[sssd/f18] rhbz:#871176 Check the validity of namingContext

Tue Oct 30 10:11:43 UTC 2012

commit 5fb9c81b27f9b4207e53a5ed549b5987e8a5ae18
Author: Jakub Hrozek <jhrozek at redhat.com>
Date:   Tue Oct 30 10:59:25 2012 +0100

    rhbz:#871176 Check the validity of namingContext

 0001-LDAP-Check-validity-of-naming_context.patch |   26 ++++++++++++++++++++++
 sssd.spec                                        |    6 ++++-
 2 files changed, 31 insertions(+), 1 deletions(-)
---

diff --git a/0001-LDAP-Check-validity-of-naming_context.patch b/0001-LDAP-Check-validity-of-naming_context.patch
new file mode 100644
index 0000000..30564fd
--- /dev/null
+++ b/0001-LDAP-Check-validity-of-naming_context.patch
@@ -0,0 +1,26 @@
+From 78fb6ec085ba14e513361e42ed9285888ac319e3 Mon Sep 17 00:00:00 2001
+From: Jakub Hrozek <jhrozek at redhat.com>
+Date: Mon, 15 Oct 2012 17:39:14 +0200
+Subject: [PATCH] LDAP: Check validity of naming_context
+
+https://fedorahosted.org/sssd/ticket/1581
+
+If the namingContext attribute had no values or multiple values, then
+our code would dereference a NULL pointer.
+
+diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
+index cdc8b1f18cb38b43a83d734bb5237d5379831b53..f5b1f95f0eaa8e6b5ea9d77c1d7226c05d366104 100644
+--- a/src/providers/ldap/sdap.c
++++ b/src/providers/ldap/sdap.c
+@@ -746,7 +746,7 @@ static char *get_naming_context(TALLOC_CTX *mem_ctx,
+      * a zero-length namingContexts value in some situations. In this
+      * case, we should return it as NULL so things fail gracefully.
+      */
+-    if (naming_context[0] == '\0') {
++    if (naming_context && naming_context[0] == '\0') {
+         talloc_zfree(naming_context);
+     }
+ 
+-- 
+1.7.12.1
+
diff --git a/sssd.spec b/sssd.spec
index 1be07a2..d204261 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -16,7 +16,7 @@
 
 Name: sssd
 Version: 1.9.2
-Release: 1%{?dist}
+Release: 2%{?dist}
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
@@ -25,6 +25,7 @@ Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 ### Patches ###
+Patch0001:  0001-LDAP-Check-validity-of-naming_context.patch
 Patch0501:  0501-FEDORA-Switch-the-default-ccache-location.patch
 
 ### Dependencies ###
@@ -522,6 +523,9 @@ fi
 %postun -n libsss_sudo -p /sbin/ldconfig
 
 %changelog
+* Tue Oct 30 2012 Jakub Hrozek <jhrozek at redhat.com> - 1.9.2-4
+- Check the validity of naming context
+
 * Sun Oct 14 2012 Jakub Hrozek <jhrozek at redhat.com> - 1.9.2-1
 - New upstream release 1.9.2
 
