ldap/servers/slapd/back-ldbm/idl_new.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)

New commits: commit ef04fbc92b0ce819bfeb1a7671f573996c72b5ba Author: Nathan Kinder nkinder@redhat.com Date: Mon Oct 10 15:02:45 2011 -0700

Bug 744946 - (cov#11046) NULL dereference in IDL code

There is a chance of a NULL dereference of the idl pointer in idl_new_fetch() that was reported by a Coverity scan. We should check if idl is NULL before dereferencing it.

diff --git a/ldap/servers/slapd/back-ldbm/idl_new.c b/ldap/servers/slapd/back-ldbm/idl_new.c index aa69960..4667c87 100644 --- a/ldap/servers/slapd/back-ldbm/idl_new.c +++ b/ldap/servers/slapd/back-ldbm/idl_new.c @@ -272,8 +272,8 @@ IDList * idl_new_fetch( LDAPDebug(LDAP_DEBUG_TRACE, "bulk fetch buffer nids=%d\n", count, 0, 0); #if defined(DB_ALLIDS_ON_READ) /* enforce the allids read limit */ - if (NEW_IDL_NO_ALLID != *flag_err && - NULL != a && idl_new_exceeds_allidslimit(count, a, allidslimit)) { + if ((NEW_IDL_NO_ALLID != *flag_err) && (NULL != a) && + (idl != NULL) && idl_new_exceeds_allidslimit(count, a, allidslimit)) { idl->b_nids = 1; idl->b_ids[0] = ALLID; ret = DB_NOTFOUND; /* fool the code below into thinking that we finished the dups */ @@ -301,7 +301,7 @@ IDList * idl_new_fetch( } #if defined(DB_ALLIDS_ON_READ) /* enforce the allids read limit */ - if (idl_new_exceeds_allidslimit(count, a, allidslimit)) { + if ((idl != NULL) && idl_new_exceeds_allidslimit(count, a, allidslimit)) { idl->b_nids = 1; idl->b_ids[0] = ALLID; ret = DB_NOTFOUND; /* fool the code below into thinking that we finished the dups */