diff options
author | Simo Sorce <ssorce@redhat.com> | 2008-11-14 09:55:28 -0500 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2008-11-14 09:55:28 -0500 |
commit | 7bf1e6a8aaeabd049b0cdfad7df329a089c233c8 (patch) | |
tree | 133313df7684e698f8e6d384ebc741d85bba6fb5 | |
parent | f8da71cc6e45ff322e8d8dbabe17dca3c7302e1f (diff) | |
download | freeipa-7bf1e6a8aaeabd049b0cdfad7df329a089c233c8.tar.gz freeipa-7bf1e6a8aaeabd049b0cdfad7df329a089c233c8.tar.xz freeipa-7bf1e6a8aaeabd049b0cdfad7df329a089c233c8.zip |
Fix a free before use bug, it may lead to crashes but usually just corruptsrelease-1-2-0
the changepw dn we store so that it won't match. This causes normal password
changes to be interpreted as password resets instead, and the new legit
password is immediately expired.
-rw-r--r-- | ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 90474809e..ca367c816 100644 --- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -3821,7 +3821,7 @@ static int ipapwd_start( Slapi_PBlock *pb ) { krb5_context krbctx; krb5_error_code krberr; - char *realm; + char *realm = NULL; char *config_dn; char *partition_dn; Slapi_Entry *config_entry = NULL; @@ -3861,11 +3861,9 @@ static int ipapwd_start( Slapi_PBlock *pb ) ipa_realm_dn = slapi_ch_smprintf("cn=%s,cn=kerberos,%s", realm, partition_dn); if (!ipa_realm_dn) { slapi_log_error( SLAPI_LOG_FATAL, "ipapwd_start", "Out of memory ?\n"); - free(realm); ret = LDAP_OPERATIONS_ERROR; goto done; } - free(realm); ipa_pwd_config_dn = slapi_ch_strdup(config_dn); if (!ipa_pwd_config_dn) { @@ -3885,6 +3883,7 @@ static int ipapwd_start( Slapi_PBlock *pb ) ret = LDAP_SUCCESS; done: + free(realm); krb5_free_context(krbctx); if (config_entry) slapi_entry_free(config_entry); return ret; |