fix a couple of coverity issues

2021-05-20 18:05:17 +05:00 · 2021-05-20 18:05:17 +05:00 · 71c98b23a8
parent 9216f1d2f2
commit 71c98b23a8
7 changed files with 19 additions and 16 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,7 +3,7 @@
 *.so
 .idea/
 .init
-.swp
+*.swp
 .conf.example
 .logrotate
 sources/odyssey
--- a/sources/auth.c
+++ b/sources/auth.c
@ -784,7 +784,8 @@ static inline int od_auth_backend_md5(od_server_t *server, char salt[4],
 	} else if (route->rule->password) {
 		password = route->rule->password;
 		password_len = route->rule->password_len;
-	} else if (client->received_password.password != NULL) {
+	} else if (client != NULL &&
+		   client->received_password.password != NULL) {
 		password = client->received_password.password;
 		password_len = client->received_password.password_len - 1;
 	} else {
--- a/sources/auth_query.c
+++ b/sources/auth_query.c
@ -93,6 +93,10 @@ static inline int od_auth_query_do(od_server_t *server, char *query,
 			/* password */
 			uint32_t password_len;
 			rc = kiwi_read32(&password_len, &pos, &pos_size);
+			if (password_len >
+			    ODYSSEY_AUTH_QUERY_MAX_PASSSWORD_LEN) {
+				goto error;
+			}
 			if (kiwi_unlikely(rc == -1))
 				goto error;
 			char *password = pos;
--- a/sources/auth_query.h
+++ b/sources/auth_query.h
@ -7,6 +7,8 @@
 * Scalable PostgreSQL connection pooler.
 */

+#define ODYSSEY_AUTH_QUERY_MAX_PASSSWORD_LEN 4096
+
 int od_auth_query(od_client_t *, char *);

 #endif /* ODYSSEY_AUTH_QUERY_H */
--- a/sources/config_reader.c
+++ b/sources/config_reader.c
@ -763,7 +763,7 @@ static int od_config_reader_route(od_config_reader_t *reader, char *db_name,
 			if (!od_config_reader_string(reader, &rule->auth))
 				return -1;
 #ifndef USE_SCRAM
-			if (rule->auth == "scram-sha-256") {
+			if (strcmp(rule->auth, "scram-sha-256") == 0) {
 				od_config_reader_error(
 					reader, &token,
 					"SCRAM auth is not supported in this build, try to recompile");
--- a/sources/frontend.c
+++ b/sources/frontend.c
@ -1354,6 +1354,11 @@ void od_frontend(void *arg)
 	rc = od_auth_frontend(client);

 	if (rc != OK_RESPONSE) {
+		/* rc == -1
+                 * here we ignore module retcode because auth already failed
+                 * we just inform side modules that usr was trying to log in
+                 */
+		module->auth_complete_cb(client, rc);
 		goto cleanup;
 	}

@ -1362,19 +1367,9 @@ void od_frontend(void *arg)
 	{
 		od_module_t *module;
 		module = od_container_of(i, od_module_t, link);
-
-		if (rc == OK_RESPONSE) {
-			rc = module->auth_complete_cb(client, rc);
-			if (rc != OD_MODULE_CB_OK_RETCODE) {
-				// user blocked from module callback
-				goto cleanup;
-			}
-		} else {
-			/* rc == -1
-			 * here we ignore module retcode because auth already failed
-			 * we just inform side modules that usr was trying to log in
-			 */
-			module->auth_complete_cb(client, rc);
+		rc = module->auth_complete_cb(client, rc);
+		if (rc != OD_MODULE_CB_OK_RETCODE) {
+			// user blocked from module callback
 			goto cleanup;
 		}
 	}
--- a/sources/ldap.c
+++ b/sources/ldap.c
@ -283,6 +283,7 @@ static inline od_ldap_server_t *od_ldap_server_attach(od_route_t *route,
 			/* special case, when we are interested only in an idle connection
 			 * and do not want to start a new one */
 			// NOT IMPL
+			od_route_unlock(route);
 			return NULL;
 		} else {
 			/* Maybe start new connection, if pool_size is zero */