summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2008-11-19 19:05:34 -0500
committerSimo Sorce <ssorce@redhat.com>2008-11-20 14:03:49 -0500
commita95978111089e2963c39c84204a8482c9e9fcc65 (patch)
tree0b28cd7acb8423e159348c1d1ae61a9f9d5d576f
parente857217c8ffc82012e1e364781867fc7c59d7914 (diff)
downloadfreeipa-a95978111089e2963c39c84204a8482c9e9fcc65.zip
freeipa-a95978111089e2963c39c84204a8482c9e9fcc65.tar.gz
freeipa-a95978111089e2963c39c84204a8482c9e9fcc65.tar.xz
We must always zero out the target ientry unconditionally where it is used
and never free it in the destructor.
-rw-r--r--ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c20
1 files changed, 6 insertions, 14 deletions
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
index 627deec..5b62a23 100644
--- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
+++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
@@ -3045,10 +3045,6 @@ static void ipapwd_op_ext_destructor(void *ext, void *object, void *parent)
if (pwdop->pwd_op != IPAPWD_OP_NULL) {
slapi_ch_free_string(&(pwdop->pwdata.dn));
slapi_ch_free_string(&(pwdop->pwdata.password));
-
- /* target should never be set, but just in case ... */
- if (pwdop->pwdata.target)
- slapi_entry_free(pwdop->pwdata.target);
}
slapi_ch_free((void **)&pwdop);
}
@@ -3340,13 +3336,10 @@ static int ipapwd_pre_add(Slapi_PBlock *pb)
}
}
- /* we do not know if the entry pointer will still be valid after the op
- * make sure we do not reference it by mistake later on */
- pwdop->pwdata.target = NULL;
-
rc = LDAP_SUCCESS;
done:
+ if (pwdop) pwdop->pwdata.target = NULL;
free_ipapwd_krbcfg(&krbcfg);
slapi_ch_free_string(&userpw);
if (rc != LDAP_SUCCESS) {
@@ -3800,8 +3793,7 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
if (!gmtime_r(&(pwdop->pwdata.timeNow), &utctime)) {
slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME,
"failed to parse current date (buggy gmtime_r ?)\n");
- slapi_mods_free(&smods);
- return 0;
+ goto done;
}
strftime(timestr, GENERALIZED_TIME_LENGTH+1,
"%Y%m%d%H%M%SZ", &utctime);
@@ -3812,8 +3804,7 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) {
slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME,
"failed to parse expiration date (buggy gmtime_r ?)\n");
- slapi_mods_free(&smods);
- return 0;
+ goto done;
}
strftime(timestr, GENERALIZED_TIME_LENGTH+1,
"%Y%m%d%H%M%SZ", &utctime);
@@ -3832,8 +3823,7 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
if (ret != LDAP_SUCCESS) {
slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME,
"Failed tpo retrieve entry?!?\n");
- slapi_mods_free(&smods);
- return 0;
+ goto done;
}
}
pwvals = ipapwd_setPasswordHistory(smods, &pwdop->pwdata);
@@ -3848,6 +3838,8 @@ static int ipapwd_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME,
"Failed to set additional password attributes in the post-op!\n");
+done:
+ if (pwdop && pwdop->pwdata.target) slapi_entry_free(pwdop->pwdata.target);
slapi_mods_free(&smods);
return 0;
}