krb5 commit: Squash apparent forward-null in clnttcp_create()
Greg Hudson
ghudson at mit.edu
Wed Sep 11 19:30:19 EDT 2019
https://github.com/krb5/krb5/commit/b2f688eedd4bcca525201ef9485749a8c20b808a
commit b2f688eedd4bcca525201ef9485749a8c20b808a
Author: Robbie Harwood <rharwood at redhat.com>
Date: Fri Aug 30 11:16:58 2019 -0400
Squash apparent forward-null in clnttcp_create()
clnttcp_create() only allows raddr to be NULL if *sockp is set.
Static analyzers cannot know this, so can report a forward null
defect. Add an raddr check before calling connect() to squash the
defect.
[ghudson at mit.edu: rewrote commit message]
src/lib/rpc/clnt_tcp.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/lib/rpc/clnt_tcp.c b/src/lib/rpc/clnt_tcp.c
index 8776190..dbd62d0 100644
--- a/src/lib/rpc/clnt_tcp.c
+++ b/src/lib/rpc/clnt_tcp.c
@@ -168,9 +168,9 @@ clnttcp_create(
if (*sockp < 0) {
*sockp = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
(void)bindresvport_sa(*sockp, NULL);
- if ((*sockp < 0)
- || (connect(*sockp, (struct sockaddr *)raddr,
- sizeof(*raddr)) < 0)) {
+ if (*sockp < 0 || raddr == NULL ||
+ connect(*sockp, (struct sockaddr *)raddr,
+ sizeof(*raddr)) < 0) {
rpc_createerr.cf_stat = RPC_SYSTEMERROR;
rpc_createerr.cf_error.re_errno = errno;
(void)closesocket(*sockp);
More information about the cvs-krb5
mailing list