Marked with TODO comments a number of problems in the Kerberos code detected (484d549e) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

lib/security.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -101,6 +101,7 @@ static const struct Curl_sec_client_mech * const mechs[] = {
		NULL
		};

		/* TODO: This function isn't actually used anywhere and should be removed */
		int
		Curl_sec_getc(struct connectdata conn, FILE F)
		{
		@@ -124,6 +125,7 @@ block_read(int fd, void *buf, size_t len)
		if(b == 0)
		return 0;
		else if(b < 0 && (errno == EINTR \|\| errno == EAGAIN))
		/* TODO: this will busy loop in the EAGAIN case */
		continue;
		else if(b < 0)
		return -1;
		@@ -163,6 +165,8 @@ sec_get_data(struct connectdata *conn,
		else if(b < 0)
		return -1;
		len = ntohl(len);
		/* TODO: This realloc will cause a memory leak in an out of memory
		* condition */
		buf->data = realloc(buf->data, len);
		b = buf->data ? block_read(fd, buf->data, len) : -1;
		if(b == 0)

+4 −1

Original line number	Diff line number	Diff line
		@@ -630,13 +630,16 @@ int Curl_read(struct connectdata conn, / connection data */
		return -1;
		#endif
		if(nread < 0)
		/* since it is negative and not EGAIN, it was a protocol-layer error */
		/* since it is negative and not EAGAIN, it was a protocol-layer error */
		return CURLE_RECV_ERROR;
		}
		else {
		if(conn->sec_complete)
		nread = Curl_sec_read(conn, sockfd, buffertofill,
		bytesfromsocket);
		/* TODO: Need to handle EAGAIN here somehow, similar to how it
		* is done in Curl_read_plain, either right here or in Curl_sec_read
		* itself. */
		else {
		int ret = Curl_read_plain(sockfd, buffertofill, bytesfromsocket,
		&nread);