From 37836a2e6c07550d504a1075ea5626f160f13342 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Fri, 16 Sep 2011 11:42:18 -0400
Subject: ipa-pwd-extop: Fix segfault in password change.

Do not pass an empty buffer to ber_init() as it will assert.
Check before hand and return an error.
---
 daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'daemons/ipa-slapi-plugins')

diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
index f9f538976..9fdf17713 100644
--- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
+++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
@@ -162,6 +162,13 @@ static int ipapwd_chpwop(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg)
 	/* Get the ber value of the extended operation */
 	slapi_pblock_get(pb, SLAPI_EXT_OP_REQ_VALUE, &extop_value);
 
+    if (extop_value == NULL ||
+        (extop_value->bv_len == 0 || extop_value->bv_val == NULL)) {
+        errMesg = "PasswdModify Request empty.\n";
+        rc = LDAP_UNWILLING_TO_PERFORM;
+        goto free_and_return;
+    }
+
 	if ((ber = ber_init(extop_value)) == NULL)
 	{
 		errMesg = "PasswdModify Request decode failed.\n";
-- 
cgit