diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-04-13 10:15:50 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2009-04-13 10:17:58 -0400 |
| commit | d497830d687951be2d49df1a9fa3cce57268670f (patch) | |
| tree | 0645ce49fce5f896e3a81009eb2354aa9bc555d1 /server/responder/nss | |
| parent | 943df8483b9f8a43df72121883ca67f17571d214 (diff) | |
| download | sssd-d497830d687951be2d49df1a9fa3cce57268670f.tar.gz sssd-d497830d687951be2d49df1a9fa3cce57268670f.tar.xz sssd-d497830d687951be2d49df1a9fa3cce57268670f.zip | |
Fix segfaults when passing an unknown domain
Also setting dctx->domain to NULL is a recipe for segfaults :-)
Assign dctx->domain only when dom actually holds a domain pointer.
Diffstat (limited to 'server/responder/nss')
| -rw-r--r-- | server/responder/nss/nsssrv_cmd.c | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/server/responder/nss/nsssrv_cmd.c b/server/responder/nss/nsssrv_cmd.c index 353142158..f5555ed90 100644 --- a/server/responder/nss/nsssrv_cmd.c +++ b/server/responder/nss/nsssrv_cmd.c @@ -88,6 +88,8 @@ static struct sss_domain_info *nss_get_dom(struct sss_domain_info *doms, for (dom = doms; dom; dom = dom->next) { if (strcasecmp(dom->name, domain) == 0) break; } + if (!dom) DEBUG(2, ("Unknown domain [%s]!\n", domain)); + return dom; } @@ -340,8 +342,6 @@ static void nss_cmd_getpwnam_callback(void *ptr, int status, /* reset neghit if we still have a domain to check */ if (dom) neghit = false; - dctx->domain = dom; - if (neghit) { DEBUG(2, ("User [%s] does not exist! (negative cache)\n", cmdctx->name)); @@ -354,6 +354,7 @@ static void nss_cmd_getpwnam_callback(void *ptr, int status, } if (ret == EOK) { + dctx->domain = dom; dctx->check_provider = (dctx->domain->provider != NULL); if (dctx->res) talloc_free(res); dctx->res = NULL; @@ -519,6 +520,10 @@ static int nss_cmd_getpwnam(struct cli_ctx *cctx) if (domname) { dctx->domain = nss_get_dom(cctx->rctx->domains, domname); + if (!dctx->domain) { + ret = ENOENT; + goto done; + } /* verify this user has not yet been negatively cached, * or has been permanently filtered */ @@ -1713,9 +1718,7 @@ static void nss_cmd_getgrnam_callback(void *ptr, int status, /* reset neghit if we still have a domain to check */ if (dom) neghit = false; - dctx->domain = dom; - - if (neghit) { + if (neghit) { DEBUG(2, ("Group [%s] does not exist! (negative cache)\n", cmdctx->name)); ret = ENOENT; @@ -1727,6 +1730,7 @@ static void nss_cmd_getgrnam_callback(void *ptr, int status, } if (ret == EOK) { + dctx->domain = dom; dctx->check_provider = (dctx->domain->provider != NULL); if (dctx->res) talloc_free(res); dctx->res = NULL; @@ -1887,6 +1891,10 @@ static int nss_cmd_getgrnam(struct cli_ctx *cctx) if (domname) { dctx->domain = nss_get_dom(cctx->rctx->domains, domname); + if (!dctx->domain) { + ret = ENOENT; + goto done; + } /* verify this user has not yet been negatively cached, * or has been permanently filtered */ @@ -2880,20 +2888,19 @@ static void nss_cmd_getinit_callback(void *ptr, int status, /* reset neghit if we still have a domain to check */ if (dom) neghit = false; - dctx->domain = dom; - - if (neghit) { + if (neghit) { DEBUG(2, ("User [%s] does not exist! (negative cache)\n", cmdctx->name)); ret = ENOENT; } - if (dctx->domain == NULL) { + if (dom == NULL) { DEBUG(2, ("No matching domain found for [%s], fail!\n", cmdctx->name)); ret = ENOENT; } if (ret == EOK) { + dctx->domain = dom; dctx->check_provider = (dctx->domain->provider != NULL); if (dctx->res) talloc_free(res); dctx->res = NULL; @@ -3020,6 +3027,10 @@ static int nss_cmd_initgroups(struct cli_ctx *cctx) if (domname) { dctx->domain = nss_get_dom(cctx->rctx->domains, domname); + if (!dctx->domain) { + ret = ENOENT; + goto done; + } /* verify this user has not yet been negatively cached, * or has been permanently filtered */ |