diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2012-11-15 07:33:30 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-11-19 14:24:03 +0100 |
commit | a00c1d4e9e34526c25a43bf7c900a1742d4ac17d (patch) | |
tree | 507eb882314208d642dfb7ee53e73a857047020a | |
parent | 2e203229c43147f4999bfbdbbe50e875e3e01f00 (diff) | |
download | sssd-a00c1d4e9e34526c25a43bf7c900a1742d4ac17d.tar.gz sssd-a00c1d4e9e34526c25a43bf7c900a1742d4ac17d.tar.xz sssd-a00c1d4e9e34526c25a43bf7c900a1742d4ac17d.zip |
LDAP: Fix saving empty groups
https://fedorahosted.org/sssd/ticket/1647
A logic bug in the LDAP provider causes an attempt to allocate a zero-length
array for group members while processing an empty group. The allocation
would return NULL and saving the empty group would fail.
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index b461973bc..7cdf2fa0b 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -433,9 +433,11 @@ static int sdap_save_group(TALLOC_CTX *memctx, el->values = gh->values; el->num_values = gh->num_values; + cnt = el->num_values + el1->num_values; + DEBUG(SSSDBG_TRACE_FUNC, ("Group %s has %d members\n", name, cnt)); + /* Now process RFC2307bis ghost hash table */ - if (ghosts != NULL) { - cnt = el->num_values + el1->num_values; + if (ghosts && cnt > 0) { el->values = talloc_realloc(attrs, el->values, struct ldb_val, cnt); if (el->values == NULL) { |