code: check return value of functions in logout.c

oidc_get_provider_from_session and oidc_refresh_token_grant Signed-off-by: Hans Zandbelt <[email protected]>
OpenIDC · Dec 16, 2024 · 74db443 · 74db443
1 parent ef27683
commit 74db443
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 4 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -3,6 +3,7 @@
 - code: declare enum members as int so they can be set to OIDC_CONFIG_POS_INT_UNSET without warning
 - code: declare memcache members as int so they can be set to OIDC_CONFIG_POS_INT_UNSET without warning
 - code: declare introspection_endpoint_method member as int so it can be set to OIDC_CONFIG_POS_INT_UNSET without warning
+- code: check return value of oidc_get_provider_from_session and oidc_refresh_token_grant in logout.c
 
 12/15/2024
 - add Coverity Github action

diff --git a/src/handle/logout.c b/src/handle/logout.c
@@ -474,12 +474,14 @@ int oidc_logout(request_rec *r, oidc_cfg_t *c, oidc_session_t *session) {
 		}
 	}
 
-	oidc_get_provider_from_session(r, c, session, &provider);
+	if (oidc_get_provider_from_session(r, c, session, &provider) == FALSE)
+		oidc_warn(r, "oidc_get_provider_from_session failed");
 
 	if ((provider != NULL) && (oidc_cfg_provider_end_session_endpoint_get(provider) != NULL)) {
 
 		if (apr_table_get(r->subprocess_env, OIDC_REFRESH_TOKENS_BEFORE_LOGOUT_ENVVAR) != NULL) {
-			oidc_refresh_token_grant(r, c, session, provider, NULL, NULL, &id_token_hint);
+			if (oidc_refresh_token_grant(r, c, session, provider, NULL, NULL, &id_token_hint) == FALSE)
+				oidc_warn(r, "id_token_hint could not be refreshed before logout");
 		} else {
 			id_token_hint = apr_pstrdup(r->pool, oidc_session_get_idtoken(r, session));
 		}

diff --git a/src/http.c b/src/http.c
@@ -751,12 +751,12 @@ static apr_byte_t oidc_http_request(request_rec *r, const char *url, const char
 
 	/* setup the buffer where the response data will be written to */
 	OIDC_HTTP_CURL_SETOPT(CURLOPT_WRITEFUNCTION, oidc_http_response_data);
-	/* coverity[bad_sizeof] */                                                                              \
+	/* coverity[bad_sizeof] */
 	OIDC_HTTP_CURL_SETOPT(CURLOPT_WRITEDATA, &d_buf);
 
 	/* setup the buffer where the response headers will be written to */
 	OIDC_HTTP_CURL_SETOPT(CURLOPT_HEADERFUNCTION, oidc_http_response_header);
-	/* coverity[bad_sizeof] */                                                                              \
+	/* coverity[bad_sizeof] */
 	OIDC_HTTP_CURL_SETOPT(CURLOPT_HEADERDATA, &h_buf);
 
 #ifndef LIBCURL_NO_CURLPROTO