fix(sspi): correct invalid null checks for user data

mbroadst · mbroadst · commit 163bdb92e392 · 2018-10-26T16:06:55.000-04:00
NODE-1725
diff --git a/src/win32/kerberos_sspi.cc b/src/win32/kerberos_sspi.cc
@@ -68,7 +68,7 @@ auth_sspi_client_init(WCHAR* service,
         return sspi_error_result_with_message("Ran out of memory assigning service");
     }
 
-    if (user) {
+    if (*user) {
         authIdentity.User = (unsigned short*)user;
         authIdentity.UserLength = ulen;
         authIdentity.Password = (unsigned short*)password;
@@ -92,7 +92,7 @@ auth_sspi_client_init(WCHAR* service,
                                        /* LogonID (We don't use this) */
                                        NULL,
                                        /* AuthData */
-                                       user ? &authIdentity : NULL,
+                                       *user ? &authIdentity : NULL,
                                        /* Always NULL */
                                        NULL,
                                        /* Always NULL */
@@ -319,7 +319,7 @@ auth_sspi_client_wrap(sspi_client_state* state,
         return sspi_error_result(status, "QueryContextAttributes");
     }
 
-    if (user) {
+    if (*user) {
         /* Length of user + 4 bytes for security layer (see below). */
         plaintextMessageSize = ulen + 4;
     } else {
@@ -338,10 +338,10 @@ auth_sspi_client_wrap(sspi_client_state* state,
     }
 
     plaintextMessage = inbuf + sizes.cbSecurityTrailer;
-    if (user) {
+    if (*user) {
         /* Authenticate the provided user. Unlike pykerberos, we don't
          * need any information from "data" to do that.
-         * */
+         */
         plaintextMessage[0] = 1; /* No security layer */
         plaintextMessage[1] = 0;
         plaintextMessage[2] = 0;
@@ -488,7 +488,6 @@ base64_encode(const SEC_CHAR* value, DWORD vlen) {
         }
     }
 
-    // PyErr_Format(GSSError, "CryptBinaryToString failed.");
     return NULL;
 }
 
@@ -537,7 +536,6 @@ wide_to_utf8(WCHAR* value) {
     if (len) {
         out = (CHAR*)malloc(sizeof(CHAR) * len);
         if (!out) {
-            // PyErr_SetNone(PyExc_MemoryError);
             return NULL;
         }
 
@@ -555,7 +553,5 @@ wide_to_utf8(WCHAR* value) {
         }
     }
 
-    // set_gsserror(GetLastError(), "WideCharToMultiByte");
     return NULL;
 }
-
diff --git a/src/win32/kerberos_win32.cc b/src/win32/kerberos_win32.cc
@@ -170,8 +170,6 @@ NAN_METHOD(InitializeClient) {
             worker->Call(2, argv);
         });
     });
-
-
 }
 
 NAN_METHOD(InitializeServer) {

Original file line number	Diff line number	Diff line change
`@@ -68,7 +68,7 @@ auth_sspi_client_init(WCHAR* service,`
`68`	`68`	`return sspi_error_result_with_message("Ran out of memory assigning service");`
`69`	`69`	`}`
`70`	`70`
`71`		`- if (user) {`
	`71`	`+ if (*user) {`
`72`	`72`	`authIdentity.User = (unsigned short*)user;`
`73`	`73`	`authIdentity.UserLength = ulen;`
`74`	`74`	`authIdentity.Password = (unsigned short*)password;`
`@@ -92,7 +92,7 @@ auth_sspi_client_init(WCHAR* service,`
`92`	`92`	`/* LogonID (We don't use this) */`
`93`	`93`	`NULL,`
`94`	`94`	`/* AuthData */`
`95`		`- user ? &authIdentity : NULL,`
	`95`	`+ *user ? &authIdentity : NULL,`
`96`	`96`	`/* Always NULL */`
`97`	`97`	`NULL,`
`98`	`98`	`/* Always NULL */`
`@@ -319,7 +319,7 @@ auth_sspi_client_wrap(sspi_client_state* state,`
`319`	`319`	`return sspi_error_result(status, "QueryContextAttributes");`
`320`	`320`	`}`
`321`	`321`
`322`		`- if (user) {`
	`322`	`+ if (*user) {`
`323`	`323`	`/* Length of user + 4 bytes for security layer (see below). */`
`324`	`324`	`plaintextMessageSize = ulen + 4;`
`325`	`325`	`} else {`
`@@ -338,10 +338,10 @@ auth_sspi_client_wrap(sspi_client_state* state,`
`338`	`338`	`}`
`339`	`339`
`340`	`340`	`plaintextMessage = inbuf + sizes.cbSecurityTrailer;`
`341`		`- if (user) {`
	`341`	`+ if (*user) {`
`342`	`342`	`/* Authenticate the provided user. Unlike pykerberos, we don't`
`343`	`343`	`* need any information from "data" to do that.`
`344`		`- * */`
	`344`	`+ */`
`345`	`345`	`plaintextMessage[0] = 1; /* No security layer */`
`346`	`346`	`plaintextMessage[1] = 0;`
`347`	`347`	`plaintextMessage[2] = 0;`
`@@ -488,7 +488,6 @@ base64_encode(const SEC_CHAR* value, DWORD vlen) {`
`488`	`488`	`}`
`489`	`489`	`}`
`490`	`490`
`491`		`- // PyErr_Format(GSSError, "CryptBinaryToString failed.");`
`492`	`491`	`return NULL;`
`493`	`492`	`}`
`494`	`493`
`@@ -537,7 +536,6 @@ wide_to_utf8(WCHAR* value) {`
`537`	`536`	`if (len) {`
`538`	`537`	`out = (CHAR)malloc(sizeof(CHAR) len);`
`539`	`538`	`if (!out) {`
`540`		`- // PyErr_SetNone(PyExc_MemoryError);`
`541`	`539`	`return NULL;`
`542`	`540`	`}`
`543`	`541`
`@@ -555,7 +553,5 @@ wide_to_utf8(WCHAR* value) {`
`555`	`553`	`}`
`556`	`554`	`}`
`557`	`555`
`558`		`- // set_gsserror(GetLastError(), "WideCharToMultiByte");`
`559`	`556`	`return NULL;`
`560`	`557`	`}`
`561`		`-`
Original file line number	Diff line number	Diff line change
`@@ -170,8 +170,6 @@ NAN_METHOD(InitializeClient) {`
`170`	`170`	`worker->Call(2, argv);`
`171`	`171`	`});`
`172`	`172`	`});`
`173`		`-`
`174`		`-`
`175`	`173`	`}`
`176`	`174`
`177`	`175`	`NAN_METHOD(InitializeServer) {`