LDAP: Handle empty namingContexts values safely

Certain LDAP servers can return an empty string as the value of namingContexts. We need to treat these as NULL so that we can fail gracefully. https://fedorahosted.org/sssd/ticket/1542
author: Stephen Gallagher <sgallagh@redhat.com> 2012-09-26 11:00:16 -0400
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-01-29 11:14:32 +0100
commit: 4705c770ae6d8817503431fccfad71f6e3ec88a6 (patch)
tree: 9466d195b3c5d71fdeddf21747988a266f15c724
parent: 366b137dd99abd30702682ae0792dc21a2551983 (diff)
download: sssd-4705c770ae6d8817503431fccfad71f6e3ec88a6.tar.gz
sssd-4705c770ae6d8817503431fccfad71f6e3ec88a6.tar.xz
sssd-4705c770ae6d8817503431fccfad71f6e3ec88a6.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index 9e052eef5..be80e51c3 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -705,6 +705,14 @@ static char *get_naming_context(TALLOC_CTX *mem_ctx,
         }
     }
 
+    /* Some directory servers such as Novell eDirectory will return
+     * a zero-length namingContexts value in some situations. In this
+     * case, we should return it as NULL so things fail gracefully.
+     */
+    if (naming_context[0] == '\0') {
+        talloc_zfree(naming_context);
+    }
+
     return naming_context;
 }
author	Stephen Gallagher <sgallagh@redhat.com>	2012-09-26 11:00:16 -0400
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-01-29 11:14:32 +0100
commit	4705c770ae6d8817503431fccfad71f6e3ec88a6 (patch)
tree	9466d195b3c5d71fdeddf21747988a266f15c724
parent	366b137dd99abd30702682ae0792dc21a2551983 (diff)
download	sssd-4705c770ae6d8817503431fccfad71f6e3ec88a6.tar.gz sssd-4705c770ae6d8817503431fccfad71f6e3ec88a6.tar.xz sssd-4705c770ae6d8817503431fccfad71f6e3ec88a6.zip