RESPONDER: Fix segfault in sss_packet_send()

There are several places (all error-handling) where sss_cmd_done() is called with no response packet created. As a short-term solution, we need to check whether the packet is NULL and simply return EINVAL. client_send() (the consumer) will then forcibly disconnect the client (which will return PAM_SYSTEM_ERR to the client).
author: Stephen Gallagher <sgallagh@redhat.com> 2011-10-25 15:19:02 -0400
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-10-26 10:29:40 -0400
commit: cb47ceb86a3c31b300190da57c0a56983fe56234 (patch)
tree: 51c4281be5e30467d761ceb0cf79886a70f68b0f
parent: 4a2ef67e652a2c9f2d666bca277616e077686760 (diff)
download: sssd-cb47ceb86a3c31b300190da57c0a56983fe56234.tar.gz
sssd-cb47ceb86a3c31b300190da57c0a56983fe56234.tar.xz
sssd-cb47ceb86a3c31b300190da57c0a56983fe56234.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/responder/common/responder_packet.c b/src/responder/common/responder_packet.c
index d308ecd43..5132d955b 100644
--- a/src/responder/common/responder_packet.c
+++ b/src/responder/common/responder_packet.c
@@ -217,6 +217,11 @@ int sss_packet_send(struct sss_packet *packet, int fd)
     size_t len;
     void *buf;
 
+    if (!packet) {
+        /* No packet object to write to? */
+        return EINVAL;
+    }
+
     buf = packet->buffer + packet->iop;
     len = *packet->len - packet->iop;
author	Stephen Gallagher <sgallagh@redhat.com>	2011-10-25 15:19:02 -0400
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-10-26 10:29:40 -0400
commit	cb47ceb86a3c31b300190da57c0a56983fe56234 (patch)
tree	51c4281be5e30467d761ceb0cf79886a70f68b0f
parent	4a2ef67e652a2c9f2d666bca277616e077686760 (diff)
download	sssd-cb47ceb86a3c31b300190da57c0a56983fe56234.tar.gz sssd-cb47ceb86a3c31b300190da57c0a56983fe56234.tar.xz sssd-cb47ceb86a3c31b300190da57c0a56983fe56234.zip