ldap/servers/plugins/memberof/memberof.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)
New commits:
commit 887960db50886495ebb6357f05af18156a0b3a98
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu May 8 15:10:52 2014 -0400
Ticket 47793 - Server crashes if uniqueMember is invalid syntax and memberOf
plugin is enabled.
Bug Description: MemberOf assumes the DN value has the correct syntax, and
does not check the normalized value of that DN. This
leads to dereferencing a NULL pointer and crash.
Fix Description: Check the normalized value, and log a proper error.
https://fedorahosted.org/389/ticket/47793
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 6816e1155b28fb65fe294099336c4acbbac8ad77)
diff --git a/ldap/servers/plugins/memberof/memberof.c
b/ldap/servers/plugins/memberof/memberof.c
index 2bb3ca7..da7b568 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -1115,20 +1115,31 @@ memberof_modop_one_replace_r(Slapi_PBlock *pb, MemberOfConfig
*config,
char *op_str = 0;
const char *op_to;
const char *op_this;
- Slapi_Value *to_dn_val;
- Slapi_Value *this_dn_val;
+ Slapi_Value *to_dn_val = NULL;
+ Slapi_Value *this_dn_val = NULL;
op_to = slapi_sdn_get_ndn(op_to_sdn);
op_this = slapi_sdn_get_ndn(op_this_sdn);
- to_dn_val = slapi_value_new_string(op_to);
- this_dn_val = slapi_value_new_string(op_this);
- if(this_dn_val == NULL || to_dn_val == NULL){
+ /* Make sure we have valid DN's for the group(op_this) and the new member(op_to) */
+ if(op_to && op_this){
+ to_dn_val = slapi_value_new_string(op_to);
+ this_dn_val = slapi_value_new_string(op_this);
+ }
+ if(to_dn_val == NULL){
+ const char *udn = op_to_sdn ? slapi_sdn_get_udn(op_to_sdn) : "";
slapi_log_error( SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM,
- "memberof_modop_one_replace_r: failed to get DN values (NULL)\n");
+ "memberof_modop_one_replace_r: failed to get DN value from "
+ "member value (%s)\n", udn);
+ goto bail;
+ }
+ if(this_dn_val == NULL){
+ const char *udn = op_this_sdn ? slapi_sdn_get_udn(op_this_sdn) : "";
+ slapi_log_error( SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM,
+ "memberof_modop_one_replace_r: failed to get DN value from"
+ "group (%s)\n", udn);
goto bail;
}
-
/* op_this and op_to are both case-normalized */
slapi_value_set_flags(this_dn_val, SLAPI_ATTR_FLAG_NORMALIZED_CIS);
slapi_value_set_flags(to_dn_val, SLAPI_ATTR_FLAG_NORMALIZED_CIS);