From db5a650c14186a24fb66b4f83202479abe33e164 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 23 Mar 2011 10:27:00 -0400
Subject: Fix potential crashes in sysdb_attrs_primary_name

Don't crash if we get a multivalued name without an origDN

Coverity 10740 and 10739

Don't crash on error if _name parameter unspecified

Coverity 10738

Check result of talloc_strdup() properly

Coverity 10737
---
 src/db/sysdb.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/db/sysdb.c b/src/db/sysdb.c
index 3cdf1203b..da641ef99 100644
--- a/src/db/sysdb.c
+++ b/src/db/sysdb.c
@@ -196,7 +196,7 @@ errno_t sysdb_get_rdn(struct sysdb_ctx *ctx, void *memctx,
         }
 
         *_name = talloc_strdup(memctx, attr_name);
-        if (!_name) {
+        if (!*_name) {
             ret = ENOMEM;
             goto done;
         }
@@ -205,14 +205,14 @@ errno_t sysdb_get_rdn(struct sysdb_ctx *ctx, void *memctx,
     val = ldb_dn_get_rdn_val(dn);
     if (val == NULL) {
         ret = EINVAL;
-        talloc_free(*_name);
+        if (_name) talloc_free(*_name);
         goto done;
     }
 
     *_val = talloc_strndup(memctx, (char *) val->data, val->length);
     if (!*_val) {
         ret = ENOMEM;
-        talloc_free(*_name);
+        if (_name) talloc_free(*_name);
         goto done;
     }
 
@@ -2081,7 +2081,9 @@ errno_t sysdb_attrs_primary_name(struct sysdb_ctx *sysdb,
         goto done;
     }
     if (orig_dn_el->num_values == 0) {
-        DEBUG(7, ("Original DN is not available.\n"));
+        DEBUG(1, ("Original DN is not available.\n"));
+        ret = EINVAL;
+        goto done;
     } else if (orig_dn_el->num_values == 1) {
         ret = sysdb_get_rdn(sysdb, tmpctx,
                             (const char *) orig_dn_el->values[0].data,
-- 
cgit