[sssd] rhbz:#871176 Check the validity of namingContext

Tue Oct 30 10:11:48 UTC 2012

commit fdd9aa55f7e80204b93b576074583f4fcb2c9592
Author: Jakub Hrozek <jhrozek at redhat.com>
Date:   Tue Oct 30 10:59:25 2012 +0100

    rhbz:#871176 Check the validity of namingContext

 0001-LDAP-Check-validity-of-naming_context.patch |   26 ++++++++++++++++++++++
 sssd.spec                                        |    6 ++++-
 2 files changed, 31 insertions(+), 1 deletions(-)
---

diff --git a/0001-LDAP-Check-validity-of-naming_context.patch b/0001-LDAP-Check-validity-of-naming_context.patch
new file mode 100644
index 0000000..30564fd
--- /dev/null
+++ b/0001-LDAP-Check-validity-of-naming_context.patch
@@ -0,0 +1,26 @@
+From 78fb6ec085ba14e513361e42ed9285888ac319e3 Mon Sep 17 00:00:00 2001
+From: Jakub Hrozek <jhrozek at redhat.com>
+Date: Mon, 15 Oct 2012 17:39:14 +0200
+Subject: [PATCH] LDAP: Check validity of naming_context
+
+https://fedorahosted.org/sssd/ticket/1581
+
+If the namingContext attribute had no values or multiple values, then
+our code would dereference a NULL pointer.
+
+diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
+index cdc8b1f18cb38b43a83d734bb5237d5379831b53..f5b1f95f0eaa8e6b5ea9d77c1d7226c05d366104 100644
+--- a/src/providers/ldap/sdap.c
++++ b/src/providers/ldap/sdap.c
+@@ -746,7 +746,7 @@ static char *get_naming_context(TALLOC_CTX *mem_ctx,
+      * a zero-length namingContexts value in some situations. In this
+      * case, we should return it as NULL so things fail gracefully.
+      */
+-    if (naming_context[0] == '\0') {
++    if (naming_context && naming_context[0] == '\0') {
+         talloc_zfree(naming_context);
+     }
+ 
+-- 
+1.7.12.1
+
diff --git a/sssd.spec b/sssd.spec
index 0a66ec0..647b764 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -16,7 +16,7 @@
 
 Name: sssd
 Version: 1.9.2
-Release: 3%{?dist}
+Release: 4%{?dist}
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
@@ -25,6 +25,7 @@ Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 ### Patches ###
+Patch0001:  0001-LDAP-Check-validity-of-naming_context.patch
 Patch0501:  0501-FEDORA-Switch-the-default-ccache-location.patch
 
 ### Dependencies ###
@@ -525,6 +526,9 @@ fi
 %postun -n libsss_sudo -p /sbin/ldconfig
 
 %changelog
+* Tue Oct 30 2012 Jakub Hrozek <jhrozek at redhat.com> - 1.9.2-4
+- Check the validity of naming context
+
 * Thu Oct 18 2012 Jakub Hrozek <jhrozek at redhat.com> - 1.9.2-3
 - Move the sss_cache tool to the main package
 
