From 7bf1e6a8aaeabd049b0cdfad7df329a089c233c8 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 14 Nov 2008 09:55:28 -0500 Subject: Fix a free before use bug, it may lead to crashes but usually just corrupts the changepw dn we store so that it won't match. This causes normal password changes to be interpreted as password resets instead, and the new legit password is immediately expired. --- ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 90474809e..ca367c816 100644 --- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -3821,7 +3821,7 @@ static int ipapwd_start( Slapi_PBlock *pb ) { krb5_context krbctx; krb5_error_code krberr; - char *realm; + char *realm = NULL; char *config_dn; char *partition_dn; Slapi_Entry *config_entry = NULL; @@ -3861,11 +3861,9 @@ static int ipapwd_start( Slapi_PBlock *pb ) ipa_realm_dn = slapi_ch_smprintf("cn=%s,cn=kerberos,%s", realm, partition_dn); if (!ipa_realm_dn) { slapi_log_error( SLAPI_LOG_FATAL, "ipapwd_start", "Out of memory ?\n"); - free(realm); ret = LDAP_OPERATIONS_ERROR; goto done; } - free(realm); ipa_pwd_config_dn = slapi_ch_strdup(config_dn); if (!ipa_pwd_config_dn) { @@ -3885,6 +3883,7 @@ static int ipapwd_start( Slapi_PBlock *pb ) ret = LDAP_SUCCESS; done: + free(realm); krb5_free_context(krbctx); if (config_entry) slapi_entry_free(config_entry); return ret; -- cgit