diff options
| author | Nathan Kinder <nkinder@redhat.com> | 2010-09-14 10:27:43 -0700 |
|---|---|---|
| committer | Nathan Kinder <nkinder@redhat.com> | 2010-09-15 09:11:05 -0700 |
| commit | a250d242395d089e7e8a2b2a3d07394eaa49d4d4 (patch) | |
| tree | 0f19bb4abf2de0e32627b21e87098e3568d43ffe | |
| parent | b35cc7e0ff07244f8e4eb2a0a41435ce83174c39 (diff) | |
| download | ds-a250d242395d089e7e8a2b2a3d07394eaa49d4d4.tar.gz ds-a250d242395d089e7e8a2b2a3d07394eaa49d4d4.tar.xz ds-a250d242395d089e7e8a2b2a3d07394eaa49d4d4.zip | |
Bug 630097 - (cov#15460) NULL deference in ACL URL code
When parsing a URL without a host or port present, we can
dereference a NULL pointer. We need to check if hostport is NULL
before dereferencing it.
| -rw-r--r-- | ldap/servers/plugins/acl/acllas.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c index a41487e3..6271fb1e 100644 --- a/ldap/servers/plugins/acl/acllas.c +++ b/ldap/servers/plugins/acl/acllas.c @@ -3598,7 +3598,7 @@ acllas__client_match_URL (struct acl_pblock *aclpb, char *n_clientdn, char *url normed = slapi_ch_smprintf("%s%s%s%s%s", (prefix_len==LDAP_URL_prefix_len)? LDAP_URL_prefix_core:LDAPS_URL_prefix_core, - hostport, dn, p?"?":"",p?p+1:""); + hostport?hostport:"", dn, p?"?":"",p?p+1:""); if (p) { *p = Q; /* put the Q back in rawdn which will un-null terminate the DN part */ } @@ -3606,7 +3606,7 @@ acllas__client_match_URL (struct acl_pblock *aclpb, char *n_clientdn, char *url /* dn was allocated in slapi_dn_normalize_ext */ slapi_ch_free_string(&dn); } - if ('/' != *hostport) { + if (hostport && ('/' != *hostport)) { slapi_ch_free_string(&hostport); } rc = slapi_ldap_url_parse(normed, &ludp, 1, NULL); |