Avoid setting unused variables

* Ignore toktype2 in stream unwrap: we do not need it
* Catch errors from eap peer state machine

* Check error return from vasprintf: string is undefined on error

diff --git a/mech_eap/display_status.c b/mech_eap/display_status.c
index b3cf2f9..4b80d17 100644 (file)
--- a/mech_eap/display_status.c
+++ b/mech_eap/display_status.c
@@ -133,6 +133,8 @@ gssEapSaveStatusInfo(OM_uint32 minor, const char *format, ...)
         va_start(ap, format);
         n = vasprintf(&s, format, ap);
         va_end(ap);
+       if (n == -1)
+         s = NULL;
     }
 
     saveStatusInfoNoCopy(minor, s);

diff --git a/mech_eap/init_sec_context.c b/mech_eap/init_sec_context.c
index 1945f09..d6e8882 100644 (file)
--- a/mech_eap/init_sec_context.c
+++ b/mech_eap/init_sec_context.c
@@ -669,6 +669,11 @@ eapGssSmInitAuthenticate(OM_uint32 *minor,
     major = GSS_S_CONTINUE_NEEDED;
 
     code = eap_peer_sm_step(ctx->initiatorCtx.eap);
+    if (code != 0) {
+      major = GSS_S_FAILURE;
+      *minor = GSSEAP_PEER_SM_STEP_FAILURE;
+      goto cleanup;
+    }
     if (ctx->flags & CTX_FLAG_EAP_RESP) {
         ctx->flags &= ~(CTX_FLAG_EAP_RESP);
 

diff --git a/mech_eap/unwrap_iov.c b/mech_eap/unwrap_iov.c
index 19bafc6..84a9cff 100644 (file)
--- a/mech_eap/unwrap_iov.c
+++ b/mech_eap/unwrap_iov.c
@@ -319,7 +319,7 @@ unwrapStream(OM_uint32 *minor,
     unsigned char *ptr;
     OM_uint32 code = 0, major = GSS_S_FAILURE;
     krb5_context krbContext;
-    int conf_req_flag, toktype2;
+    int conf_req_flag;
     int i = 0, j;
     gss_iov_buffer_desc *tiov = NULL;
     gss_iov_buffer_t stream, data = NULL;
@@ -346,8 +346,7 @@ unwrapStream(OM_uint32 *minor,
     }
 
     ptr = (unsigned char *)stream->buffer.value;
-    toktype2 = load_uint16_be(ptr);
-    ptr += 2;
+    ptr += 2; /*skip token type*/
 
     tiov = (gss_iov_buffer_desc *)GSSEAP_CALLOC((size_t)iov_count + 2,
                                                 sizeof(gss_iov_buffer_desc));