kauth: Catch ka_KeyCheckSum failures
authorSimon Wilkinson <sxw@your-file-system.com>
Fri, 22 Feb 2013 09:47:57 +0000 (09:47 +0000)
committerJeffrey Altman <jaltman@your-file-system.com>
Sun, 24 Feb 2013 19:06:42 +0000 (11:06 -0800)
If ka_KeyCheckSum fails, typically because the key being used is bad,
catch the failure rather than just silently ignoring it.

Caught by clang-analyzer

Change-Id: Id51174fdf94356db10961690808670da372bc60e
Reviewed-on: http://gerrit.openafs.org/9179
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

src/kauth/kaprocs.c

index 9e9f02c..f3f1ead 100644 (file)
@@ -1638,7 +1638,11 @@ kamGetEntry(struct rx_call *call,
        memcpy(&aentry->key, &tentry.key, sizeof(struct ktc_encryptionKey));
     else
        memset(&aentry->key, 0, sizeof(aentry->key));
+
     code = ka_KeyCheckSum((char *)&tentry.key, &aentry->keyCheckSum);
+    if (code)
+       goto abort;
+
     if (!tentry.pwsums[0] && npwSums > 1 && !tentry.pwsums[1]) {
        aentry->reserved3 = 0x12340000;
     } else {