ldap/servers/plugins/acl/acllas.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
New commits:
commit 19c62472381cf72bc7bd20694bbd672edde7f94f
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Wed Sep 1 15:08:35 2010 -0600
bug 614511 - fix coverity null reference - revert macro aci $dn logic
instead of changing the logic to catch matched_val == NULL, make the code
work like it does in earlier releases, but add an explicit check for
matched_val == NULL to avoid using it.
diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c
index c510eb1..a41487e 100644
--- a/ldap/servers/plugins/acl/acllas.c
+++ b/ldap/servers/plugins/acl/acllas.c
@@ -4178,8 +4178,8 @@ acllas_replace_dn_macro( char *rule, char *matched_val, lasInfo
*lasinfo) {
has_macro_levels = 1;
}
- if ( !has_macro_dn ) { /* No $(dn) */
-
+ if ( (!has_macro_dn && !has_macro_levels) || !matched_val ) { /* No ($dn) and no
[$dn] ... */
+ /* ... or no value to replace */
/*
* No $dn thing, just return a list with two elements, rule and NULL.
* charray_add will create the list and null terminate it.
@@ -4194,9 +4194,11 @@ acllas_replace_dn_macro( char *rule, char *matched_val, lasInfo
*lasinfo) {
*
* First, replace all occurrencers of ($dn) with the matched_val
*/
- patched_rule =
+ if ( has_macro_dn) {
+ patched_rule =
acl_replace_str(rule, ACL_RULE_MACRO_DN_KEY, matched_val);
-
+ }
+
/* If there are no [$dn] we're done */
if ( !has_macro_levels ) {
Show replies by thread