From bea3999daf31b496f0da278ceb5e0386758fa059 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Wed, 12 Jan 2011 10:33:07 +0100
Subject: Potential NULL dereference in ipapwd_prepost

This patch increases robustness in PRE MOD password SLAPI module
by ensuring that an uninitialized pointer is not dereferenced.

https://fedorahosted.org/freeipa/ticket/719
---
 daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'daemons/ipa-slapi-plugins')

diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
index 1acd46e48..34045e208 100644
--- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
+++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c
@@ -564,8 +564,8 @@ static int ipapwd_pre_mod(Slapi_PBlock *pb)
                 if (!bv) {
                     is_pwd_op = 0;
                 } else {
-                    if (0 == strncmp(userpw, bv->bv_val, bv->bv_len) ||
-                        0 == strncmp(unhashedpw, bv->bv_val, bv->bv_len))
+                    if ((userpw && 0 == strncmp(userpw, bv->bv_val, bv->bv_len)) ||
+                        (unhashedpw && 0 == strncmp(unhashedpw, bv->bv_val, bv->bv_len)))
                         is_pwd_op = 0;
                 }
             default:
-- 
cgit