diff options
| author | Martin Nagy <mnagy@redhat.com> | 2009-07-24 19:54:44 +0200 |
|---|---|---|
| committer | Martin Nagy <mnagy@redhat.com> | 2009-08-04 16:50:53 +0200 |
| commit | 7eff993a45adcd9bed2b9710465ea600adee443a (patch) | |
| tree | 7032b2d2d47e3b7a942e80b13e553f3ec186e40b /src | |
| parent | 2f68fa390a61676a01cd82bc00e4a44867041299 (diff) | |
| download | ldap_driver-7eff993a45adcd9bed2b9710465ea600adee443a.tar.gz ldap_driver-7eff993a45adcd9bed2b9710465ea600adee443a.tar.xz ldap_driver-7eff993a45adcd9bed2b9710465ea600adee443a.zip | |
Fix a crash bug in findnode()
If the create argument was set to ISC_TRUE and nothing was found by
cached_ldap_rdatalist_get(), the rdatalist variable was left
uninitialized. This later caused crash in
ldapdb_rdatalist_findrdatatype(), when trying to access memory that
rdatalist pointed to.
Resolves ticket #18
Diffstat (limited to 'src')
| -rw-r--r-- | src/cache.c | 2 | ||||
| -rw-r--r-- | src/ldap_driver.c | 17 |
2 files changed, 7 insertions, 12 deletions
diff --git a/src/cache.c b/src/cache.c index bd6ba7c..de99ad9 100644 --- a/src/cache.c +++ b/src/cache.c @@ -175,6 +175,8 @@ cached_ldap_rdatalist_get(isc_mem_t *mctx, ldap_cache_t *cache, REQUIRE(cache != NULL); + INIT_LIST(*rdatalist); + if (cache->rbt == NULL) return ldapdb_rdatalist_get(mctx, ldap_inst, name, origin, rdatalist); diff --git a/src/ldap_driver.c b/src/ldap_driver.c index 12b1db3..1839025 100644 --- a/src/ldap_driver.c +++ b/src/ldap_driver.c @@ -98,7 +98,7 @@ ldapdbnode_create(isc_mem_t *mctx, dns_name_t *owner, ldapdbnode_t **nodep) node->magic = LDAPDBNODE_MAGIC; - ISC_LIST_INIT(node->rdatalist); + INIT_LIST(node->rdatalist); *nodep = node; @@ -318,22 +318,15 @@ findnode(dns_db_t *db, dns_name_t *name, isc_boolean_t create, ldapdb->ldap_cache, ldapdb->ldap_inst, name, &ldapdb->common.origin, &rdatalist); - - if (result == ISC_R_NOMEMORY) - return ISC_R_NOMEMORY; - if (create == ISC_FALSE) { - /* No partial matches are allowed in this function */ - if (result == DNS_R_PARTIALMATCH) { - result = ISC_R_NOTFOUND; + if (result != ISC_R_SUCCESS) + goto cleanup; + } else { + if (result != ISC_R_NOTFOUND && result != ISC_R_SUCCESS) goto cleanup; - } else if (result != ISC_R_SUCCESS) { - return result; - } } CHECK(ldapdbnode_create(ldapdb->common.mctx, name, &node)); - memcpy(&node->rdatalist, &rdatalist, sizeof(rdatalist)); *nodep = node; |