Bug 630097 - (cov#15477) NULL dereference in ACL plug-in code

We need to check if aclpb is NULL before dereferencing it. The proper thing to do here is to make aclplugin_preop_common() return an error to the LDAP client and to return 1 since the whole purpose of this function is to initialize the aclpb. Doing this will avoid the NULL dereference.
author: Nathan Kinder <nkinder@redhat.com> 2010-09-15 13:31:24 -0700
committer: Nathan Kinder <nkinder@redhat.com> 2010-09-15 13:31:24 -0700
commit: b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c (patch)
tree: c5441d2d834a504e9834e64dcb674ebacad6b4ea
parent: 470e2c70338440f69b0ab8fc02128fe5f204af3e (diff)
download: ds-b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c.tar.gz
ds-b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c.tar.xz
ds-b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/ldap/servers/plugins/acl/aclplugin.c b/ldap/servers/plugins/acl/aclplugin.c
index 873c524e..d54250d5 100644
--- a/ldap/servers/plugins/acl/aclplugin.c
+++ b/ldap/servers/plugins/acl/aclplugin.c
@@ -205,6 +205,12 @@ aclplugin_preop_common( Slapi_PBlock *pb )
 
 	aclpb = acl_get_aclpb ( pb, ACLPB_BINDDN_PBLOCK );
 
+	if (aclpb == NULL) {
+		slapi_log_error( SLAPI_LOG_ACL, plugin_name, "aclplugin_preop_common: Error: aclpb is NULL\n" );
+		slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
+		return 1;
+	}
+
         /* See if we have initialized already */
         if ( aclpb->aclpb_state & ACLPB_INITIALIZED ) goto done;
author	Nathan Kinder <nkinder@redhat.com>	2010-09-15 13:31:24 -0700
committer	Nathan Kinder <nkinder@redhat.com>	2010-09-15 13:31:24 -0700
commit	b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c (patch)
tree	c5441d2d834a504e9834e64dcb674ebacad6b4ea
parent	470e2c70338440f69b0ab8fc02128fe5f204af3e (diff)
download	ds-b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c.tar.gz ds-b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c.tar.xz ds-b83f966e5ce1d5a3e70521b15f92b9f6ba988b1c.zip