Wednesday, June 1, 2016

[389-commits] ldap/servers

ldap/servers/slapd/modify.c | 32 +++++++++++++++++---------------
1 file changed, 17 insertions(+), 15 deletions(-)

New commits:
commit a441a58e9ee3f9fb5cb64da97f0d735b1f166e4f
Author: William Brown <firstyear@redhat.com>
Date: Tue May 31 15:12:19 2016 +1000

Ticket 48858 - Segfault changing nsslapd-rootpw

Bug Description: py.ldap has a bug where it will send empty change lists. This
trigged a segfault in Directory Server where hash_rootpw expected there to be
at least a single value to act upon

Fix Description: Check that mod_bvalues is not NULL

https://fedorahosted.org/389/ticket/48858

Author: wibrown

Review by: nhosoi (Thank you!)

diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 438c925..4a5faa0 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -1436,22 +1436,24 @@ hash_rootpw (LDAPMod **mods)
if (strcasecmp (mod->mod_type, CONFIG_ROOTPW_ATTRIBUTE) != 0)
continue;

- for (j = 0; mod->mod_bvalues[j] != NULL; j++) {
- char *val = mod->mod_bvalues[j]->bv_val;
- char *hashedval = NULL;
- struct pw_scheme *pws = pw_val2scheme (val, NULL, 0);
- if (pws) {
- free_pw_scheme(pws);
- /* Value is pre-hashed, no work to do for this value */
- continue;
- } else if (! slapd_nss_is_initialized() ) {
- /* We need to hash a value but NSS is not initialized; bail */
- return -1;
+ if (mod->mod_bvalues != NULL) {
+ for (j = 0; mod->mod_bvalues[j] != NULL; j++) {
+ char *val = mod->mod_bvalues[j]->bv_val;
+ char *hashedval = NULL;
+ struct pw_scheme *pws = pw_val2scheme (val, NULL, 0);
+ if (pws) {
+ free_pw_scheme(pws);
+ /* Value is pre-hashed, no work to do for this value */
+ continue;
+ } else if (! slapd_nss_is_initialized() ) {
+ /* We need to hash a value but NSS is not initialized; bail */
+ return -1;
+ }
+ hashedval=(slapdFrontendConfig->rootpwstoragescheme->pws_enc)(val);
+ slapi_ch_free_string (&val);
+ mod->mod_bvalues[j]->bv_val = hashedval;
+ mod->mod_bvalues[j]->bv_len = strlen (hashedval);
}
- hashedval=(slapdFrontendConfig->rootpwstoragescheme->pws_enc)(val);
- slapi_ch_free_string (&val);
- mod->mod_bvalues[j]->bv_val = hashedval;
- mod->mod_bvalues[j]->bv_len = strlen (hashedval);
}
}
return 0;

_______________________________________________
389-commits mailing list -- 389-commits@lists.fedoraproject.org
To unsubscribe send an email to 389-commits-leave@lists.fedoraproject.org

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)