From: Luca Bruno <luca.bruno@rocket-internet.de>
Date: Wed, 5 Nov 2014 15:15:55 +0000 (+0100)
Subject: ITS#8198 Fix an always-true check
X-Git-Tag: OPENLDAP_REL_ENG_2_4_43~76
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=137748e4b4849a7389788e0593951c4035bdff20;p=openldap

ITS#8198 Fix an always-true check

Fixed asprintf return value check, in order to properly catch
error conditions. This has been caught by clang -Wtautological-compare:

pw-pbkdf2.c:132:17: warning: comparison of unsigned expression < 0 is always false
        if(msg->bv_len < 0){
           ~~~~~~~~~~~ ^ ~

Signed-off-by: Luca Bruno <luca.bruno@rocket-internet.de>
---

diff --git a/contrib/slapd-modules/passwd/pbkdf2/pw-pbkdf2.c b/contrib/slapd-modules/passwd/pbkdf2/pw-pbkdf2.c
index e7c300ee89..e0f5dfd74c 100644
--- a/contrib/slapd-modules/passwd/pbkdf2/pw-pbkdf2.c
+++ b/contrib/slapd-modules/passwd/pbkdf2/pw-pbkdf2.c
@@ -99,7 +99,7 @@ static int pbkdf2_format(
 	struct berval *msg)
 {
 
-	int rc;
+	int rc, msg_len;
 	char salt_b64[LUTIL_BASE64_ENCODE_LEN(PBKDF2_SALT_SIZE) + 1];
 	char dk_b64[LUTIL_BASE64_ENCODE_LEN(PBKDF2_MAX_DK_SIZE) + 1];
 
@@ -115,13 +115,15 @@ static int pbkdf2_format(
 		return LUTIL_PASSWD_ERR;
 	}
 	b64_to_ab64(dk_b64);
-	msg->bv_len = asprintf(&msg->bv_val, "%s%d$%s$%s",
+	msg_len = asprintf(&msg->bv_val, "%s%d$%s$%s",
 						   sc->bv_val, iteration,
 						   salt_b64, dk_b64);
-	if(msg->bv_len < 0){
+	if(msg_len < 0){
+		msg->bv_len = 0;
 		return LUTIL_PASSWD_ERR;
 	}
 
+	msg->bv_len = msg_len;
 	return LUTIL_PASSWD_OK;
 }