diff options
author | Simo Sorce <ssorce@redhat.com> | 2008-11-19 19:05:34 -0500 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2008-11-20 14:03:19 -0500 |
commit | 00e8af8ac381936113a42d05619d6db9256deb3a (patch) | |
tree | 5fdf823483621c98273077932a4311e8199eaf63 /ipa-server | |
parent | 16bb6e19dfcbbdd2910fbd115790e80aea38ac4c (diff) | |
download | freeipa-00e8af8ac381936113a42d05619d6db9256deb3a.tar.gz freeipa-00e8af8ac381936113a42d05619d6db9256deb3a.tar.xz freeipa-00e8af8ac381936113a42d05619d6db9256deb3a.zip |
We must always zero out the target ientry unconditionally where it is used
and never free it in the destructor.
Diffstat (limited to 'ipa-server')
-rw-r--r-- | ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 20 |
1 files changed, 6 insertions, 14 deletions
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 627deecb..5b62a23a 100644 --- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -3045,10 +3045,6 @@ static void ipapwd_op_ext_destructor(void *ext, void *object, void *parent) if (pwdop->pwd_op != IPAPWD_OP_NULL) { slapi_ch_free_string(&(pwdop->pwdata.dn)); slapi_ch_free_string(&(pwdop->pwdata.password)); - - /* target should never be set, but just in case ... */ - if (pwdop->pwdata.target) - slapi_entry_free(pwdop->pwdata.target); } slapi_ch_free((void **)&pwdop); } @@ -3340,13 +3336,10 @@ static int ipapwd_pre_add(Slapi_PBlock *pb) } } - /* we do not know if the entry pointer will still be valid after the op - * make sure we do not reference it by mistake later on */ - pwdop->pwdata.target = NULL; - rc = LDAP_SUCCESS; done: + if (pwdop) pwdop->pwdata.target = NULL; free_ipapwd_krbcfg(&krbcfg); slapi_ch_free_string(&userpw); if (rc != LDAP_SUCCESS) { @@ -3800,8 +3793,7 @@ static int ipapwd_post_op(Slapi_PBlock *pb) if (!gmtime_r(&(pwdop->pwdata.timeNow), &utctime)) { slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME, "failed to parse current date (buggy gmtime_r ?)\n"); - slapi_mods_free(&smods); - return 0; + goto done; } strftime(timestr, GENERALIZED_TIME_LENGTH+1, "%Y%m%d%H%M%SZ", &utctime); @@ -3812,8 +3804,7 @@ static int ipapwd_post_op(Slapi_PBlock *pb) if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) { slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME, "failed to parse expiration date (buggy gmtime_r ?)\n"); - slapi_mods_free(&smods); - return 0; + goto done; } strftime(timestr, GENERALIZED_TIME_LENGTH+1, "%Y%m%d%H%M%SZ", &utctime); @@ -3832,8 +3823,7 @@ static int ipapwd_post_op(Slapi_PBlock *pb) if (ret != LDAP_SUCCESS) { slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME, "Failed tpo retrieve entry?!?\n"); - slapi_mods_free(&smods); - return 0; + goto done; } } pwvals = ipapwd_setPasswordHistory(smods, &pwdop->pwdata); @@ -3848,6 +3838,8 @@ static int ipapwd_post_op(Slapi_PBlock *pb) slapi_log_error(SLAPI_LOG_PLUGIN, IPAPWD_PLUGIN_NAME, "Failed to set additional password attributes in the post-op!\n"); +done: + if (pwdop && pwdop->pwdata.target) slapi_entry_free(pwdop->pwdata.target); slapi_mods_free(&smods); return 0; } |