- if (ret)`
			`- goto error;`
			`- }`
			`+ ret = princ_to_value(req->second_ticket[0]->enc_part2->client,`
			`+ obj, AU_REQ_U2U_USER);`
			`+ if (ret)`
			`+ goto error;`
			`/* Enctype of a session key of the second ticket. */`
			`ret = int32_to_value(req->second_ticket[0]->enc_part2->session->enctype,`
			`obj, AU_SRV_ETYPE);`
			`diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c`
			`index 6d1966194..4ae2c00ad 100644`
			`--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c`
			`+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c`
			`@@ -4110,6 +4110,8 @@ pkinit_get_certs_pkcs12(krb5_context context,`

			`TRACE_PKINIT_PKCS_PARSE_FAIL_FIRST(context);`

			`+ if (p12name == NULL)`
			`+ goto cleanup;`
			`if (id_cryptoctx->defer_id_prompt) {`
			`/* Supply the identity name to be passed to the responder. */`
			`pkinit_set_deferred_id(&id_cryptoctx->deferred_ids, p12name, 0,`
			`--`
			`2.33.0`