summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2008-11-14 09:55:28 -0500
committerSimo Sorce <ssorce@redhat.com>2008-11-14 09:55:28 -0500
commit7bf1e6a8aaeabd049b0cdfad7df329a089c233c8 (patch)
tree133313df7684e698f8e6d384ebc741d85bba6fb5
parentf8da71cc6e45ff322e8d8dbabe17dca3c7302e1f (diff)
downloadfreeipa-7bf1e6a8aaeabd049b0cdfad7df329a089c233c8.zip
freeipa-7bf1e6a8aaeabd049b0cdfad7df329a089c233c8.tar.gz
freeipa-7bf1e6a8aaeabd049b0cdfad7df329a089c233c8.tar.xz
Fix a free before use bug, it may lead to crashes but usually just corruptsrelease-1-2-0
the changepw dn we store so that it won't match. This causes normal password changes to be interpreted as password resets instead, and the new legit password is immediately expired.
-rw-r--r--ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
index 9047480..ca367c8 100644
--- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
+++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
@@ -3821,7 +3821,7 @@ static int ipapwd_start( Slapi_PBlock *pb )
{
krb5_context krbctx;
krb5_error_code krberr;
- char *realm;
+ char *realm = NULL;
char *config_dn;
char *partition_dn;
Slapi_Entry *config_entry = NULL;
@@ -3861,11 +3861,9 @@ static int ipapwd_start( Slapi_PBlock *pb )
ipa_realm_dn = slapi_ch_smprintf("cn=%s,cn=kerberos,%s", realm, partition_dn);
if (!ipa_realm_dn) {
slapi_log_error( SLAPI_LOG_FATAL, "ipapwd_start", "Out of memory ?\n");
- free(realm);
ret = LDAP_OPERATIONS_ERROR;
goto done;
}
- free(realm);
ipa_pwd_config_dn = slapi_ch_strdup(config_dn);
if (!ipa_pwd_config_dn) {
@@ -3885,6 +3883,7 @@ static int ipapwd_start( Slapi_PBlock *pb )
ret = LDAP_SUCCESS;
done:
+ free(realm);
krb5_free_context(krbctx);
if (config_entry) slapi_entry_free(config_entry);
return ret;