diff options
| author | Martin Kosek <mkosek@redhat.com> | 2011-01-12 10:33:07 +0100 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-01-12 11:44:59 -0500 |
| commit | bea3999daf31b496f0da278ceb5e0386758fa059 (patch) | |
| tree | 74ec9835796f1a99a1c7746ab1dcfda6c4b50e1f | |
| parent | d03ffeabe20c8f336d536232d9d6d2ce2087b152 (diff) | |
| download | freeipa-bea3999daf31b496f0da278ceb5e0386758fa059.tar.gz freeipa-bea3999daf31b496f0da278ceb5e0386758fa059.tar.xz freeipa-bea3999daf31b496f0da278ceb5e0386758fa059.zip | |
Potential NULL dereference in ipapwd_prepost
This patch increases robustness in PRE MOD password SLAPI module
by ensuring that an uninitialized pointer is not dereferenced.
https://fedorahosted.org/freeipa/ticket/719
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c index 1acd46e48..34045e208 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c @@ -564,8 +564,8 @@ static int ipapwd_pre_mod(Slapi_PBlock *pb) if (!bv) { is_pwd_op = 0; } else { - if (0 == strncmp(userpw, bv->bv_val, bv->bv_len) || - 0 == strncmp(unhashedpw, bv->bv_val, bv->bv_len)) + if ((userpw && 0 == strncmp(userpw, bv->bv_val, bv->bv_len)) || + (unhashedpw && 0 == strncmp(unhashedpw, bv->bv_val, bv->bv_len))) is_pwd_op = 0; } default: |