diff options
| author | Rich Megginson <rmeggins@redhat.com> | 2006-10-13 17:54:52 +0000 |
|---|---|---|
| committer | Rich Megginson <rmeggins@redhat.com> | 2006-10-13 17:54:52 +0000 |
| commit | e5bace3a74097cf4ae9d3f092da674e2aa30dffe (patch) | |
| tree | b1d27f05501a713bf66dd536d67fe421e647cde4 | |
| parent | 8e359e5067d78adb08f9c9e93291cc2faa5eab43 (diff) | |
| download | ds-e5bace3a74097cf4ae9d3f092da674e2aa30dffe.tar.gz ds-e5bace3a74097cf4ae9d3f092da674e2aa30dffe.tar.xz ds-e5bace3a74097cf4ae9d3f092da674e2aa30dffe.zip | |
Bug(s) fixed: 204623
Bug Description: deleting attributes when changing password causes server crash
Reviewed by: nhosoi (Thanks!)
Fix Description: From Michal: "The function mod2smod does not check for mod->mod_bvalues being NULL and tries
to dereference it (modutil.c:370). This function happens to be called only by
slapi_mods_get_{first,next}_smod(), which are in turn called only by
check_trivial_words() in pw.c; this is why the crash appears only when checking
password syntax."
I added the same check for the mod_values case - even though the
code says this should never be called, better to be safe than sorry.
Platforms tested: RHEL4
| -rw-r--r-- | ldap/servers/slapd/modutil.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ldap/servers/slapd/modutil.c b/ldap/servers/slapd/modutil.c index 47739318..e8b9ebf8 100644 --- a/ldap/servers/slapd/modutil.c +++ b/ldap/servers/slapd/modutil.c @@ -367,7 +367,7 @@ mod2smod (LDAPMod *mod, Slapi_Mod *smod) if (mod->mod_op & LDAP_MOD_BVALUES) { - while (mod->mod_bvalues[smod->num_values]) + while (mod->mod_bvalues && mod->mod_bvalues[smod->num_values]) { smod->num_values ++; } @@ -375,7 +375,7 @@ mod2smod (LDAPMod *mod, Slapi_Mod *smod) else { PR_ASSERT(0); /* ggood shouldn't ever use string values in server */ - while (mod->mod_values[smod->num_values]) + while (mod->mod_values && mod->mod_values[smod->num_values]) { smod->num_values ++; } |