From e005ca4576947c9b2f31af33777047e56b90bdf3 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Mon, 17 Mar 2014 10:51:28 -0400
Subject: Better handle out-of-memory reading configuration

If we hit out-of-memory (strdup() failures) while reading the
configuration, don't crash (static analysis).  In some cases,
this means we proceed with garbage data until the copy_config()
function sanity-checks its input and output.
---
 src/back-sch.c | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/src/back-sch.c b/src/back-sch.c
index 4ac1dd1..cdc3923 100644
--- a/src/back-sch.c
+++ b/src/back-sch.c
@@ -131,11 +131,13 @@ backend_copy_set_config(const struct backend_set_data *data)
 	ret->common.inref_attr_list = data->common.inref_attrs ?
 				      format_dup_ref_attr_list(data->common.inref_attr_list) :
 				      NULL;
-	ret->common.entry_filter = strdup(data->common.entry_filter);
+	ret->common.entry_filter = data->common.entry_filter ?
+				   strdup(data->common.entry_filter) :
+				   NULL;
 	ret->common.skip_uninteresting_updates =
 		data->common.skip_uninteresting_updates;
 	ret->container_sdn = slapi_sdn_dup(data->container_sdn);
-	ret->rdn_format = strdup(data->rdn_format);
+	ret->rdn_format = data->rdn_format ? strdup(data->rdn_format) : NULL;
 	ret->attribute_format = backend_shr_dup_strlist(data->attribute_format);
 	ret->check_access = data->check_access;
 	ret->check_nsswitch = data->check_nsswitch;
@@ -145,7 +147,8 @@ backend_copy_set_config(const struct backend_set_data *data)
 	    (ret->common.set == NULL) ||
 	    (ret->common.bases == NULL) ||
 	    (ret->common.entry_filter == NULL) ||
-	    (ret->container_sdn == NULL)) {
+	    (ret->container_sdn == NULL) ||
+	    (ret->rdn_format == NULL)) {
 		backend_set_config_free_config(&ret->common);
 		return NULL;
 	}
@@ -212,7 +215,7 @@ backend_set_config_read_config(struct plugin_state *state, Slapi_Entry *e,
 	} else {
 		ret.common.skip_uninteresting_updates = 0;
 	}
-	if (strlen(ret.common.set) > 0) {
+	if ((ret.common.set != NULL) && (strlen(ret.common.set) > 0)) {
 		dn = slapi_dn_plus_rdn(ret.common.group, ret.common.set);
 	} else {
 		dn = strdup(ret.common.group);
@@ -261,6 +264,19 @@ backend_set_config_read_config(struct plugin_state *state, Slapi_Entry *e,
 	}
 
 	*pret = backend_copy_set_config(&ret);
+	if (*pret == NULL) {
+		if (strlen(container) > 0) {
+			slapi_log_error(SLAPI_LOG_PLUGIN,
+					state->plugin_desc->spd_id,
+					"out of memory initializing container %s in %s\n",
+					container, group);
+		} else {
+			slapi_log_error(SLAPI_LOG_PLUGIN,
+					state->plugin_desc->spd_id,
+					"out of memory initializing group %s\n",
+					group);
+		}
+	}
 	free(ret.common.group);
 	free(ret.common.set);
 	backend_shr_free_strlist(ret.common.bases);
-- 
cgit