On Wed, Apr 29, 2015 at 01:42:10PM +0000, Aron Parsons - US wrote:
This patch checks that view_name is not null in ipa_s2n_save_objects
before using it. The segfault was introduced in
3453e4734d2f7738034af61edb7d33c0c7095d8a. Patch is against master, but it should be
included in master and sssd-1-12.
/aron
obvious ACK
CI:
http://sssd-ci.duckdns.org/logs/job/13/57/summary.html
Thank you for the patch
bye,
Sumit
From c684b77517a507097aa7896ae15285b3ad1e78a8 Mon Sep 17 00:00:00
2001
From: Aron Parsons <parsonsa(a)bit-sys.com>
Date: Wed, 29 Apr 2015 03:19:32 +0000
Subject: [PATCH] IPA: fix segfault in ipa_s2n_exop
can be triggered on demand by assigning a POSIX group
with external members sudo privileges, then dropping
the cache and doing a sudo -U <user> -l.
---
src/providers/ipa/ipa_s2n_exop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
index 688fdefe8eefe29a0cd13010bb3998527f3111f4..d07923cffb49bbfeb7d500f281b1a2aff547ed1c
100644
--- a/src/providers/ipa/ipa_s2n_exop.c
+++ b/src/providers/ipa/ipa_s2n_exop.c
@@ -2165,7 +2165,7 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
goto done;
}
- if (strcmp(view_name, SYSDB_DEFAULT_VIEW_NAME) != 0) {
+ if (view_name != NULL && strcmp(view_name, SYSDB_DEFAULT_VIEW_NAME) != 0) {
/* For the default view the data return by the extdom plugin already
* contains all needed data and it is not expected to have a separate
* override object. */
--
1.8.3.1
_______________________________________________
sssd-devel mailing list
sssd-devel(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel