LDAP: do not invalidate pointer with realloc while processing ghost users1.9.2-89

https://fedorahosted.org/sssd/ticket/1799

One peculiarity of the sysdb_attrs_get_el interface is that if the
attribute does not exist, then the attrs array is reallocated and the
element is created. But in case other pointers are already pointing
into the array, the realloc might invalidate them.

Such case was in the sdap_process_ghost_members function where if
the group had no members, the "gh" pointer requested earlier might have
been invalidated by the realloc in order to create the member element.

1 files changed, 13 insertions, 3 deletions

diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index b82c157e5..e4dc4dfb2 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -315,10 +315,20 @@ sdap_process_ghost_members(struct sysdb_attrs *attrs,
         return ret;
     }
 
-    ret = sysdb_attrs_get_el(attrs,
+    ret = sysdb_attrs_get_el_ext(attrs,
                              opts->group_map[SDAP_AT_GROUP_MEMBER].sys_name,
-                             &memberel);
-    if (ret != EOK) {
+                             false, &memberel);
+    if (ret == ENOENT) {
+        /* Create a dummy element with no values in order for the loop to just
+         * fall through and make sure the attrs array is not reallocated.
+         */
+        memberel = talloc(attrs, struct ldb_message_element);
+        if (memberel == NULL) {
+            return ENOMEM;
+        }
+        memberel->num_values = 0;
+        memberel->values = NULL;
+    } else if (ret != EOK) {
         DEBUG(SSSDBG_MINOR_FAILURE,
                 ("Error reading members: [%s]\n", strerror(ret)));
         return ret;