This is an automated email from the git hooks/post-receive script.

mreynolds pushed a commit to branch master in repository 389-ds-base.

commit d86e0f9634e694feb378ee335d29b2e89fd27e2c Author: Mark Reynolds mreynolds@redhat.com Date: Mon Jan 29 11:53:33 2018 -0500

Ticket 49370 - Crash when using a global and local pw policies

Description: This a regression from the previous patch. We were accidently using a reference to the global pw policy password storage scheme, which was getting freed after pblock was done from an operation. The next operation then used(and double freed) this memory on the next operation.

https://pagure.io/389-ds-base/issue/49370

Reviewed by: tbordaz (Thanks!) --- ldap/servers/slapd/pw.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-)

diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c index 3140ba1..e2cd165 100644 --- a/ldap/servers/slapd/pw.c +++ b/ldap/servers/slapd/pw.c @@ -212,7 +212,7 @@ pw_name2scheme(char *name) typedef int (*CMPFP)(char *, char *); typedef char *(*ENCFP)(char *);

- if (strcmp(DEFAULT_PASSWORD_SCHEME_NAME, name) == 0) { + if (name == NULL || strcmp(DEFAULT_PASSWORD_SCHEME_NAME, name) == 0) { /* * If the name is DEFAULT, we need to get a scheme based on env and others. */ @@ -1630,18 +1630,18 @@ pw_get_admin_users(passwdPolicy *pwp) passwdPolicy * new_passwdPolicy(Slapi_PBlock *pb, const char *dn) { + slapdFrontendConfig_t *slapdFrontendConfig = NULL; Slapi_ValueSet *values = NULL; + Slapi_Value **sval = NULL; Slapi_Entry *e = NULL, *pw_entry = NULL; - int type_name_disposition = 0; + passwdPolicy *pwdpolicy = NULL; + Slapi_Attr *attr = NULL; + char *pwscheme_name = NULL; + char *attr_name = NULL; char *actual_type_name = NULL; + int type_name_disposition = 0; int attr_free_flags = 0; int rc = 0; - passwdPolicy *pwdpolicy = NULL; - struct pw_scheme *pwdscheme = NULL; - Slapi_Attr *attr; - char *attr_name; - Slapi_Value **sval; - slapdFrontendConfig_t *slapdFrontendConfig; int optype = -1;

/* If we already allocated a pw policy, return it */ @@ -1735,9 +1735,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn) pw_entry = get_entry(pb, bvp->bv_val); } } - slapi_vattr_values_free(&values, &actual_type_name, attr_free_flags); - slapi_entry_free(e);

if (pw_entry == NULL) { @@ -1750,7 +1748,11 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)

/* Set the default values (from libglobs.c) */ pwpolicy_init_defaults(pwdpolicy); - pwdpolicy->pw_storagescheme = slapdFrontendConfig->pw_storagescheme; + + /* Set the current storage scheme */ + pwscheme_name = config_get_pw_storagescheme(); + pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name); + slapi_ch_free_string(&pwscheme_name);

/* Set the defined values now */ for (slapi_entry_first_attr(pw_entry, &attr); attr; @@ -1883,6 +1885,7 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn) } } else if (!strcasecmp(attr_name, "passwordstoragescheme")) { if ((sval = attr_get_present_values(attr))) { + free_pw_scheme(pwdpolicy->pw_storagescheme); pwdpolicy->pw_storagescheme = pw_name2scheme((char *)slapi_value_get_string(*sval)); } @@ -1942,10 +1945,9 @@ done: * structure from slapdFrontendconfig */ *pwdpolicy = slapdFrontendConfig->pw_policy; - pwdscheme = (struct pw_scheme *)slapi_ch_calloc(1, sizeof(struct pw_scheme)); - *pwdscheme = *slapdFrontendConfig->pw_storagescheme; - pwdscheme->pws_name = strdup(slapdFrontendConfig->pw_storagescheme->pws_name); - pwdpolicy->pw_storagescheme = pwdscheme; + pwscheme_name = config_get_pw_storagescheme(); + pwdpolicy->pw_storagescheme = pw_name2scheme(pwscheme_name); + slapi_ch_free_string(&pwscheme_name); pwdpolicy->pw_admin = slapi_sdn_dup(slapdFrontendConfig->pw_policy.pw_admin); pw_get_admin_users(pwdpolicy); if (pb) {