security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

dirmngr: Avoid casting away a const from an char**. 

* dirmngr/ldap.c (start_cert_fetch_ldap): Do not use pointers from
global variables.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2015-11-27 17:10:59 +01:00
parent da5a232199
commit 6501741d2c
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 38 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
dirmngr/ldap.c
View File

@ -520,33 +520,54 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
strlist_t patterns, const ldap_server_t server) strlist_t patterns, const ldap_server_t server)
{ {
gpg_error_t err; gpg_error_t err;
const char *host; char *proxy = NULL;
char *host = NULL;
int port; int port;
const char *user; char *user = NULL;
const char *pass; char *pass = NULL;
const char *base; const char *base;
char *argv[50]; char *argv[50];
int argc; int argc = 0;
int argc_malloced; int argc_malloced = 0;
char portbuf[30], timeoutbuf[30]; char portbuf[30], timeoutbuf[30];
*context = NULL; *context = NULL;
if (opt.ldap_proxy && !(proxy = xtrystrdup (opt.ldap_proxy)))
{
err = gpg_error_from_syserror ();
goto leave;
}
if (server) if (server)
{ {
host = server->host; if (server->host && !(host = xtrystrdup (server->host)))
{
err = gpg_error_from_syserror ();
goto leave;
}
port = server->port; port = server->port;
user = server->user; if (server->user && !(user = xtrystrdup (server->user)))
pass = server->pass; {
err = gpg_error_from_syserror ();
goto leave;
}
if (server->pass && !(pass = xtrystrdup (server->pass)))
{
err = gpg_error_from_syserror ();
goto leave;
}
base = server->base; base = server->base;
} }
else /* Use a default server. */ else /* Use a default server. */
return gpg_error (GPG_ERR_NOT_IMPLEMENTED); return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
if (!base) if (!base)
base = ""; base = "";
argc = 0;
if (pass) /* Note: Must be the first item. */ if (pass) /* Note: Must be the first item. */
{ {
argv[argc++] = "--pass"; argv[argc++] = "--pass";
@ -558,14 +579,14 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
argv[argc++] = "--multi"; argv[argc++] = "--multi";
if (opt.ldaptimeout) if (opt.ldaptimeout)
{ {
sprintf (timeoutbuf, "%u", opt.ldaptimeout); snprintf (timeoutbuf, sizeof timeoutbuf, "%u", opt.ldaptimeout);
argv[argc++] = "--timeout"; argv[argc++] = "--timeout";
argv[argc++] = timeoutbuf; argv[argc++] = timeoutbuf;
} }
if (opt.ldap_proxy) if (opt.ldap_proxy)
{ {
argv[argc++] = "--proxy"; argv[argc++] = "--proxy";
argv[argc++] = opt.ldap_proxy; argv[argc++] = proxy;
} }
if (host) if (host)
{ {
@ -574,7 +595,7 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
} }
if (port) if (port)
{ {
sprintf (portbuf, "%d", port); snprintf (portbuf, sizeof portbuf, "%d", port);
argv[argc++] = "--port"; argv[argc++] = "--port";
argv[argc++] = portbuf; argv[argc++] = portbuf;
} }
@ -626,7 +647,7 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
goto leave; goto leave;
} }
err = ldap_wrapper (ctrl, &(*context)->reader, argv); err = ldap_wrapper (ctrl, &(*context)->reader, (const char**)argv);
if (err) if (err)
{ {
@ -637,6 +658,10 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
leave: leave:
for (; argc_malloced < argc; argc_malloced++) for (; argc_malloced < argc; argc_malloced++)
xfree (argv[argc_malloced]); xfree (argv[argc_malloced]);
xfree (proxy);
xfree (host);
xfree (user);
xfree (pass);
return err; return err;
} }