From 3f5953b0cd6ad826141c62dd239efc675b351689 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 26 Sep 2012 11:00:16 -0400
Subject: LDAP: Handle empty namingContexts values safely

Certain LDAP servers can return an empty string as the value of
namingContexts. We need to treat these as NULL so that we can fail
gracefully.

https://fedorahosted.org/sssd/ticket/1542
---
 src/providers/ldap/sdap.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src')

diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index 5c4a00557..cdc8b1f18 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -742,6 +742,14 @@ static char *get_naming_context(TALLOC_CTX *mem_ctx,
         }
     }
 
+    /* Some directory servers such as Novell eDirectory will return
+     * a zero-length namingContexts value in some situations. In this
+     * case, we should return it as NULL so things fail gracefully.
+     */
+    if (naming_context[0] == '\0') {
+        talloc_zfree(naming_context);
+    }
+
     return naming_context;
 }
 
-- 
cgit