diff options
| author | Simo Sorce <ssorce@redhat.com> | 2011-09-16 11:42:18 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-09-21 16:04:39 -0400 |
| commit | 355b93ecf3fa130674b1888bec97e9c600bc7a95 (patch) | |
| tree | 7bc1e4d2217fd6d909c9f63f1f21476cb83a5662 /daemons | |
| parent | 798490ffb6b83bf9cf1a5bdbddefca441b9421f9 (diff) | |
| download | freeipa-355b93ecf3fa130674b1888bec97e9c600bc7a95.tar.gz freeipa-355b93ecf3fa130674b1888bec97e9c600bc7a95.tar.xz freeipa-355b93ecf3fa130674b1888bec97e9c600bc7a95.zip | |
ipa-pwd-extop: Fix segfault in password change.
Do not pass an empty buffer to ber_init() as it will assert.
Check before hand and return an error.
Diffstat (limited to 'daemons')
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 259138d9a..921e9875e 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -150,6 +150,13 @@ static int ipapwd_chpwop(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg) /* Get the ber value of the extended operation */ slapi_pblock_get(pb, SLAPI_EXT_OP_REQ_VALUE, &extop_value); + if (extop_value == NULL || + (extop_value->bv_len == 0 || extop_value->bv_val == NULL)) { + errMesg = "PasswdModify Request empty.\n"; + rc = LDAP_UNWILLING_TO_PERFORM; + goto free_and_return; + } + if ((ber = ber_init(extop_value)) == NULL) { errMesg = "PasswdModify Request decode failed.\n"; |