Page MenuHomeFreeBSD

Fix multiple bugs with ctld's UCL parsing
ClosedPublic

Authored by asomers on Dec 26 2023, 7:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jun 13, 9:00 PM
Unknown Object (File)
Sun, Jun 9, 6:48 AM
Unknown Object (File)
Mon, Jun 3, 3:12 PM
Unknown Object (File)
May 9 2024, 1:40 AM
Unknown Object (File)
Apr 11 2024, 5:52 AM
Unknown Object (File)
Feb 29 2024, 12:45 AM
Unknown Object (File)
Feb 24 2024, 3:34 PM
Unknown Object (File)
Jan 19 2024, 10:05 AM
Subscribers

Details

Summary
  • Don't segfault when parsing a misformatted auth-group section
  • If the config file specifies a chap section within a target but no auth-group, create a new anonymous auth-group. That matches the behavior with non-UCL config files.
  • Protect some potential segfaults with assertions

PR: 274380
MFC after: 1 week
Sponsored by: Axcient

Test Plan

manually tested

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

usr.sbin/ctld/ctld.c
535

Is this a programming error, or a run-time check? If the former, assert is fine. If the latter, then (a) it might not actually check and (b) it will lead to a program termination with an assert. Is that OK here and elsewhere?

usr.sbin/ctld/ctld.c
535

Formerly, it failed at runtime. Now it's just there to catch future programming errors. See the call site at line 737.

This revision is now accepted and ready to land.Dec 27 2023, 5:43 PM
This revision was automatically updated to reflect the committed changes.